nextcloud

Commit Graph

Author	SHA1	Message	Date
Morris Jobke	725fecee34	Merge pull request #21344 from nextcloud/fix/twofactor-cleanup-event Emit an event for every disabled 2FA provider during cleanup	2020-08-13 07:25:01 +02:00
Roeland Jago Douma	884f3d009a	Discourage webauthn user interaction Else people might have the feeling this is also doing 2FA. And since it is only prefered it can be ignored and hacked around. Once we have proper 2FA with webauthn in one go this probably needs to be revisted. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-07-16 21:10:07 +02:00
Christoph Wurst	68794ebc92	Emit an event for every disabled 2FA provider during cleanup Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-06-16 14:38:33 +02:00
Christoph Wurst	3474afa938	Clean up auth tokens when user is deleted Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-06-15 19:24:04 +02:00
Christoph Wurst	2006a6dd0e	Improve traces of invalid token exceptions Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-05-27 09:21:47 +02:00
Roeland Jago Douma	f4ac9ffa2c	Remember the webauthn name of devices Fixes #20289 we should not reset to default once we have logged in with the device. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-05-07 16:13:19 +02:00
Christoph Wurst	cb057829f7	Update license headers for 19 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-29 11:57:22 +02:00
Julius Härtl	2eadf9d567	Do not create remember me cookie Signed-off-by: Julius Härtl <jus@bitgrid.net>	2020-04-23 19:12:54 +02:00
Christoph Wurst	28f8eb5dba	Add visibility to all constants Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 16:54:27 +02:00
Christoph Wurst	1584c9ae9c	Add visibility to all methods and position of static keyword Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 16:51:06 +02:00
Christoph Wurst	caff1023ea	Format control structures, classes, methods and function To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 14:19:56 +02:00
Christoph Wurst	14c996d982	Use elseif instead of else if Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-10 10:35:09 +02:00
Christoph Wurst	afbd9c4e6e	Unify function spacing to PSR2 recommendation Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 13:54:22 +02:00
Christoph Wurst	2a529e453a	Use a blank line after the opening tag Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 11:50:14 +02:00
Christoph Wurst	41b5e5923a	Use exactly one empty line after the namespace declaration For PSR2 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 11:48:10 +02:00
Christoph Wurst	2fbad1ed72	Fix (array) indent style to always use one tab Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-09 10:16:08 +02:00
Christoph Wurst	85e369cddb	Fix multiline comments Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-04-08 22:24:54 +02:00
Roeland Jago Douma	19ca921676	Merge pull request #20241 from nextcloud/fix/license-headers-19 Update the license headers for Nextcloud 19	2020-04-01 12:44:21 +02:00
Roeland Jago Douma	590849e4d7	Merge pull request #19858 from nextcloud/feature/webauthn Add WebAuthn support	2020-03-31 22:55:13 +02:00
Roeland Jago Douma	53db05a1f6	Start with webauthn Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> Signed-off-by: npmbuildbot[bot] <npmbuildbot[bot]@users.noreply.github.com>	2020-03-31 22:17:07 +02:00
Roeland Jago Douma	f04f34b94b	Make password nullable in LoginData Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-03-31 21:52:01 +02:00
Roeland Jago Douma	84f3d2ddeb	[POC] Event for failed login attempts Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2020-03-31 21:41:02 +02:00
Christoph Wurst	1a9330cd69	Update the license headers for Nextcloud 19 Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-03-31 14:52:54 +02:00
Christoph Wurst	74936c49ea	Remove unused imports Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-03-25 22:08:08 +01:00
Roeland Jago Douma	3b26bfe879	Merge pull request #20127 from nextcloud/bugfix/noid/check-user-on-remote-wipe Check the user on remote wipe	2020-03-24 20:26:52 +01:00
Joas Schilling	dc7913efcd	Fix recursive calls in logging via server methods Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-03-18 18:59:49 +01:00
Joas Schilling	9935c71ec3	Check the user on remote wipe Signed-off-by: Joas Schilling <coding@schilljs.com>	2020-03-16 09:29:28 +01:00
Christoph Wurst	1f7cb027a4	Merge pull request #19820 from nextcloud/fix/mismatching-docblock-return-type Fix mismatching docblock return types	2020-03-09 17:43:17 +01:00
