nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Ferdinand Thiessen	495c364268	chore: use consistent casing for header names (required by openAPI) Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	7 months ago
Ferdinand Thiessen	fa7310add9	fix: handle IDLE timeout Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	7 months ago
provokateurin	82fb8f8508	refactor: Extend rector to core/ Signed-off-by: provokateurin <kate@provokateurin.de>	8 months ago
Richard Steinmetz	246da73a36	fix(oauth2): retain support for legacy ownCloud clients Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>	9 months ago
Côme Chilliet	f52b4c5eb2	fix: Remove skip of grant page, only skip first step Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	1 year ago
Côme Chilliet	e7be008dc1	feat(oauth2): Skip page before login as well for authorized applications Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	1 year ago
Côme Chilliet	9b366c65d4	feat(oauth): Allow to skip the grant step for selected applications Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	1 year ago
provokateurin	9836e9b164	chore(deps): Update nextcloud/coding-standard to v1.3.1 Signed-off-by: provokateurin <kate@provokateurin.de>	1 year ago
Daniel Kesselberg	af6de04e9e	style: update codestyle for coding-standard 1.2.3 Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	1 year ago
provokateurin	c57c3c1573	refactor(core): Replace security annotations with respective attributes Signed-off-by: provokateurin <kate@provokateurin.de>	1 year ago
Andy Scherzinger	e07a190641	chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	2 years ago
provokateurin	2c51933b6b	refactor(core): Switch to attribute based routing Signed-off-by: provokateurin <kate@provokateurin.de>	2 years ago
provokateurin	b64ab5fba8	refactor: Migrate IgnoreOpenAPI attributes to OpenAPI Signed-off-by: provokateurin <kate@provokateurin.de>	2 years ago
Côme Chilliet	95ea6188dc	Suppress or fix psalm errors related to InvalidTokenException Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2 years ago
Côme Chilliet	eee9f1eec4	Always catch OCP versions of authentication exceptions And always throw OC versions for BC Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2 years ago
Joas Schilling	aa5f037af7	chore: apply changes from Nextcloud coding standards 1.1.1 Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2 years ago
Julien Veyssier	c6da99474e	rename oauth2_access_token's created_at to code_created_at Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2 years ago
Julien Veyssier	807f173dec	make oauth2 authorization code expire after 10 minutes Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2 years ago
jld3103	1be836273d	core: Add OpenAPI spec Signed-off-by: jld3103 <jld3103yt@gmail.com>	3 years ago
Faraz Samapoor	fc0e2a938f	Applies agreed-upon indentation convention to the changed controllers. Based on https://github.com/nextcloud/server/pull/38636#discussion_r1218167753 Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>	3 years ago
Faraz Samapoor	450bf5c99e	Refactors controllers by using PHP8's constructor property promotion. Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>	3 years ago
Faraz Samapoor	a1ef0285f8	Refactors "strpos" calls in /core to improve code readability. Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>	3 years ago
Christoph Wurst	20e00cdf17	feat(app-framework): Add UseSession attribute to replace annotation Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	3 years ago
Carl Schwan	b70c6a128f	Update core to PHP 7.4 standard - Typed properties - Port to LoggerInterface Signed-off-by: Carl Schwan <carl@carlschwan.eu>	4 years ago
Joas Schilling	db1813f640	Show user account on grant loginflow step Signed-off-by: Joas Schilling <coding@schilljs.com>	4 years ago
Vincent Petry	80388663af	Add direct arg to login flow Signed-off-by: Vincent Petry <vincent@nextcloud.com> Co-Authored-by: Carl Schwan <carl@carlschwan.eu>	4 years ago
Joas Schilling	5f75d2e104	Remove old shortening Signed-off-by: Joas Schilling <coding@schilljs.com>	4 years ago
Joas Schilling	a0c7798c7d	Limit the length of app password names Signed-off-by: Joas Schilling <coding@schilljs.com>	4 years ago
Julius Härtl	61dd1d3d97	Pass username prefill through unauthenticated request redirects Signed-off-by: Julius Härtl <jus@bitgrid.net>	4 years ago
John Molakvoæ (skjnldsv)	215aef3cbd	Update php licenses Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	5 years ago
Christoph Wurst	f8808e260d	Move app_password_created to a typed event Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	5 years ago
Christoph Wurst	2a054e6c04	Update the license headers for Nextcloud 20 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	5 years ago
Joas Schilling	543fabe279	Make magic strings of ClientFlowLogin and v2 publicly available Signed-off-by: Joas Schilling <coding@schilljs.com>	6 years ago
Roeland Jago Douma	ffad3f83fe	Validate app password on alternative login Fixes #20838 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6 years ago
Christoph Wurst	cb057829f7	Update license headers for 19 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	28f8eb5dba	Add visibility to all constants Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	caff1023ea	Format control structures, classes, methods and function To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	14c996d982	Use elseif instead of else if Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	5bf3d1bb38	Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
RussellAult	19791b2460	Check getRedirectUri() for queries Resolves Issue #17885 Check getRedirectUri() for queries, and add a '&' instead of a '?' to $redirectUri if it already has them; otherwise, $redirectUri might end up with two '?'. Signed-off-by: RussellAult <russellault@users.noreply.github.com>	6 years ago
Sergej Nikolaev	1b5d85a4ca	fix oauth client redirect Signed-off-by: Sergej Nikolaev <kinolaev@gmail.com>	6 years ago
Roeland Jago Douma	6dc179ee12	Fix login flow form actions So fun fact. Chrome considers a redirect after submitting a form part of the form actions. Since we redirect to a new protocol (nc://login/). Causing the form submission to work but the redirect failing hard. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Daniel Kesselberg	c583c5e7e2	Emit event if app password created Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	7 years ago
Daniel Kesselberg	149a98edf6	Publish activity for app token created by client login flow Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	7 years ago
Roeland Jago Douma	b68567e9ba	Add StandaloneTemplateResponse This can be used by pages that do not have the full Nextcloud UI. So notifications etc do not load there. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	66367797df	Fix template paramter Else we get shown an error page instead of the correct 403. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	e6ac233947	Fix loginflow with apptoken enter on iOS It seems iOS doesn't like us to change the location. So now we submit it to the server that geneartes the redirect. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	763b52d402	Fix SAML Client login flow on Apple devices Because the redirect from the SAML/SSO endpoint is a POST the lax/strict cookies are not properly send. Note that it is not strictly requried on this endpoint as we do not need the remember me data. Only the real session info is enough. The endpoint is also already protected by a state token. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
John Molakvoæ (skjnldsv)	5e4990fadd	Remove redirect page Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	7 years ago
Roeland Jago Douma	92582a350d	Use the proper server for the apptoken flow login If a user can't authenticate normally (because they have 2FA that is not available on their devices for example). The redirect that is generated should be of the proper format. This means 1. Include the protocol 2. Include the possible subfolder Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago

1 2

68 Commits (495c364268abc7346b852bf515e39cf34bcb33b1)