nextcloud

Commit Graph

Author	SHA1	Message	Date
Morris Jobke	2f059d1caf	Merge pull request #9540 from nextcloud/backport/9517/stable13 [stable13] Improve OAuth	2018-05-23 15:42:22 +02:00
Rémy Jacquin	0b8908b8df	Fix translation bug on lost password page Fix nextcloud/password_policy#26 Signed-off-by: Rémy Jacquin <remy@remyj.fr>	2018-05-22 18:43:27 +02:00
Roeland Jago Douma	73f8373151	Don't use special chars to avoid confusion Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-05-22 14:51:30 +02:00
Arthur Schiwon	fb2ebbd232	don't try login with the same name that just failed Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-02-26 10:32:38 +01:00
Mario Danic	c7eaa26f73	Fix bug with proxies Signed-off-by: Mario Danic <mario@lovelyhq.com>	2018-01-15 00:49:22 +01:00
Morris Jobke	68e205e827	Merge pull request #7712 from nextcloud/jsconfig_l10n Use correct L10N files for jsconfig	2018-01-05 15:22:10 +01:00
Roeland Jago Douma	30ac28f950	Use correct L10N files for jsconfig Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-01-05 14:33:03 +01:00
Roeland Jago Douma	82f03e1314	Clear login token once apppassword is generated Fixes #7697 When using the new login flow a token will be generated since we login. However after that we generate yet another token to return (as we should). However we should kill the current session token as we are done with it. And will never use it again. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-01-04 14:30:40 +01:00
Arthur Schiwon	4f3d52a364	never translate login names when requiring with a user id where appropriate, the preLoginNameUsedAsUserName hook should be thrown. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2018-01-03 13:25:00 +01:00
Julius Härtl	f5f6ed664d	Hide stay logged in checkbox when flow authentication is used Signed-off-by: Julius Härtl <jus@bitgrid.net>	2017-12-28 11:15:26 +01:00
Roeland Jago Douma	c1fcd6fc98	Merge pull request #7324 from nextcloud/no-sorters-no-instances don't create sorter instances when none was requested	2017-12-11 15:27:44 +01:00
Morris Jobke	ed7beb929e	Merge pull request #6876 from nextcloud/always_img_avatar Always generate avatar	2017-12-08 23:58:17 +01:00
Roeland Jago Douma	ba648eecdf	Move avatar code to Avatar Class Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2017-11-29 14:23:15 +01:00
Roeland Jago Douma	604596ec16	Always generate avatar Even if no avatar is set we should just generate the image. This to not duplicate the code on all the clients. And only server images from the avtar endpoint. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2017-11-29 14:23:15 +01:00
Arthur Schiwon	96bc03a03a	don't create sorter instances when none was requested Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-11-28 13:30:51 +01:00
Mario Danic	c2cd5fc5d3	Fix flow Signed-off-by: Mario Danic <mario@lovelyhq.com>	2017-11-09 00:29:34 +01:00
Julius Härtl	cd1bfea8c4	Theming: theme flow redirection page Signed-off-by: Julius Härtl <jus@bitgrid.net>	2017-11-08 14:56:32 +01:00
Morris Jobke	31c5c2a592	Change @georgehrke's email Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2017-11-06 20:38:59 +01:00
Morris Jobke	0eebff152a	Update license headers Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2017-11-06 16:56:19 +01:00
Roeland Jago Douma	6ce095b166	Add 204 endpoint Fixes #6967 This allows clients to check for Walled Garden connections. The endpoint just responds with a 204 (which is very unlikely with such a connection) Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2017-11-02 10:30:16 +01:00
Arthur Schiwon	25aad121e6	meanwhile we can have exact matches. also show those. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-10-31 14:58:48 +01:00
Arthur Schiwon	ca72c0150b	configurable amount of autocomplete results in comments Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-10-27 13:50:38 +02:00
Arthur Schiwon	fa2f03979b	add search parameter to autocomplete controller Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-10-25 17:26:50 +02:00
Arthur Schiwon	fd6daf8d19	AutoCompletion backend * introduce a Controller for requests * introduce result sorting mechanism * extend Comments to retrieve commentors (actors) in a tree * add commenters sorter * add share recipients sorter Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>	2017-10-22 14:13:32 +02:00
Joas Schilling	3119fd41ce	Set the data from the template Signed-off-by: Joas Schilling <coding@schilljs.com>	2017-10-18 15:12:03 +02:00
Joas Schilling	8b37fe7f65	Set the subject with the email template to allow theming Signed-off-by: Joas Schilling <coding@schilljs.com>	2017-10-18 15:12:03 +02:00
Lukas Reschke	8ad17a66d6	Exclude avatar from Same-Site Cookie requirement Required to work with the upcoming Collabora avatar integration. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2017-10-11 14:41:34 +02:00
