Roeland Jago Douma
50862aadfd
Move OAuth down in admin security settings
...
For #16076
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-06-28 11:43:23 +02:00
Roeland Jago Douma
21d542f953
Use the proper names when setting entity types
...
Else this does 💥
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-04-18 21:10:52 +02:00
Roeland Jago Douma
eb407565b0
OAuth2 client identifier must be unique
...
Fixes #12981
This is highly unlikely to happen. But better to enforce it on the DB
level as well!
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-07 13:51:59 +01:00
Roeland Jago Douma
d7223ebf4d
OAuth2: Move to migrations
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-12-10 13:23:58 +01:00
Roeland Jago Douma
b9ac258870
Strict controllers
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-12-07 13:43:22 +01:00
Roeland Jago Douma
a478945767
Strict repair step
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-12-07 13:40:43 +01:00
Roeland Jago Douma
e22645136c
Strict Exceptions
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-12-07 13:39:51 +01:00
Roeland Jago Douma
a670a9e443
Move OAuth2 db code to QBMapper and make it strict
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-12-07 09:13:16 +01:00
Roeland Jago Douma
1e6711305a
Fail gracefull if an unkown oauth2 client tries to authenticate
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-12-06 21:14:34 +01:00
Roeland Jago Douma
674930da7f
Move ExpiredTokenException to the correct namespace
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 19:30:45 +01:00
Roeland Jago Douma
75456b057d
Reset bruteforce on token refresh OAuth
...
When using atoken obtained via OAuth the token expires. Resulting in
brute force attempts hitting the requesting IP.
This resets the brute force attempts for that UID on a valid refresh of
the token.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 11:21:27 +01:00
Patrik Kernstock
8f9fa9ee13
Remove filter_var flags due to PHP 7.3 deprecation, fixes #10894
...
Signed-off-by: Patrik Kernstock <info@pkern.at>
2018-09-04 00:58:44 +02:00
rakekniven
8370111cf4
Update SettingsController.php
...
Grammar fix. Uppercase URL
See https://www.transifex.com/nextcloud/nextcloud/translate/#de/$/146983238?q=issue%3Aopen
2018-06-30 08:49:44 +02:00
Roeland Jago Douma
555de27567
Validate OAuth2 redirect uri
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-26 16:15:53 +02:00
Roeland Jago Douma
27259ea2a2
Fix AdminTests
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-19 11:42:41 +02:00
Roeland Jago Douma
1ccb36a0f1
Cleanup Controller
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-19 11:42:41 +02:00
Roeland Jago Douma
d2d1e8e375
Migrate OAuth Admin settings to vue
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-19 11:42:41 +02:00
Roeland Jago Douma
3556e78c25
The OAuth endpoint needs to support Basic Auth
...
* Add test
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-29 15:17:54 +02:00
Roeland Jago Douma
5a97148863
Don't use special chars to avoid confusion
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-22 09:24:17 +02:00
Roeland Jago Douma
f7ecec855b
Rotate token
...
On a refresh token request:
* rorate
* reset expire
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-22 09:24:17 +02:00
Roeland Jago Douma
c28b25c4f0
Authenticate the clients on requesting a token
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-22 09:24:17 +02:00
Roeland Jago Douma
4e3aef22a1
Fail if the response type is not properly set
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-22 09:24:17 +02:00
Roeland Jago Douma
49795d2006
Set OAuth token expiration
...
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-22 09:24:17 +02:00
Lukas Reschke
df3909a7c3
Use Bearer backend for SabreDAV
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:10 +02:00
Lukas Reschke
691646bdae
Add tests for OAuth2 app
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:10 +02:00
Lukas Reschke
b07a0f51ba
Add OAuth state to session
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:08 +02:00
Lukas Reschke
88afd8b224
Cleanup code
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:08 +02:00
Bjoern Schiessle
1eb7f4956b
delete auth token when client gets deleted
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-05-18 20:49:07 +02:00
Bjoern Schiessle
1a8965b488
handle case if no valid client identifier is given
...
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-05-18 20:49:06 +02:00
Lukas Reschke
4b4d3bb1c2
It's a bearer
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:05 +02:00
Lukas Reschke
1470ec95ca
Fetch signle row
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:05 +02:00
Lukas Reschke
0a2b57c93f
Get a single row
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:04 +02:00
Lukas Reschke
a5ddd65c10
Use query builder
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:03 +02:00
Lukas Reschke
5f71805c35
Add basic implementation for OAuth 2.0 Authorization Code Flow
...
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:03 +02:00