nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Christoph Wurst	3474afa938	Clean up auth tokens when user is deleted Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	2006a6dd0e	Improve traces of invalid token exceptions Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Roeland Jago Douma	f4ac9ffa2c	Remember the webauthn name of devices Fixes #20289 we should not reset to default once we have logged in with the device. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6 years ago
Christoph Wurst	cb057829f7	Update license headers for 19 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Julius Härtl	2eadf9d567	Do not create remember me cookie Signed-off-by: Julius Härtl <jus@bitgrid.net>	6 years ago
Christoph Wurst	28f8eb5dba	Add visibility to all constants Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	1584c9ae9c	Add visibility to all methods and position of static keyword Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	caff1023ea	Format control structures, classes, methods and function To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	14c996d982	Use elseif instead of else if Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	afbd9c4e6e	Unify function spacing to PSR2 recommendation Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	2a529e453a	Use a blank line after the opening tag Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	41b5e5923a	Use exactly one empty line after the namespace declaration For PSR2 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	2fbad1ed72	Fix (array) indent style to always use one tab Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	85e369cddb	Fix multiline comments Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	c4998efcfc	Migrate to PSR1 coding style Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Roeland Jago Douma	53db05a1f6	Start with webauthn Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>	6 years ago
Roeland Jago Douma	f04f34b94b	Make password nullable in LoginData Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6 years ago
Roeland Jago Douma	84f3d2ddeb	[POC] Event for failed login attempts Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6 years ago
Christoph Wurst	1a9330cd69	Update the license headers for Nextcloud 19 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	74936c49ea	Remove unused imports Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Joas Schilling	dc7913efcd	Fix recursive calls in logging via server methods Signed-off-by: Joas Schilling <coding@schilljs.com>	6 years ago
Joas Schilling	9935c71ec3	Check the user on remote wipe Signed-off-by: Joas Schilling <coding@schilljs.com>	6 years ago
Christoph Wurst	df9e2b828a	Fix mismatching docblock return types Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	5fc4c91a76	Fix mismatching doc block parameter types Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	6127c288e8	Fix license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	60d4b45e89	Clean up 2FA provider registry when a user is deleted Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	5bf3d1bb38	Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Roeland Jago Douma	b371e735cf	Throw an invalid token exception is token is marked outdated This avoids hitting the backend with multiple requests for the same token. And will help avoid quick LDAP lockouts. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6 years ago
Christoph Wurst	0299ea0a96	Handle token insert conflicts Env-based SAML uses the "Apache auth" mechanism to log users in. In this code path, we first delete all existin auth tokens from the database, before a new one is inserted. This is problematic for concurrent requests as they might reach the same code at the same time, hence both trying to insert a new row wit the same token (the session ID). This also bubbles up and disables user_saml. As the token might still be OK (both request will insert the same data), we can actually just check if the UIDs of the conflict row is the same as the one we want to insert right now. In that case let's just use the existing entry and carry on. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	128a460d7b	Add return type hint to credential store and make it strict Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Roeland Jago Douma	68748d4f85	Some php-cs fixes * Order the imports * No leading slash on imports * Empty line before namespace * One line per import * Empty after imports * Emmpty line at bottom of file Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6 years ago
Roeland Jago Douma	5122629bb0	Make renewSessionToken return the new token Avoids directly getting the token again. We just inserted it so it and have all the info. So that query is just a waste. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6 years ago
Roeland Jago Douma	3fccc7dc47	Cache the public key tokens Sometimes (esp with token auth) we query the same token multiple times. While this is properly indexed and fast it is still a bit of a waste. Right now it is doing very stupid caching. Which gets invalidate on any update. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6 years ago
Roeland Jago Douma	210a0554a2	Use the actual password to update the tokens Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6 years ago
Daniel Kesselberg	ee76b0fbd2	Add uid to delete temp token query Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	6 years ago
Christoph Wurst	a1ef939c06	Use Symfony's new contract Event class instead of the deprecated one Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Daniel Kesselberg	608f4d3ee9	Pass $configargs to openssl_pkey_export Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	7 years ago
Morris Jobke	4ae17427c5	Error with exception on SSL error Signed-off-by: Morris Jobke <hey@morrisjobke.de>	7 years ago
Joas Schilling	565838da9c	Update unit tests Signed-off-by: Joas Schilling <coding@schilljs.com>	7 years ago
Joas Schilling	64f67818bc	Fix new core notifier Signed-off-by: Joas Schilling <coding@schilljs.com>	7 years ago
Christoph Wurst	d058ef2b6c	Make it possible to wipe all tokens/devices of a user Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	7 years ago
Christoph Wurst	1c261675ad	Refactor: move remote wipe token logic to RW service Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	7 years ago
Christoph Wurst	c50fe2a9c9	Send emails when remote wipe starts/finishes Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	7 years ago
Christoph Wurst	aa6622ccef	Decouple remote wipe notifcation channels with events Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	7 years ago
Roeland Jago Douma	f03eb7ec3c	Remote wipe support This allows a user to mark a token for remote wipe. Clients that support this can then wipe the device properly. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	7 years ago
Roeland Jago Douma	579162d7b9	Allow 2FA to be setup on first login Once 2FA is enforced for a user and they have no 2FA setup yet this will now prompt them with a setup screen. Given that providers are enabled that allow setup then. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	7 years ago
Christoph Wurst	170582d4f5	Add a login chain to reduce the complexity of LoginController::tryLogin Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	7 years ago
Daniel Kesselberg	34e849d702	Add interface INamedToken Remove $token instanceof DefaultToken \|\| $token instanceof PublicKeyToken Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	7 years ago
Roeland Jago Douma	ac8a6e2244	Clean pending 2FA authentication on password reset When a password is reste we should make sure that all users are properly logged in. Pending states should be cleared. For example a session where the 2FA code is not entered yet should be cleared. The token is now removed so the session will be killed the next time this is checked (within 5 minutes). Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Daniel Kesselberg	ec8aefc762	Read openssl error and log Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	7 years ago

1 2 3 4

174 Commits (9b10d354777f7eea21820aec522c4865fb1663fe)