nextcloud

Commit Graph

Author	SHA1	Message	Date
Roeland Jago Douma	b9ac258870	Strict controllers Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-12-07 13:43:22 +01:00
Roeland Jago Douma	1e6711305a	Fail gracefull if an unkown oauth2 client tries to authenticate Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-12-06 21:14:34 +01:00
Roeland Jago Douma	674930da7f	Move ExpiredTokenException to the correct namespace Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-10-30 19:30:45 +01:00
Roeland Jago Douma	75456b057d	Reset bruteforce on token refresh OAuth When using atoken obtained via OAuth the token expires. Resulting in brute force attempts hitting the requesting IP. This resets the brute force attempts for that UID on a valid refresh of the token. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-10-30 11:21:27 +01:00
Patrik Kernstock	8f9fa9ee13	Remove filter_var flags due to PHP 7.3 deprecation, fixes #10894 Signed-off-by: Patrik Kernstock <info@pkern.at>	2018-09-04 00:58:44 +02:00
rakekniven	8370111cf4	Update SettingsController.php Grammar fix. Uppercase URL See https://www.transifex.com/nextcloud/nextcloud/translate/#de/$/146983238?q=issue%3Aopen	2018-06-30 08:49:44 +02:00
Roeland Jago Douma	555de27567	Validate OAuth2 redirect uri Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-06-26 16:15:53 +02:00
Roeland Jago Douma	1ccb36a0f1	Cleanup Controller Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-06-19 11:42:41 +02:00
Roeland Jago Douma	d2d1e8e375	Migrate OAuth Admin settings to vue Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-06-19 11:42:41 +02:00
Roeland Jago Douma	3556e78c25	The OAuth endpoint needs to support Basic Auth * Add test Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-05-29 15:17:54 +02:00
Roeland Jago Douma	5a97148863	Don't use special chars to avoid confusion Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-05-22 09:24:17 +02:00
Roeland Jago Douma	f7ecec855b	Rotate token On a refresh token request: * rorate * reset expire Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-05-22 09:24:17 +02:00
Roeland Jago Douma	c28b25c4f0	Authenticate the clients on requesting a token Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-05-22 09:24:17 +02:00
Roeland Jago Douma	4e3aef22a1	Fail if the response type is not properly set Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-05-22 09:24:17 +02:00
Roeland Jago Douma	49795d2006	Set OAuth token expiration Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-05-22 09:24:17 +02:00
Lukas Reschke	b07a0f51ba	Add OAuth state to session Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2017-05-18 20:49:08 +02:00
Lukas Reschke	88afd8b224	Cleanup code Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2017-05-18 20:49:08 +02:00
Bjoern Schiessle	1eb7f4956b	delete auth token when client gets deleted Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>	2017-05-18 20:49:07 +02:00
Lukas Reschke	4b4d3bb1c2	It's a bearer Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2017-05-18 20:49:05 +02:00
Lukas Reschke	5f71805c35	Add basic implementation for OAuth 2.0 Authorization Code Flow Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2017-05-18 20:49:03 +02:00

20 Commits