nextcloud-server

Commit Graph

Author	SHA1	Message	Date
provokateurin	085d4c9364	refactor(OpenAPI): Adjust scopes to match previous behavior Signed-off-by: provokateurin <kate@provokateurin.de>	2025-01-06 14:30:40 +07:00
provokateurin	9836e9b164	chore(deps): Update nextcloud/coding-standard to v1.3.1 Signed-off-by: provokateurin <kate@provokateurin.de>	2024-09-19 14:21:20 +07:00
Julien Veyssier	034917b790	fix(oauth2): store hashed secret instead of encrypted Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2024-09-02 14:38:39 +07:00
provokateurin	d8adbce1be	refactor(oauth2): Replace security annotations with respective attributes Signed-off-by: provokateurin <kate@provokateurin.de>	2024-07-29 16:45:54 +07:00
Andy Scherzinger	cc1686dba9	chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	2024-05-31 10:38:47 +07:00
Côme Chilliet	eee9f1eec4	Always catch OCP versions of authentication exceptions And always throw OC versions for BC Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-01-11 14:02:15 +07:00
Julien Veyssier	d56950a6c9	adjust phpdoc types in OauthApiController Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:03 +07:00
Julien Veyssier	c6da99474e	rename oauth2_access_token's created_at to code_created_at Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +07:00
Julien Veyssier	779e1d51ac	delete oauth access token when receiving a code that has expired Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +07:00
Julien Veyssier	1ab45bad5d	refuse oauth authorization code if a token has already been delivered (active token) Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +07:00
Julien Veyssier	7bba410997	cleanup access tokens that are still in authorization state and that have expired Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +07:00
Julien Veyssier	2995b0948f	add tests for oauth2 authorization code expiration Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +07:00
Julien Veyssier	807f173dec	make oauth2 authorization code expire after 10 minutes Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +07:00
Joas Schilling	25309bcb45	techdebt(DI): Use public IThrottler interface which exists since Nextcloud 25 Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-08-28 15:50:45 +07:00
jld3103	1c19c567fe	oauth2: Add OpenAPI spec Signed-off-by: jld3103 <jld3103yt@gmail.com>	2023-07-12 07:32:30 +07:00
Julien Veyssier	629adc318f	add bruteforce protection in OauthApiController Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-06-19 11:18:06 +07:00
Julien Veyssier	18c742a901	encrypt oauth2 client secrets Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-06-07 11:36:08 +07:00
luz paz	9d26671f05	Fix typos in apps/ subdirectory Found via `codespell -q 3 -S l10n,./apps/files_external/3rdparty -L adn,ba,boxs,keypair,jus,optionel,ressource,tabel ./apps/` Signed-off-by: luz paz <luzpaz@github.com> Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>	2022-09-05 12:59:54 +07:00
J0WI	3b656446af	Introduce ISecureRandom::CHAR_ALPHANUMERIC Signed-off-by: J0WI <J0WI@users.noreply.github.com>	2021-07-08 15:11:31 +07:00
John Molakvoæ (skjnldsv)	215aef3cbd	Update php licenses Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	2021-06-04 22:02:41 +07:00
Christoph Wurst	cb057829f7	Update license headers for 19 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-29 11:57:22 +07:00
Christoph Wurst	44577e4345	Remove trailing and in between spaces Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 16:07:47 +07:00
Christoph Wurst	5bf3d1bb38	Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2019-12-05 15:38:45 +07:00
Roeland Jago Douma	68748d4f85	Some php-cs fixes * Order the imports * No leading slash on imports * Empty line before namespace * One line per import * Empty after imports * Emmpty line at bottom of file Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-11-22 20:52:10 +07:00
Roeland Jago Douma	b9ac258870	Strict controllers Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-12-07 13:43:22 +07:00
Roeland Jago Douma	674930da7f	Move ExpiredTokenException to the correct namespace Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-10-30 19:30:45 +07:00
Roeland Jago Douma	75456b057d	Reset bruteforce on token refresh OAuth When using atoken obtained via OAuth the token expires. Resulting in brute force attempts hitting the requesting IP. This resets the brute force attempts for that UID on a valid refresh of the token. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-10-30 11:21:27 +07:00
Roeland Jago Douma	3556e78c25	The OAuth endpoint needs to support Basic Auth * Add test Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-05-29 15:17:54 +07:00
Roeland Jago Douma	5a97148863	Don't use special chars to avoid confusion Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-05-22 09:24:17 +07:00
Roeland Jago Douma	f7ecec855b	Rotate token On a refresh token request: * rorate * reset expire Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-05-22 09:24:17 +07:00
Roeland Jago Douma	c28b25c4f0	Authenticate the clients on requesting a token Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-05-22 09:24:17 +07:00
Roeland Jago Douma	49795d2006	Set OAuth token expiration Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-05-22 09:24:17 +07:00
Lukas Reschke	88afd8b224	Cleanup code Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2017-05-18 20:49:08 +07:00
Lukas Reschke	4b4d3bb1c2	It's a bearer Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2017-05-18 20:49:05 +07:00
Lukas Reschke	5f71805c35	Add basic implementation for OAuth 2.0 Authorization Code Flow Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2017-05-18 20:49:03 +07:00

35 Commits (dcc6c1956ac7d6d5cf4781cb00a1055dee47d599)