sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
79,407 Commits
608 Branches
1167 Tags
8.7 GiB
Commit Graph

321 Commits (b42d26b42f5ef5a4fe05af719f1183c20cb43414)

Author SHA1 Message Date
Louis Chemineau 2f71b7e197
fix(login): Support subfolder install for ephemeral sessions 
Signed-off-by: Louis Chemineau <louis@chmn.me>
 2025-03-03 11:00:29 +07:00
Louis Chemineau e840ee72b2 feat: Close sessions created for login flow v2 
Sessions created during the login flow v2 should be short lived to not leave an unexpected opened session in the browser.

This commit add a property to the session object to track its origin, and will close it as soon as possible, i.e., on the first non public page request.

Signed-off-by: Louis Chemineau <louis@chmn.me>
 2025-02-27 07:59:49 +07:00
Daniel Calviño Sánchez 5ea5b2de84
fix: Handle exception when clearing previously removed two factor tokens 
If a token was already removed from the database but not from the
configuration clearing the tokens will try to remove it again from the
database, which caused a DoesNotExistException to be thrown.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
 2024-11-05 11:14:05 +07:00
Daniel Calviño Sánchez 381a2aa627
fix: Clear pending two factor tokens also from configuration 
Otherwise as the tokens were removed from the database but not from the
configuration the next time that the tokens were cleared the previous
tokens were still got from the configuration, and trying to remove them
again from the database ended in a DoesNotExistException being thrown.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
 2024-11-05 11:14:04 +07:00
yemkareems 34b07ace95
fix: crypto made inline for constructor and decrypt error handled in exception 
Signed-off-by: yemkareems <yemkareems@gmail.com>
 2024-10-28 16:43:24 +07:00
yemkareems 3fd16de636
fix: crypto made inline for constructor and decrypt error handled in exception 
Signed-off-by: yemkareems <yemkareems@gmail.com>
 2024-10-28 16:32:57 +07:00
yemkareems 79b1122749
fix: use Icrypto in place of Cypto 
Signed-off-by: yemkareems <yemkareems@gmail.com>
 2024-10-28 15:49:05 +07:00
yemkareems a74ef8237d
fix: crypto type made not nullable and tests run using ICrypto 
Signed-off-by: yemkareems <yemkareems@gmail.com>
 2024-10-28 15:04:11 +07:00
yemkareems 505dfd65fd
fix: encrypt and store password, decrypt and retrieve the same 
Signed-off-by: yemkareems <yemkareems@gmail.com>
 2024-10-28 11:22:36 +07:00
Ferdinand Thiessen 2ef74b9860
Merge pull request #47329 from nextcloud/feat/add-datetime-qbmapper-support 
feat(AppFramework): Add full support for date / time / datetime columns
 2024-10-18 19:05:08 +07:00
Git'Fellow a1681b0756 chore(db): Apply query prepared statements 
Fix: psalm

fix: bad file

fix: bug

chore: add batch

chore: add batch

chore: add batch

fix: psalm
 2024-10-17 20:30:47 +07:00
Ferdinand Thiessen 0e54c2bd43
fix: Adjust Entity types 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-10-17 18:31:44 +07:00
Git'Fellow c254855222 chore(db): Correctly apply query types 
fix: psalm

fix: error

fix: add batch

fix: fatal error

fix: add batch

chore: add batch

chore: add batch

fix: psalm

fix: typo

fix: psalm

fix: return bool

fix: revert Manager
 2024-10-17 09:21:07 +07:00
Ferdinand Thiessen 16833aff86
fix: Make user removal more resilient 
Currently there is a problem if an exception is thrown in `User::delete`,
because at that point the user is already removed from the backend,
but not all data is deleted.

There is no way to recover from this state, as the user is gone no information is available anymore.
This means the data is still available on the server but can not removed by any API anymore.

The solution here is to first set a flag and backup the user home,
this can be used to recover failed user deletions in a way the delete can be re-tried.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-09-26 20:48:37 +07:00
Ferdinand Thiessen a8f46af20f
chore: Add proper deprecation dates where missing 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-09-20 00:46:03 +07:00
provokateurin 9836e9b164
chore(deps): Update nextcloud/coding-standard to v1.3.1 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-09-19 14:21:20 +07:00
Côme Chilliet 7ed583cb8e
chore: Migrate cleanAppId and getAppPath calls to IAppManager from OC_App 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-09-13 10:08:43 +07:00
Daniel Kesselberg af6de04e9e
style: update codestyle for coding-standard 1.2.3 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2024-08-25 19:34:58 +07:00
S1m 9189bc290b
feat(webauthn): Add user verification to webauthn challenges 
Require user verification if all tokens are registered
with UV flag, else discourage it

