Commit Graph

50 Commits

Author SHA1 Message Date
Roeland Jago Douma 3d17ab0936
Do not send notification if no active 2fa
If the job is still present we should also not fire it off if there is
not a single active 2FA provider.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-03-05 20:21:37 +01:00
Roeland Jago Douma 1c29a01956
Clear backupcodes reminder if no 2FA is enabled
Fixes #14125

Listen to 2FA disable event. If a provider is disabled for a user. We
check if there are no more providers. If there are no more providers we
Remove the backupcode reminder notification (if still present).

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-03-05 20:14:16 +01:00
Joas Schilling 01f4506dad
Add a link to the notification to create the backup codes
Signed-off-by: Joas Schilling <coding@schilljs.com>
2019-02-11 15:32:34 +01:00
Christoph Wurst 0e6cb988a1
Add a key parameter to the new initial state API
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2019-01-30 16:08:08 +01:00
Roeland Jago Douma f30877ea7c
Provide initial state
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-29 22:21:54 +01:00
Roeland Jago Douma 0971232050
Provide initial state for backupcodes in template
This saves a direct request to the server when loading the backup codes.
There is no need for this as the data is already known.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-15 20:45:42 +01:00
Roeland Jago Douma da7dd24378
Switch to OCP background jobs
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-14 20:09:12 +01:00
Roeland Jago Douma 49a4f2fd61
Switch to QBMapper
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2019-01-14 15:50:04 +01:00
Christoph Wurst 79a0ee4f4a
Consolidate personal two-factor provider settings
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-02 22:56:33 +02:00
Roeland Jago Douma 36bf522c8b
Add job to check users for backup code reminders
Now that we can enforce 2FA we also should notify users that have
enabled 2FA but do not yet have backup codes generated.

This adds a repair step that inserts a background job to do this.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 20:41:56 +02:00
Roeland Jago Douma c557314262
Clear notification to generate backup code once codes are generated
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-01 15:35:25 +02:00
Roeland Jago Douma 956fe1b867
Generate backups code notification if not enable but 2fa is
Generate a notification to generate backup codes if you enable an other
2FA provider but backup codes are not yet generated.

* Add event listner
* Insert background job
* Background job tests and emits notification every 2 weeks
* If the backup codes are generated the next run will remove the job

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-01 15:35:25 +02:00
Christoph Wurst 82748a482e
Fix backup codes column length to fix Argon2 hash values
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-21 06:53:37 +02:00
Christoph Wurst f8fe7488a5
Fix state propragation of the backup codes provider
Starting with Nextcloud 14, the server knows the enabled/disabled
state of 2fa providers. While it will query that information if it's
unknown (on first use), it won't notice any changes. Thus, providers
have to propagate that information themselves.

Ref https://github.com/nextcloud/twofactor_totp/pull/263
Ref https://github.com/nextcloud/twofactor_u2f/pull/210

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-01 21:21:30 +02:00
Roeland Jago Douma b52c935c09
Make 2FA backupcodes strict
* and follow the interface again

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-03-26 11:31:02 +02:00
Joas Schilling c2b1bd92d6
Merge pull request #8063 from nextcloud/inline-value
Return value immediately instead of assigning to a one-time variable
2018-01-26 10:15:39 +01:00
Morris Jobke 0a56d2185e
Return value immediately instead of assigning to a one-time variable
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-26 00:02:03 +01:00
Morris Jobke 870fe20acc
Use $var[] = $a instead of array_push - 2x faster
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-25 22:36:03 +01:00
Joas Schilling 4a5282ba21
Fix the type hints of migrations and correctly inject the wrapped schema into migrations
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-01-17 11:37:36 +01:00
Joas Schilling c65e591e88
Restore the sequencial order
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-29 11:10:57 +02:00
Joas Schilling c58ff2990e
Migrate the twofactor_backupcodes app to bigint
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-29 11:10:57 +02:00
Joas Schilling 55d9d24370
Fix database structure of twofactor backupcodes app to match 12
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-19 14:37:56 +02:00
Morris Jobke b4deba2078 Merge pull request #5483 from nextcloud/issue-5075-png-files-for-activity-emails
Use PNGs for icons in activity emails
2017-07-07 11:05:00 +02:00
Joas Schilling fe6e8c2710 Fix dropping tables and handle the prefix automatically
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-05 13:02:16 +02:00
Joas Schilling 543c181ec5 Move twofactor_backupcodes to migrations
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-05 13:02:16 +02:00
Arthur Schiwon 793de6a8d0
move encryption to security (and behind two factor things)
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-27 12:21:18 +02:00
Arthur Schiwon c5df6db631
move twofactor_* into security
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-23 13:18:08 +02:00
Arthur Schiwon f6ecc46cfa
adapt twofactore_backupcodes
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-23 12:38:05 +02:00
Joas Schilling 90fa27694a
Use PNG version of the icons for shipped activities
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-20 13:48:51 +02:00
Christoph Wurst 58683f11ac
Publish 2fa backup codes activities to the right stream
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-05-18 22:10:57 +02:00
Christoph Wurst 0928b5f621
Change 2FA activities to more generic security activities
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-05-18 22:10:57 +02:00
Joas Schilling 74a6a6c839 Add a update step that copies all the backup codes
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-15 15:41:45 -05:00
Joas Schilling 2dc79efb32 Rename the table to a valid name
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-15 15:41:45 -05:00
Joas Schilling cd79eb1b2c
Remove 2FA backup codes on user deletion
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-15 13:31:30 +02:00
Christoph Wurst d8b3fe460e
Hide 2FA backup codes if no other 2FA providers are enabled
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-05-02 14:40:44 +02:00
Christoph Wurst 85e4febc24 ignore code we're unable to test
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-18 17:53:58 +01:00
Christoph Wurst 3b4b49fa95 test activity provider
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-18 17:53:58 +01:00
Christoph Wurst 6726c98bbd
use constant and clean up unit test
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-16 13:14:15 +01:00
Christoph Wurst 3b76699c9c
Increase 2fa backup codes entropy
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-16 11:24:03 +01:00
Christoph Wurst 3f4ba2d15d
fix typo
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-12-19 15:01:23 +01:00
Christoph Wurst 5bad93472d
catch specific BadMethodCallException
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-12-19 12:01:32 +01:00
Christoph Wurst ed4017dfb4
fix minor issues
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-12-19 11:59:48 +01:00
Christoph Wurst 9300312046
push activity when backup codes are generated
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-12-19 11:59:47 +01:00
Christoph Wurst 7ae9442f3d
Publish, parse and filter 2FA activities
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-12-19 11:59:47 +01:00
Joas Schilling bc3da3a8f5
Remove IDb interface which was deprecated for 3 years already
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-14 11:42:16 +01:00
Joas Schilling 86aa6197b8
Require confirmation when generating backup codes
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-18 11:57:16 +01:00
Christoph Wurst f27b7fa8d1
Do not use underscores in PSR4 namespaces of the backup codes app
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-10-03 21:47:33 +02:00
Joas Schilling 6ac2b8d83f
Fix twofactor_backupcodes 2016-09-12 16:48:11 +02:00
Joas Schilling 60c22dd074
Fix more sniffing 2016-09-12 16:48:11 +02:00
Christoph Wurst 8acb734854
add 2fa backup codes app
* add backup codes app unit tests
* add integration tests for the backup codes app
2016-09-05 08:51:13 +02:00