Christoph Wurst	df9e2b828a	Fix mismatching docblock return types Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-03-06 16:38:25 +01:00
Christoph Wurst	5fc4c91a76	Fix mismatching doc block parameter types Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-03-06 16:28:42 +01:00
Christoph Wurst	6127c288e8	Fix license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-01-13 14:23:49 +01:00
Christoph Wurst	60d4b45e89	Clean up 2FA provider registry when a user is deleted Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2020-01-08 10:51:44 +01:00
Christoph Wurst	5bf3d1bb38	Update license headers Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2019-12-05 15:38:45 +01:00
Roeland Jago Douma	b371e735cf	Throw an invalid token exception is token is marked outdated This avoids hitting the backend with multiple requests for the same token. And will help avoid quick LDAP lockouts. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-12-02 18:57:13 +01:00
Christoph Wurst	0299ea0a96	Handle token insert conflicts Env-based SAML uses the "Apache auth" mechanism to log users in. In this code path, we first delete all existin auth tokens from the database, before a new one is inserted. This is problematic for concurrent requests as they might reach the same code at the same time, hence both trying to insert a new row wit the same token (the session ID). This also bubbles up and disables user_saml. As the token might still be OK (both request will insert the same data), we can actually just check if the UIDs of the conflict row is the same as the one we want to insert right now. In that case let's just use the existing entry and carry on. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2019-11-26 12:07:12 +01:00
Christoph Wurst	128a460d7b	Add return type hint to credential store and make it strict Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2019-11-25 15:59:55 +01:00
Roeland Jago Douma	68748d4f85	Some php-cs fixes * Order the imports * No leading slash on imports * Empty line before namespace * One line per import * Empty after imports * Emmpty line at bottom of file Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-11-22 20:52:10 +01:00
Roeland Jago Douma	5122629bb0	Make renewSessionToken return the new token Avoids directly getting the token again. We just inserted it so it and have all the info. So that query is just a waste. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-10-09 10:10:37 +02:00
Roeland Jago Douma	3fccc7dc47	Cache the public key tokens Sometimes (esp with token auth) we query the same token multiple times. While this is properly indexed and fast it is still a bit of a waste. Right now it is doing very stupid caching. Which gets invalidate on any update. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-10-08 13:57:36 +02:00
Roeland Jago Douma	210a0554a2	Use the actual password to update the tokens Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-09-18 19:50:58 +02:00
Daniel Kesselberg	ee76b0fbd2	Add uid to delete temp token query Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2019-09-18 16:52:42 +02:00
Christoph Wurst	a1ef939c06	Use Symfony's new contract Event class instead of the deprecated one Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2019-09-12 14:44:55 +02:00
Daniel Kesselberg	608f4d3ee9	Pass $configargs to openssl_pkey_export Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2019-07-21 22:21:59 +02:00
Morris Jobke	4ae17427c5	Error with exception on SSL error Signed-off-by: Morris Jobke <hey@morrisjobke.de>	2019-07-18 18:50:44 +02:00
Joas Schilling	565838da9c	Update unit tests Signed-off-by: Joas Schilling <coding@schilljs.com>	2019-07-16 13:32:44 +02:00
Joas Schilling	64f67818bc	Fix new core notifier Signed-off-by: Joas Schilling <coding@schilljs.com>	2019-07-15 15:14:58 +02:00
Christoph Wurst	d058ef2b6c	Make it possible to wipe all tokens/devices of a user Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2019-07-09 13:57:04 +02:00
Christoph Wurst	1c261675ad	Refactor: move remote wipe token logic to RW service Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2019-07-09 13:39:27 +02:00
Christoph Wurst	c50fe2a9c9	Send emails when remote wipe starts/finishes Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2019-07-02 21:59:23 +02:00
Christoph Wurst	aa6622ccef	Decouple remote wipe notifcation channels with events Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2019-06-27 17:16:18 +02:00

1 2 3 4

177 Commits