9836e9b164
chore(deps): Update nextcloud/coding-standard to v1.3.1
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2024-09-19 14:21:20 +07:00
d76d971e55
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2024-09-17 00:20:40 +07:00
49dd79eabb
refactor: Add void return type to PHPUnit test methods
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2024-09-15 22:32:31 +07:00
26aa322e44
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2024-09-14 00:21:21 +07:00
a51c200cab
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2024-09-10 00:37:30 +07:00
7a6191ebb9
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2024-09-07 00:36:58 +07:00
e4fa996701
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2024-09-06 00:25:10 +07:00
8cded1e320
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2024-09-05 00:23:50 +07:00
94d259e750
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2024-09-04 00:21:54 +07:00
120e7e838c
fix(oauth2): fix tests
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2024-09-02 14:38:39 +07:00
034917b790
fix(oauth2): store hashed secret instead of encrypted
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2024-09-02 14:38:39 +07:00
aea0e8df6a
fix: Adjust more places for logical position
...
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2024-08-29 08:32:48 +07:00
723780d184
feat: Add bidi support in core directory
...
Signed-off-by: Mostafa Ahangarha <ahangarha@riseup.net>
2024-08-29 08:32:47 +07:00
ff10f9f60f
chore(deps): Update openapi-extractor to v1.0.0
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2024-08-21 11:07:50 +07:00
84ee79fe43
fix: expect invalidateTokensOfUser only be called for seen users
...
Signed-off-by: Artur Neumann <artur@jankaritech.com>
2024-08-16 10:33:56 +07:00
cc44ec54ad
invalidate oauth2 tokens only for seen users
...
Signed-off-by: Artur Neumann <artur@jankaritech.com>
2024-08-16 10:33:52 +07:00
e218d1f98e
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2024-08-15 00:25:46 +07:00
eb365438d6
feat(branchoff): Bump versions and requirements in apps
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2024-08-14 10:03:30 +07:00
ca9752482c
Merge pull request #46814 from nextcloud/refactor/oauth2/security-attributes
2024-08-14 09:38:28 +07:00
4b4af0b6b8
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2024-07-31 00:20:17 +07:00
d8adbce1be
refactor(oauth2): Replace security annotations with respective attributes
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2024-07-29 16:45:54 +07:00
691f570237
chore: Enable ESLint for apps and fix all errors
...
Nevertheless this causes a huge amount of new warnings.
Previously the shell script for directories to lint was wrong it was generating all app names to lint,
but was missing the `apps/` prefix. Causing only `core` to be linted.
Co-authored-by: Grigorii K. Shartsev <me@shgk.me>
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2024-07-09 17:13:30 +07:00
32de958259
chore(deps): Update openapi-extractor
...
Signed-off-by: provokateurin <kate@provokateurin.de>
2024-07-02 09:08:04 +07:00
ce7b331d33
chore: Add SPDX header
...
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
2024-06-19 12:02:43 +07:00
f0f4db3464
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2024-06-14 00:19:48 +07:00
59c181b4cb
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2024-06-13 00:19:50 +07:00
94bc020d07
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2024-06-05 09:56:05 +07:00
cc1686dba9
chore: Add SPDX header
...
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
2024-05-31 10:38:47 +07:00
878538ca54
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2024-04-24 00:20:17 +07:00
1001d41197
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2024-04-07 00:20:11 +07:00
7dad12ef75
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2024-04-04 00:20:03 +07:00
93065b22c4
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2024-04-02 00:19:28 +07:00
c93d44bb3f
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2024-03-31 00:19:32 +07:00
03090bb5ee
feat(branchoff): Bump versions and requirements in apps
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2024-03-28 11:26:18 +07:00
27b09ce00a
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2024-03-08 00:19:17 +07:00
fea2277b63
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2024-02-14 00:19:31 +07:00
af313a79e8
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2024-01-21 00:19:16 +07:00
eee9f1eec4
Always catch OCP versions of authentication exceptions
...
And always throw OC versions for BC
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2024-01-11 14:02:15 +07:00
77b783a9cb
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2024-01-10 00:20:28 +07:00
6690eebff4
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2024-01-04 00:19:57 +07:00
be46ca3658
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-12-22 00:20:19 +07:00
66b2fd95d1
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-12-20 00:19:18 +07:00
6fa377e90e
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-12-19 00:19:27 +07:00
0ff674607f
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-12-18 00:19:21 +07:00
84e0b9007c
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-12-17 00:18:58 +07:00
538041b6e7
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-12-16 00:19:23 +07:00
254f4b00d9
enh(oauth2): allowed toggling of aria label
...
Signed-off-by: Eduardo Morales <emoral435@gmail.com>
2023-12-14 20:16:37 +07:00
b9cf8fd8bc
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-12-15 00:18:59 +07:00
6aeb5d4a08
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-12-12 00:18:52 +07:00
b71b6dca97
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-12-07 00:19:41 +07:00
f49550db97
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-12-01 00:18:33 +07:00
79aa8bb64c
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-11-28 00:26:21 +07:00
28e0ccfed9
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-11-25 00:25:54 +07:00
2ec9936b93
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-11-24 00:27:09 +07:00
c5caae1bf0
Merge pull request #41678 from nextcloud/branchoff/master-is-now-29
...
