nextcloud-server

Commit Graph

Author	SHA1	Message	Date
Christoph Wurst	5eb768ac5e	fix(auth): Run token statements in atomic transaction All or nothing Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	3 years ago
Côme Chilliet	426c0341ff	Use typed version of IConfig::getSystemValue as much as possible Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	3 years ago
Ember 'n0emis' Keske	6881d2f2f1	Don't try to hash a nonexisting password Allows to log-in via a passwordless authentication provider, eg SSO Signed-off-by: Ember 'n0emis' Keske <git@n0emis.eu>	3 years ago
Joas Schilling	6417ea0265	fix(authentication): Handle null or empty string password hash This can happen when the auth.storeCryptedPassword config is used, which previously errored with: Hasher::verify(): Argument #2 ($hash) must be of type string, null given Signed-off-by: Joas Schilling <coding@schilljs.com>	3 years ago
Julius Härtl	580feecdbf	fix(authtoken): Store only one hash for authtokens with the current password per user Signed-off-by: Julius Härtl <jus@bitgrid.net>	3 years ago
Joas Schilling	7a85a1596e	fix(authentication): Check minimum length when creating app tokens Signed-off-by: Joas Schilling <coding@schilljs.com>	3 years ago
Joas Schilling	03a585ab4f	fix(performance): Only search for auth tokens when the provided login is long enough Signed-off-by: Joas Schilling <coding@schilljs.com>	3 years ago
Joas Schilling	2fb4dac7ad	fix(authentication): Update the token when the hash is null or can not be verified Signed-off-by: Joas Schilling <coding@schilljs.com>	3 years ago
Joas Schilling	28b18d561c	fix(authentication): Only hash the new password when needed Signed-off-by: Joas Schilling <coding@schilljs.com>	3 years ago
Joas Schilling	c5bb19641c	fix(authentication): Invert the logic to the original intention We need to store the new authentication details when the hash did not verify the old password. Signed-off-by: Joas Schilling <coding@schilljs.com>	3 years ago
Joas Schilling	55d8aec759	fix(authentication): Only verify each hash once Signed-off-by: Joas Schilling <coding@schilljs.com>	3 years ago
Joas Schilling	b4a29644cc	Add a const for the max user password length Signed-off-by: Joas Schilling <coding@schilljs.com>	3 years ago
Marcel Klehr	adfe367106	PublickKeyTokenProvider: Fix password update routine with password hash Signed-off-by: Marcel Klehr <mklehr@gmx.net>	3 years ago
Christoph Wurst	c5922e67d3	Run session token renewals in a database transaction The session token renewal does 1) Read the old token 2) Write a new token 3) Delete the old token If two processes succeed to read the old token there can be two new tokens because the queries were not run in a transaction. This is particularly problematic on clustered DBs where 1) would go to a read node and 2) and 3) go to a write node. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	3 years ago
Carl Schwan	ef31396727	Mark method as deprecated Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com> Signed-off-by: Carl Schwan <carl@carlschwan.eu>	3 years ago
Julius Härtl	9d1ec582ba	Do not update passwords if nothing changed Signed-off-by: Julius Härtl <jus@bitgrid.net>	3 years ago
Carl Schwan	702445ba3b	Handle one time password better Signed-off-by: Carl Schwan <carl@carlschwan.eu>	3 years ago
Carl Schwan	d5c23dbb9f	Move CappedMemoryCache to OCP This is an helpful helper that should be used in more place than just server and this is already the case with groupfodlers, deck, user_oidc and more using it, so let's make it public Signed-off-by: Carl Schwan <carl@carlschwan.eu>	4 years ago
Carl Schwan	1c23c029af	Handler large passwords For passwords bigger than 250 characters, use a bigger key since the performance impact is minor (around one second to encrypt the password). For passwords bigger than 470 characters, give up earlier and throw exeception recommanding admin to either enable the previously enabled configuration or use smaller passwords. Signed-off-by: Carl Schwan <carl@carlschwan.eu>	4 years ago
Carl Schwan	cdf3b60555	Handle one time passwords This adds an option to disable storing passwords in the database. This might be desirable when using single use token as passwords or very large passwords. Signed-off-by: Carl Schwan <carl@carlschwan.eu>	4 years ago
Joas Schilling	7b3e2217de	Fix user agent trimming on installation Signed-off-by: Joas Schilling <coding@schilljs.com>	4 years ago
Joas Schilling	a0c7798c7d	Limit the length of app password names Signed-off-by: Joas Schilling <coding@schilljs.com>	4 years ago
Julius Härtl	553cb499b2	Rotate token after fallback Signed-off-by: Julius Härtl <jus@bitgrid.net>	4 years ago
Julius Härtl	81f8719cc0	Add fallback routines for empty secret cases Signed-off-by: Julius Härtl <jus@bitgrid.net>	4 years ago
Joas Schilling	397b9098e8	Also cache non-existing to reuse it Signed-off-by: Joas Schilling <coding@schilljs.com>	4 years ago
Joas Schilling	c0ba89ecc9	Remove default token which is deprecated since Nextcloud 13 Signed-off-by: Joas Schilling <coding@schilljs.com>	4 years ago