Signed-off-by: S1m <git@sgougeon.fr>
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2024-08-15 11:03:10 +07:00
Christoph Wurst 5100e3152d
feat(auth): Clean-up unused auth tokens and wipe tokens 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-08-13 12:39:11 +07:00
Arthur Schiwon 99182aac37
fix(Token): take over scope in token refresh with login by cookie 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-07-19 15:53:46 +07:00
Arthur Schiwon 6a783d9b08
fix(Session): avoid race conditions on clustered setups 
- re-stablishes old behaviour with cache to return null instead of throwing
  an InvalidTokenException when the token is cached as non-existing
- token invalidation and re-generation are bundled in a DB transaction now

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-07-10 13:28:33 +07:00
Joas Schilling 8130968a35
feat(notifications): Migrate server INotifiers to new exceptions 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-06-25 11:56:24 +07:00
Arthur Schiwon f6d6efef3a
refactor(Token): introduce scope constants 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-06-05 19:01:14 +07:00
Arthur Schiwon 340939e688
fix(Session): avoid password confirmation on SSO 
SSO backends like SAML and OIDC tried a trick to suppress password
confirmations as they are not possible by design. At least for SAML it was
not reliable when existing user backends where used as user repositories.

Now we are setting a special scope with the token, and also make sure that
the scope is taken over when tokens are regenerated.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-06-05 19:01:13 +07:00
Daniel fca38e12c8
Merge pull request #45411 from nextcloud/fix/auth/selective-token-activity-update 
fix(auth): Update authtoken activity selectively
 2024-05-29 12:05:45 +07:00
Andy Scherzinger dae7c159f7
chore: Add SPDX header 
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
 2024-05-24 13:11:22 +07:00
Christoph Wurst bcc02a3c71
fix(auth): Update authtoken activity selectively 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-05-21 07:55:01 +07:00
Christoph Wurst fe7217d2d3
Merge pull request #45026 from nextcloud/fix/token-update 
Avoid updating the same oc_authtoken row twice
 2024-05-16 12:00:32 +07:00
Julius Härtl 04780ae30a fix: Always set last activity if we update the row of an authtoken anyways 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-04-29 15:20:17 +07:00
Joas Schilling bc4a102f52
fix(session): Avoid race condition for cache::get() vs. cache::hasKey() 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-04-29 12:45:44 +07:00
Ferdinand Thiessen e8452d9ef1
fix(deps): Bump web-auth/webauthn-lib from 3.3.9 to 4.8.5 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-04-16 11:48:13 +07:00
Côme Chilliet ab6afe0111 fix: Fix new psalm errors from update 
Not sure about the SimpleContainer modification, let’s see what CI says
 about that.

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-04-08 11:29:09 +07:00
Côme Chilliet ec5133b739 fix: Apply new coding standard to all files 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-04-02 14:16:21 +07:00
Benjamin Gaussorgues d1189f923c
feat(perf): add cache for authtoken lookup 
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2024-02-28 15:04:04 +07:00
Vincent Petry 839ddaa354
feat: rename users to account or person 
Replace translated text in most locations

Signed-off-by: Vincent Petry <vincent@nextcloud.com>
 2024-02-13 21:06:30 +07:00
Côme Chilliet 8bcc2d352e chore: Fix missing template parameter for IEventListener 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-30 10:57:15 +07:00
Côme Chilliet a526a382bf
Import OCP IToken as OCPIToken to avoid a name clash in lib/private 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 15:45:14 +07:00
Côme Chilliet 37a6e15f87 Use OCP version of IToken in AppPasswordCreatedEvent 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 14:02:15 +07:00
Côme Chilliet 8fc39aeb1c Use IToken from OCP instead of OC 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 14:02:15 +07:00
Côme Chilliet 95ea6188dc Suppress or fix psalm errors related to InvalidTokenException 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 14:02:15 +07:00
Côme Chilliet eee9f1eec4 Always catch OCP versions of authentication exceptions 
And always throw OC versions for BC

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 14:02:15 +07:00
Alexander Piskun 26d343d33a
AppAPI: allowed to bypass Two-Factor 
Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
 2023-12-28 20:59:02 +07:00
Joas Schilling aa5f037af7
chore: apply changes from Nextcloud coding standards 1.1.1 
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-23 10:36:13 +07:00
Christoph Wurst a5422a3998
fix: Show error message when CSRF check fails at login 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-11-08 15:18:34 +07:00
Côme Chilliet d8b42c6131
Allow passing null to PublicKeyToken::setScope, fixes tests 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-10-23 15:52:07 +07:00
Côme Chilliet 33a24134a7
Improve docblock annotations for tokens and their exceptions 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-10-23 15:20:04 +07:00
Côme Chilliet 58a57a714e
Use more precise typing for setScope method parameter 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-10-23 15:19:38 +07:00
Côme Chilliet 1bdf952fde
Make sure that OC interfaces returns OC interfaces for backward compatibility 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-10-23 11:08:23 +07:00
Côme Chilliet b82e25ea7a
Move Exceptions used in OCP to OCP 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-10-23 10:26:25 +07:00