Lukas Reschke	0bccd5a0d9	Fix "Uninitialized string offset: 0 at \/media\/psf\/stable9\/lib\/private\/URLGenerator.php#224" The URLGenerator doesn't support `` as target for absolute URLs, we need to link to `/` thus. Regression introduced with `46229a00f3` Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2017-09-07 08:34:02 +02:00
Morris Jobke	504c1abee0	Fix undefined index oauthState Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2017-09-06 16:38:24 +02:00
Morris Jobke	15cd21d252	Merge pull request #6358 from nextcloud/fix-mixup-of-id-and-name Set the meta data before everything	2017-09-05 16:08:57 +02:00
Joas Schilling	6dbb64c4a2	Merge setMetaData into constructor This ensures that the meta data is set in the beginning Signed-off-by: Joas Schilling <coding@schilljs.com>	2017-09-04 15:07:41 +02:00
Morris Jobke	30ca3b70ed	Merge pull request #6196 from nextcloud/downstream-26539-2 Handle invalid ext storage backend to keep mount point visible	2017-09-04 14:17:28 +02:00
Morris Jobke	0326c2c54f	Fix broken tests Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2017-09-04 14:17:03 +02:00
Julius Härtl	46229a00f3	Add rich link preview to the login page Signed-off-by: Julius Härtl <jus@bitgrid.net>	2017-09-02 21:39:38 +02:00
Joas Schilling	0aff1c9268	Return the user id in case of an error Signed-off-by: Joas Schilling <coding@schilljs.com>	2017-08-29 11:10:30 +02:00
Morris Jobke	2bf15eda26	Merge pull request #6255 from nextcloud/email-meta-data Add meta information to emails for better customisation	2017-08-26 18:53:52 +02:00
Morris Jobke	0b652648cc	Merge pull request #6177 from nextcloud/properly-add-slo-url Properly allow \OCP\Authentication\IApacheBackend to specify logout URL	2017-08-26 18:50:52 +02:00
Christoph Wurst	6676232a56	Allow 2FA providers to specify their custom CSP Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2017-08-26 13:48:08 +02:00
Joas Schilling	6a130d01e7	Also for reset password Signed-off-by: Joas Schilling <coding@schilljs.com>	2017-08-24 18:02:37 +02:00
Lukas Reschke	2e4cd44556	Inject \OCP\IURLGenerator to make tests work Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2017-08-18 15:32:40 +02:00
Joas Schilling	d5c6d56170	No password reset for disabled users Signed-off-by: Joas Schilling <coding@schilljs.com>	2017-08-18 13:21:53 +02:00
Lukas Reschke	a04feff9a7	Properly allow \OCP\Authentication\IApacheBackend to specify logout URL Any `\OCP\Authentication\IApacheBackend` previously had to implement `getLogoutAttribute` which returns a string. This string is directly injected into the logout `<a>` tag, so returning something like `href="foo"` would result in `<a href="foo">`. This is rather error prone and also in Nextcloud 12 broken as the logout entry has been moved with `054e161eb5` inside the navigation manager where one cannot simply inject attributes. Thus this feature is broken in Nextcloud 12 which effectively leads to the bug described at nextcloud/user_saml#112, people cannot logout anymore when using SAML using SLO. Basically in case of SAML you have a SLO url which redirects you to the IdP and properly logs you out there as well. Instead of monkey patching the Navigation manager I decided to instead change `\OCP\Authentication\IApacheBackend` to use `\OCP\Authentication\IApacheBackend::getLogoutUrl` instead where it can return a string with the appropriate logout URL. Since this functionality is only prominently used in the SAML plugin. Any custom app would need a small change but I'm not aware of any and there's simply no way to fix this properly otherwise. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2017-08-18 12:22:44 +02:00
Morris Jobke	84c22fdeef	Merge pull request #5907 from nextcloud/add-metadata-to-throttle-call Add metadata to \OCP\AppFramework\Http\Response::throttle	2017-08-01 14:43:47 +02:00
Roeland Jago Douma	75771a108b	Fix OCSController Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2017-08-01 08:20:15 +02:00
Roeland Jago Douma	e945f2bc3a	Fix ContactsMenuController Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2017-08-01 08:20:15 +02:00
Roeland Jago Douma	aa6d8fcdbf	Fix AvatarController Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2017-08-01 08:20:15 +02:00
Lukas Reschke	f22ab3e665	Add metadata to \OCP\AppFramework\Http\Response::throttle Fixes https://github.com/nextcloud/server/issues/5891 Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2017-07-27 14:17:45 +02:00
Morris Jobke	188b87e03b	Cleanup legacy user class from unused methods Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2017-07-24 12:17:53 +02:00
Julius Härtl	51a0741005	Add public capabilities API Signed-off-by: Julius Härtl <jus@bitgrid.net>	2017-06-30 11:08:04 +02:00
Lukas Reschke	2f87fb6b45	Add Clear-Site-Data header This adds a Clear-Site-Data header to the logout response which will delete all relevant data in the caches which may contain potentially sensitive content. See https://w3c.github.io/webappsec-clear-site-data/#header for the definition of the types. Ref https://twitter.com/mikewest/status/877149667909406723 Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	2017-06-20 19:46:10 +02:00

1 2 3 4 5

224 Commits