Christoph Wurst	7dd7256cfe	Prevent duplicate auth token activity updates The auth token activity logic works as follows * Read auth token * Compare last activity time stamp to current time * Update auth token activity if it's older than x seconds This works fine in isolation but with concurrency that means that occasionally the same token is read simultaneously by two processes and both of these processes will trigger an update of the same row. Affectively the second update doesn't add much value. It might set the time stamp to the exact same time stamp or one a few seconds later. But the last activity is no precise science, we don't need this accuracy. This patch changes the UPDATE query to include the expected value in a comparison with the current data. This results in an affected row when the data in the DB still has an old time stamp, but won't affect a row if the time stamp is (nearly) up to date. This is a micro optimization and will possibly not show any significant performance improvement. Yet in setups with a DB cluster it means that the write node has to send fewer changes to the read nodes due to the lower number of actual changes. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	4 years ago
Christoph Wurst	01b8291c76	Type the autentication provider passwords as nullable strings For historic reasons we couldn't add a nullable type hint before nullable type hints were supported by our target php versions. This is now possible. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	4 years ago
Tobias Assmann	ee049a159b	prevent the invalidation of pw based authn tokens on a pw less login Signed-off-by: Tobias Assmann <tobias.assmann@ecsec.de>	5 years ago
Tobias Assmann	669bd4d718	add spaces around operators Signed-off-by: Tobias Assmann <tobias.assmann@ecsec.de>	5 years ago
Tobias Assmann	1f1ae97824	draft to prevent the invalidation of pw based authn tokens on a pw less login Signed-off-by: Tobias Assmann <tobias.assmann@ecsec.de>	5 years ago
John Molakvoæ (skjnldsv)	215aef3cbd	Update php licenses Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	5 years ago
Roeland Jago Douma	cd457cc68b	Always renew apppasswords on login Else you can end up that you renewed your password (LDAP for example). But they still don't work because you did not use them before you logged in. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	5 years ago
Joas Schilling	49ff48fcd3	Use PSR logger in authentication Signed-off-by: Joas Schilling <coding@schilljs.com>	5 years ago
Christoph Wurst	2664c7f75f	Type some of the core mappers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	5 years ago
Roeland Jago Douma	76a7600e2e	Allow configuring the activity update interval of token On some systems with a lot of users this creates a lot of extra DB writes. Being able to increase this interval helps there. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	5 years ago
Roeland Jago Douma	0452877a67	Fix app password updating out of bounds When your password changes out of bounds your Nextcloud tokens will become invalid. There is no real way around that. However we should make sure that if you successfully log in again your passwords are all updates * Added event listener to the PostLoggedInEvent so that we can act on it - Only if it is not a token login * Make sure that we actually reset the invalid state when we update a token. Else it keeps being marked invalid and thus not used. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	5 years ago
Christoph Wurst	2a054e6c04	Update the license headers for Nextcloud 20 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	5 years ago
Morris Jobke	fedf9c69d9	Use matching parameter names form interfaces and implementations Found by Psalm 3.14.1 Signed-off-by: Morris Jobke <hey@morrisjobke.de>	5 years ago
Christoph Wurst	2006a6dd0e	Improve traces of invalid token exceptions Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Christoph Wurst	5bf3d1bb38	Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Roeland Jago Douma	b371e735cf	Throw an invalid token exception is token is marked outdated This avoids hitting the backend with multiple requests for the same token. And will help avoid quick LDAP lockouts. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6 years ago
Roeland Jago Douma	5122629bb0	Make renewSessionToken return the new token Avoids directly getting the token again. We just inserted it so it and have all the info. So that query is just a waste. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6 years ago
Roeland Jago Douma	3fccc7dc47	Cache the public key tokens Sometimes (esp with token auth) we query the same token multiple times. While this is properly indexed and fast it is still a bit of a waste. Right now it is doing very stupid caching. Which gets invalidate on any update. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	6 years ago
Daniel Kesselberg	608f4d3ee9	Pass $configargs to openssl_pkey_export Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	7 years ago
Morris Jobke	4ae17427c5	Error with exception on SSL error Signed-off-by: Morris Jobke <hey@morrisjobke.de>	7 years ago
Roeland Jago Douma	f03eb7ec3c	Remote wipe support This allows a user to mark a token for remote wipe. Clients that support this can then wipe the device properly. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	7 years ago
Daniel Kesselberg	ec8aefc762	Read openssl error and log Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	7 years ago
Roeland Jago Douma	674930da7f	Move ExpiredTokenException to the correct namespace Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago
Roeland Jago Douma	d9febae5b2	Update all the publickey tokens if needed on web login * On weblogin check if we have invalid public key tokens * If so update them all with the new token This ensures that your marked as invalid tokens work again if you once login on the web. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	7 years ago

1 2

66 Commits (bf2dcd67f3cb83e3bebc472d65fac3bc8755e25d)