nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Côme Chilliet	eccc727f4e	fix: Remove more unused deprecated getters from IServerContainer Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-05-16 10:48:05 +07:00
Ferdinand Thiessen	74bded74a3	refactor: migrate from OC to OCP in public interfaces Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-05-15 16:17:47 +07:00
dependabot[bot]	bb598c8451	chore(deps): Bump nextcloud/coding-standard in /vendor-bin/cs-fixer Bumps [nextcloud/coding-standard](https://github.com/nextcloud/coding-standard) from 1.3.1 to 1.3.2. - [Release notes](https://github.com/nextcloud/coding-standard/releases) - [Changelog](https://github.com/nextcloud/coding-standard/blob/master/CHANGELOG.md) - [Commits](https://github.com/nextcloud/coding-standard/compare/v1.3.1...v1.3.2) --- updated-dependencies: - dependency-name: nextcloud/coding-standard dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: provokateurin <kate@provokateurin.de>	2024-10-19 07:57:35 +07:00
Daniel Kesselberg	af6de04e9e	style: update codestyle for coding-standard 1.2.3 Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2024-08-25 19:34:58 +07:00
Ferdinand Thiessen	127cacdd19	feat(Security): Allow setting password context for validation and generation Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de> Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com> Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-08-22 19:16:50 +07:00
Benjamin Gaussorgues	f1d97a3188	feat(Security): add Factory for IP addresses and ranges Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2024-07-19 16:28:03 +07:00
Joas Schilling	047479ccf9	feat(security): Add public API to allow validating IP Ranges and checking for "in range" Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2024-07-19 16:28:03 +07:00
Christopher Ng	d9bf6c432e	feat: Add method to validate an IHasher hash Signed-off-by: Christopher Ng <chrng8@gmail.com>	2024-07-04 17:05:45 +07:00
John Molakvoæ	928f22052f	chore: remove unnecessary php import during refactor Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>	2024-05-30 18:36:23 +07:00
John Molakvoæ	258bb03cf5	Merge branch 'master' into refactor/OC-Server-getSecureRandom Signed-off-by: John Molakvoæ <skjnldsv@users.noreply.github.com>	2024-05-30 14:24:22 +07:00
Andy Scherzinger	dae7c159f7	chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	2024-05-24 13:11:22 +07:00
Andrew Summers	f9ce6bfdff	Refactor `OC\Server::getHasher` Signed-off-by: Andrew Summers <18727110+summersab@users.noreply.github.com>	2024-03-15 13:04:27 +07:00
Joas Schilling	42be7a5d74	fix(OCP): Add since tag for all constants Signed-off-by: Joas Schilling <coding@schilljs.com>	2024-02-14 20:50:08 +07:00
Joas Schilling	aa5f037af7	chore: apply changes from Nextcloud coding standards 1.1.1 Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2023-11-23 10:36:13 +07:00
Christoph Wurst	e477bb7eaf	feat(appframework): Expose programmatic rate limiter Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2023-09-20 20:25:27 +07:00
Andrew Summers	1395a53602	Refactor `OC\Server::getSecureRandom` Signed-off-by: Andrew Summers <18727110+summersab@users.noreply.github.com>	2023-08-29 21:32:40 +07:00
Joas Schilling	124588d4a6	fix: Make bypass function public API Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-08-21 16:40:24 +07:00
Joas Schilling	a95800c647	feat(security): Add a bruteforce protection backend base on memcache Similar to the ratelimit backend Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-08-21 16:36:03 +07:00
Côme Chilliet	f5c361cf44	composer run cs:fix Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2023-01-20 11:45:08 +07:00
Christoph Wurst	8aea25b5b9	Add remote host validation API Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2022-10-31 16:13:28 +07:00
Joas Schilling	c0f47af2d0	Add a public interface for the bruteforce throttler and register for injection Signed-off-by: Joas Schilling <coding@schilljs.com>	2022-07-28 10:57:10 +07:00
Joas Schilling	c42f5bc5f6	Add an OCP for trusted domain helper Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-10-28 10:24:16 +07:00
Arthur Schiwon	0dee717c94	Confirm mails only per POST - this is to avoid automatic confirmation by certain softwares that open links Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-09-09 19:23:04 +07:00