Master is now 29
2023-11-23 12:02:20 +07:00
aa5f037af7
chore: apply changes from Nextcloud coding standards 1.1.1
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
2023-11-23 10:36:13 +07:00
64e0829fc8
feat(branchoff): Bump versions and requirements in apps
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-11-23 10:09:40 +07:00
3ce31fc1bf
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-11-11 00:22:14 +07:00
33e1db616d
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-11-04 00:29:23 +07:00
0398d74ebd
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-11-01 00:28:44 +07:00
16bfe0cc65
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-10-31 00:26:17 +07:00
600351c4cf
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-10-30 00:26:19 +07:00
fe471da316
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-10-29 00:25:29 +07:00
0aa65d9714
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-10-28 00:28:21 +07:00
fbc970855f
Create semantically right table for the "OAuth 2.0 clients"
...
Adapt styles
Signed-off-by: julia.kirschenheuter <julia.kirschenheuter@nextcloud.com>
2023-10-27 09:55:45 +07:00
d772537d90
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-10-24 00:25:42 +07:00
d56950a6c9
adjust phpdoc types in OauthApiController
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2023-10-05 14:24:03 +07:00
98c8a465b0
update OpenAPI specs
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2023-10-05 14:24:03 +07:00
da63d3c27b
update autoload files
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2023-10-05 14:24:02 +07:00
d2bc483adf
adjust oauth app
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2023-10-05 14:24:02 +07:00
32f984c520
adjust oauth tests
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2023-10-05 14:24:02 +07:00
c6da99474e
rename oauth2_access_token's created_at to code_created_at
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2023-10-05 14:24:02 +07:00
e944980eb6
add db index on oauth2_access_tokens's (token_count, created_at)
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2023-10-05 14:24:02 +07:00
ddfc124767
add test for refusing to get an oauth token from a code when we're not in authorization state
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2023-10-05 14:24:02 +07:00
779e1d51ac
delete oauth access token when receiving a code that has expired
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2023-10-05 14:24:02 +07:00
1ab45bad5d
refuse oauth authorization code if a token has already been delivered (active token)
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2023-10-05 14:24:02 +07:00
7bba410997
cleanup access tokens that are still in authorization state and that have expired
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2023-10-05 14:24:02 +07:00
2995b0948f
add tests for oauth2 authorization code expiration
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2023-10-05 14:24:02 +07:00
807f173dec
make oauth2 authorization code expire after 10 minutes
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2023-10-05 14:24:02 +07:00
ea881fee2f
Add labels for input fields
...
Signed-off-by: julia.kirschenheuter <julia.kirschenheuter@nextcloud.com>
2023-09-22 10:46:46 +07:00
25309bcb45
techdebt(DI): Use public IThrottler interface which exists since Nextcloud 25
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-08-28 15:50:45 +07:00
663db2bb34
chore: Update nextcloud-vue to v8 beta2 and renamed changed properties
...
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2023-08-02 15:19:26 +07:00
46d80b4f70
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-07-19 00:26:31 +07:00
1c19c567fe
oauth2: Add OpenAPI spec
...
Signed-off-by: jld3103 <jld3103yt@gmail.com>
2023-07-12 07:32:30 +07:00
a62a8fab97
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-07-08 00:30:07 +07:00
05aa39d777
Fix event names of 2FA related typed events
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-07-03 14:25:01 +07:00
629adc318f
add bruteforce protection in OauthApiController
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2023-06-19 11:18:06 +07:00
7250b98791
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-06-19 00:18:02 +07:00
578bf8cc0b
add extra migration that sets the secret column length in case the previous step has run when it was setting it to 256
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2023-06-14 17:21:38 +07:00
24e517c5b3
make oauth2 client secret column larger
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2023-06-14 17:21:38 +07:00
8086d7e41b
add test that inserts a long oauth client secret
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2023-06-14 17:21:38 +07:00
2259eedf76
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-06-11 00:34:31 +07:00
689936020d
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-06-10 00:17:36 +07:00
808819a4d0
fix oauth2 tests
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2023-06-08 13:02:40 +07:00
18c742a901
encrypt oauth2 client secrets
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2023-06-07 11:36:08 +07:00
4218f719ea
Add OpenAPI specs
...
Signed-off-by: jld3103 <jld3103yt@gmail.com>
2023-05-24 16:51:38 +07:00
96f0118312
Fix(l10n): Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-05-21 00:17:10 +07:00
7e45fdf867
chore(release): Bump requirements and versions in apps/
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-05-17 10:44:23 +07:00
cca3b9495c
chore(autoloader): Update autoloaders with composer 2.5.5
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-04-21 15:53:55 +07:00
2eda49e28d
Fix(l10n): 🔠 Update translations from Transifex
...
Signed-off-by: Nextcloud bot <bot@nextcloud.com>
2023-03-30 02:27:36 +07:00
provokateurin
Nextcloud bot
Christoph Wurst
Julien Veyssier
Ferdinand Thiessen
Mostafa Ahangarha
Artur Neumann
Joas Schilling
Kate
Andy Scherzinger
Côme Chilliet
Eduardo Morales
Arthur Schiwon
julia.kirschenheuter
jld3103