nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Ferdinand Thiessen	2ef74b9860	Merge pull request #47329 from nextcloud/feat/add-datetime-qbmapper-support feat(AppFramework): Add full support for date / time / datetime columns	2024-10-18 19:05:08 +07:00
Git'Fellow	a1681b0756	chore(db): Apply query prepared statements Fix: psalm fix: bad file fix: bug chore: add batch chore: add batch chore: add batch fix: psalm	2024-10-17 20:30:47 +07:00
Ferdinand Thiessen	0e54c2bd43	fix: Adjust Entity types Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-10-17 18:31:44 +07:00
Git'Fellow	c254855222	chore(db): Correctly apply query types fix: psalm fix: error fix: add batch fix: fatal error fix: add batch chore: add batch chore: add batch fix: psalm fix: typo fix: psalm fix: return bool fix: revert Manager	2024-10-17 09:21:07 +07:00
Ferdinand Thiessen	16833aff86	fix: Make user removal more resilient Currently there is a problem if an exception is thrown in `User::delete`, because at that point the user is already removed from the backend, but not all data is deleted. There is no way to recover from this state, as the user is gone no information is available anymore. This means the data is still available on the server but can not removed by any API anymore. The solution here is to first set a flag and backup the user home, this can be used to recover failed user deletions in a way the delete can be re-tried. Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-09-26 20:48:37 +07:00
Ferdinand Thiessen	a8f46af20f	chore: Add proper deprecation dates where missing Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-09-20 00:46:03 +07:00
provokateurin	9836e9b164	chore(deps): Update nextcloud/coding-standard to v1.3.1 Signed-off-by: provokateurin <kate@provokateurin.de>	2024-09-19 14:21:20 +07:00
Côme Chilliet	7ed583cb8e	chore: Migrate cleanAppId and getAppPath calls to IAppManager from OC_App Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-09-13 10:08:43 +07:00
Daniel Kesselberg	af6de04e9e	style: update codestyle for coding-standard 1.2.3 Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2024-08-25 19:34:58 +07:00
S1m	9189bc290b	feat(webauthn): Add user verification to webauthn challenges Require user verification if all tokens are registered with UV flag, else discourage it Signed-off-by: S1m <git@sgougeon.fr> Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>	2024-08-15 11:03:10 +07:00
Christoph Wurst	5100e3152d	feat(auth): Clean-up unused auth tokens and wipe tokens Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-08-13 12:39:11 +07:00
Arthur Schiwon	99182aac37	fix(Token): take over scope in token refresh with login by cookie Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2024-07-19 15:53:46 +07:00
Arthur Schiwon	6a783d9b08	fix(Session): avoid race conditions on clustered setups - re-stablishes old behaviour with cache to return null instead of throwing an InvalidTokenException when the token is cached as non-existing - token invalidation and re-generation are bundled in a DB transaction now Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2024-07-10 13:28:33 +07:00
Joas Schilling	8130968a35	feat(notifications): Migrate server INotifiers to new exceptions Signed-off-by: Joas Schilling <coding@schilljs.com>	2024-06-25 11:56:24 +07:00
Arthur Schiwon	f6d6efef3a	refactor(Token): introduce scope constants Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2024-06-05 19:01:14 +07:00
Arthur Schiwon	340939e688	fix(Session): avoid password confirmation on SSO SSO backends like SAML and OIDC tried a trick to suppress password confirmations as they are not possible by design. At least for SAML it was not reliable when existing user backends where used as user repositories. Now we are setting a special scope with the token, and also make sure that the scope is taken over when tokens are regenerated. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2024-06-05 19:01:13 +07:00
Daniel	fca38e12c8	Merge pull request #45411 from nextcloud/fix/auth/selective-token-activity-update fix(auth): Update authtoken activity selectively	2024-05-29 12:05:45 +07:00
Andy Scherzinger	dae7c159f7	chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	2024-05-24 13:11:22 +07:00
Christoph Wurst	bcc02a3c71	fix(auth): Update authtoken activity selectively Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2024-05-21 07:55:01 +07:00
Christoph Wurst	fe7217d2d3	Merge pull request #45026 from nextcloud/fix/token-update Avoid updating the same oc_authtoken row twice	2024-05-16 12:00:32 +07:00
Julius Härtl	04780ae30a	fix: Always set last activity if we update the row of an authtoken anyways Signed-off-by: Julius Härtl <jus@bitgrid.net>	2024-04-29 15:20:17 +07:00