Arthur Schiwon	a20de15b43	add a job to clean up expired verification tokens Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-09-09 14:03:35 +07:00
Arthur Schiwon	19cc757531	move verification token logic out of lost password controller - to make it reusable - needed for local email verification Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2021-09-09 14:03:29 +07:00
J0WI	3b656446af	Introduce ISecureRandom::CHAR_ALPHANUMERIC Signed-off-by: J0WI <J0WI@users.noreply.github.com>	2021-07-08 15:11:31 +07:00
John Molakvoæ (skjnldsv)	215aef3cbd	Update php licenses Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	2021-06-04 22:02:41 +07:00
J0WI	ca7b37ce5a	Make Security module strict Signed-off-by: J0WI <J0WI@users.noreply.github.com>	2021-04-19 17:31:12 +07:00
Roeland Jago Douma	b5e9f7e846	Merge pull request #22432 from nextcloud/enh/phpdoc Add php docs build script	2020-08-26 21:18:11 +07:00
Julius Härtl	45a474071e	Remove @package annotations from public namespace Signed-off-by: Julius Härtl <jus@bitgrid.net>	2020-08-26 16:59:40 +07:00
Christoph Wurst	2a054e6c04	Update the license headers for Nextcloud 20 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-08-24 14:54:25 +07:00
Joas Schilling	35a8519591	Fix CS Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-08-19 11:20:36 +07:00
Joas Schilling	e66bc4a8a7	Send "429 Too Many Requests" in case of brute force protection Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-08-19 11:20:35 +07:00
Morris Jobke	782a2df392	Add PHP doc for events Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2020-08-10 14:24:24 +07:00
Christoph Wurst	cb057829f7	Update license headers for 19 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-29 11:57:22 +07:00
Arthur Schiwon	5437844b7e	fix credentialsManager documentation and ensure userId to be used as string Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2020-04-15 19:34:23 +07:00
Christoph Wurst	28f8eb5dba	Add visibility to all constants Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 16:54:27 +07:00
Christoph Wurst	caff1023ea	Format control structures, classes, methods and function To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 14:19:56 +07:00
Christoph Wurst	a8a06a82d2	Remove trailing whitespaces from comments Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 16:09:23 +07:00
Christoph Wurst	41b5e5923a	Use exactly one empty line after the namespace declaration For PSR2 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 11:48:10 +07:00
Christoph Wurst	5bf3d1bb38	Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2019-12-05 15:38:45 +07:00
Christoph Wurst	1a886b1472	Add typed events for password_policy Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2019-11-27 09:56:12 +07:00
Christoph Wurst	a1ef939c06	Use Symfony's new contract Event class instead of the deprecated one Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2019-09-12 14:44:55 +07:00
Roeland Jago Douma	b8c5008acf	Add feature policy header This adds the events and the classes to modify the feature policy. It also adds a default restricted feature policy. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-08-10 14:26:22 +07:00
Roeland Jago Douma	5ac857bcdc	Add an event to edit the CSP This introduces and event that can be listend to when we actually use the CSP. This means that apps no longer have to always inject their CSP but only do so when it is required. Yay for being lazy. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-07-08 20:35:15 +07:00
Roeland Jago Douma	767679ccf4	Remove deprecatred StringUtils class Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-05-28 22:20:23 +07:00
Morris Jobke	798b267d49	Do not use spaces in generated passwords Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2019-04-15 16:29:52 +07:00
Roeland Jago Douma	372f3d2a60	Remove deprecated functions from SecureRandom Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-12-07 19:33:32 +07:00
Roeland Jago Douma	be5c050acc	Throw exception if decryption fails For #11868 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-11-14 12:47:35 +07:00
Roeland Jago Douma	0e0db37658	Make OCP\Security stricter * Add typehints * Add return types * Opcode opts from phpstorm * Made strict * Fixed tests: No need to test bogus values anymore strict typing fixes this Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-01-16 22:01:19 +07:00

1 2

59 Commits (d50828aa92bfe4d93d507f50fb42be342497aace)