nextcloud-server

Commit Graph

Author	SHA1	Message	Date
jld3103	1c19c567fe	oauth2: Add OpenAPI spec Signed-off-by: jld3103 <jld3103yt@gmail.com>	3 years ago
Julien Veyssier	629adc318f	add bruteforce protection in OauthApiController Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	3 years ago
Julien Veyssier	578bf8cc0b	add extra migration that sets the secret column length in case the previous step has run when it was setting it to 256 Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	3 years ago
Julien Veyssier	24e517c5b3	make oauth2 client secret column larger Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	3 years ago
Julien Veyssier	18c742a901	encrypt oauth2 client secrets Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	3 years ago
Artur Neumann	f634badf12	public interface to invalidate tokens of user Signed-off-by: Artur Neumann <artur@jankaritech.com>	3 years ago
Artur Neumann	21be557e2a	invalidate existing tokens when deleting an oauth client Signed-off-by: Artur Neumann <artur@jankaritech.com>	3 years ago
luz paz	9d26671f05	Fix typos in apps/ subdirectory Found via `codespell -q 3 -S l10n,./apps/files_external/3rdparty -L adn,ba,boxs,keypair,jus,optionel,ressource,tabel ./apps/` Signed-off-by: luz paz <luzpaz@github.com> Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>	3 years ago
Carl Schwan	53db418ee9	Cleanup oauth2 admin settings - Use more vue components - Add link to doc Signed-off-by: Carl Schwan <carl@carlschwan.eu>	4 years ago
Daniel Kesselberg	11cacb52d4	Use property name for addType Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	4 years ago
Louis Chemineau	c5722869be	Add oauth2_clients migration for Owncloud Signed-off-by: Louis Chemineau <louis@chmn.me>	4 years ago
Joas Schilling	c6ae53096c	More test fixing Signed-off-by: Joas Schilling <coding@schilljs.com>	4 years ago
J0WI	3b656446af	Introduce ISecureRandom::CHAR_ALPHANUMERIC Signed-off-by: J0WI <J0WI@users.noreply.github.com>	5 years ago
John Molakvoæ (skjnldsv)	215aef3cbd	Update php licenses Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	5 years ago
Christoph Wurst	99f2fa73d1	Fix usage of rename executeUpdate Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	5 years ago
Roeland Jago Douma	c2f7c417b2	Add psalm annotation to the DB handlers of OAuth2 * Psalm annotations * To new executeUpdate Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	5 years ago
Christoph Wurst	cb057829f7	Update license headers for 19 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	28f8eb5dba	Add visibility to all constants Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	caff1023ea	Format control structures, classes, methods and function To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	44577e4345	Remove trailing and in between spaces Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	1a9330cd69	Update the license headers for Nextcloud 19 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Daniel Kesselberg	509af24bc9	Fix invalid instantiation of TemplateResponse if client not found Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	6 years ago
Christoph Wurst	5bf3d1bb38	Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Roeland Jago Douma	68748d4f85	Some php-cs fixes * Order the imports * No leading slash on imports * Empty line before namespace * One line per import * Empty after imports * Emmpty line at bottom of file Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6 years ago
Roeland Jago Douma	9e2bb5ef36	Move oauth admin settings to initialstate Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>	6 years ago
Roeland Jago Douma	50862aadfd	Move OAuth down in admin security settings For #16076 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	21d542f953	Use the proper names when setting entity types Else this does 💥 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	eb407565b0	OAuth2 client identifier must be unique Fixes #12981 This is highly unlikely to happen. But better to enforce it on the DB level as well! Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	d7223ebf4d	OAuth2: Move to migrations Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	b9ac258870	Strict controllers Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	a478945767	Strict repair step Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	e22645136c	Strict Exceptions Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	a670a9e443	Move OAuth2 db code to QBMapper and make it strict Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	1e6711305a	Fail gracefull if an unkown oauth2 client tries to authenticate Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	674930da7f	Move ExpiredTokenException to the correct namespace Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	75456b057d	Reset bruteforce on token refresh OAuth When using atoken obtained via OAuth the token expires. Resulting in brute force attempts hitting the requesting IP. This resets the brute force attempts for that UID on a valid refresh of the token. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Patrik Kernstock	8f9fa9ee13	Remove filter_var flags due to PHP 7.3 deprecation, fixes #10894 Signed-off-by: Patrik Kernstock <info@pkern.at>	7 years ago
rakekniven	8370111cf4	Update SettingsController.php Grammar fix. Uppercase URL See https://www.transifex.com/nextcloud/nextcloud/translate/#de/$/146983238?q=issue%3Aopen	8 years ago
Roeland Jago Douma	555de27567	Validate OAuth2 redirect uri Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Roeland Jago Douma	27259ea2a2	Fix AdminTests Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Roeland Jago Douma	1ccb36a0f1	Cleanup Controller Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Roeland Jago Douma	d2d1e8e375	Migrate OAuth Admin settings to vue Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Roeland Jago Douma	3556e78c25	The OAuth endpoint needs to support Basic Auth * Add test Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Roeland Jago Douma	5a97148863	Don't use special chars to avoid confusion Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Roeland Jago Douma	f7ecec855b	Rotate token On a refresh token request: * rorate * reset expire Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Roeland Jago Douma	c28b25c4f0	Authenticate the clients on requesting a token Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Roeland Jago Douma	4e3aef22a1	Fail if the response type is not properly set Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Roeland Jago Douma	49795d2006	Set OAuth token expiration Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	8 years ago
Lukas Reschke	df3909a7c3	Use Bearer backend for SabreDAV Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	9 years ago
Lukas Reschke	691646bdae	Add tests for OAuth2 app Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	9 years ago

1 2

59 Commits (2ea7719bfa4280220c7dfc9fbfec97b61ba33112)