Joas Schilling	bc4a102f52	fix(session): Avoid race condition for cache::get() vs. cache::hasKey() Signed-off-by: Joas Schilling <coding@schilljs.com>	2024-04-29 12:45:44 +07:00
Ferdinand Thiessen	e8452d9ef1	fix(deps): Bump web-auth/webauthn-lib from 3.3.9 to 4.8.5 Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-04-16 11:48:13 +07:00
Côme Chilliet	ab6afe0111	fix: Fix new psalm errors from update Not sure about the SimpleContainer modification, let’s see what CI says about that. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-04-08 11:29:09 +07:00
Côme Chilliet	ec5133b739	fix: Apply new coding standard to all files Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-04-02 14:16:21 +07:00
Benjamin Gaussorgues	d1189f923c	feat(perf): add cache for authtoken lookup Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2024-02-28 15:04:04 +07:00
Vincent Petry	839ddaa354	feat: rename users to account or person Replace translated text in most locations Signed-off-by: Vincent Petry <vincent@nextcloud.com>	2024-02-13 21:06:30 +07:00
Côme Chilliet	8bcc2d352e	chore: Fix missing template parameter for IEventListener Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-01-30 10:57:15 +07:00
Côme Chilliet	a526a382bf	Import OCP IToken as OCPIToken to avoid a name clash in lib/private Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-01-11 15:45:14 +07:00
Côme Chilliet	37a6e15f87	Use OCP version of IToken in AppPasswordCreatedEvent Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-01-11 14:02:15 +07:00
Côme Chilliet	8fc39aeb1c	Use IToken from OCP instead of OC Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-01-11 14:02:15 +07:00
Côme Chilliet	95ea6188dc	Suppress or fix psalm errors related to InvalidTokenException Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-01-11 14:02:15 +07:00
Côme Chilliet	eee9f1eec4	Always catch OCP versions of authentication exceptions And always throw OC versions for BC Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-01-11 14:02:15 +07:00
Alexander Piskun	26d343d33a	AppAPI: allowed to bypass Two-Factor Signed-off-by: Alexander Piskun <bigcat88@icloud.com>	2023-12-28 20:59:02 +07:00
Joas Schilling	aa5f037af7	chore: apply changes from Nextcloud coding standards 1.1.1 Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2023-11-23 10:36:13 +07:00
Christoph Wurst	a5422a3998	fix: Show error message when CSRF check fails at login Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2023-11-08 15:18:34 +07:00
Côme Chilliet	d8b42c6131	Allow passing null to PublicKeyToken::setScope, fixes tests Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-10-23 15:52:07 +07:00
Côme Chilliet	33a24134a7	Improve docblock annotations for tokens and their exceptions Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-10-23 15:20:04 +07:00
Côme Chilliet	58a57a714e	Use more precise typing for setScope method parameter Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-10-23 15:19:38 +07:00
Côme Chilliet	1bdf952fde	Make sure that OC interfaces returns OC interfaces for backward compatibility Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-10-23 11:08:23 +07:00
Côme Chilliet	b82e25ea7a	Move Exceptions used in OCP to OCP Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-10-23 10:26:25 +07:00
Côme Chilliet	356f0291a2	Align PublicKeyToken with interface changes Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-10-23 09:41:32 +07:00
Côme Chilliet	f94fb33062	Move IToken and IProvider::getToken to OCP Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-10-20 17:51:33 +07:00
Benjamin Gaussorgues	4361019f2f	fix(twofactor): avoid error in pgsql for duplicate entry Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2023-10-06 11:23:23 +07:00
Lucas Azevedo	2a36acfc2b	Fix typo Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>	2023-08-25 11:20:34 +07:00
Lucas Azevedo	c93b1634d3	Fixes from static analysis Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com> Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>	2023-08-25 10:41:46 +07:00
Lucas Azevedo	fe9b9c1955	Add last-used-before option Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>	2023-08-25 02:07:57 +07:00
Daniel Kesselberg	32303b6ed5	docs: remove superfluous phpdocs Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2023-08-10 15:01:56 +07:00
Joas Schilling	dac31ad101	fix!: Remove legacy event dispatching Symfony's GenericEvent from 2FA Manager Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-07-27 09:57:52 +07:00
Christoph Wurst	14719110b9	chore: Replace \OC::$server->query with \OCP\Server::get in /lib Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2023-07-06 15:21:22 +07:00

1 2 3 4 5 ...

312 Commits (b0197c5dfcb0dac94de43bfbfa89a2889fc1e30b)