Apps like 'rainloop' use \OCP\Util::isLoggedIn() to check whether the
current request is authenticated. Since we redirected to the index
page before, it resulted in an infinite redirection loop. This change
sets the redirection URL to the 2FA selection page, which is the only
allowed page in that authentication state.
Fixes https://github.com/nextcloud/server/issues/3702
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Added the system config which sets all conditions to true that query the
FrontControllerActive mod_env variable.
Signed-off-by: Felix A. Epp <work@felixepp.de>
If the session is cleared and closed for whatever reason the loadVersion
will write to the session anyways. This will lead to an exception.
This should fix#1303
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Right now a failed "copyr" will result in the error log being spammed with not really helpful error messages. Also situations such as `$dir` returning `false` are not really caught.
This adds more error handling and logging to make debugging such situations easier.
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
This fixes infinite loops that are caused whenever a user is about to solve a 2FA
challenge, but the provider app is disabled at the same time. Since the session
value usually indicates that the challenge needs to be solved before we grant access
we have to remove that value instead in this special case.
mb_detect_encoding is in the fallback we ship in the polyfill library, mb_strcut is not. Thus this lead to a false positive and ownCloud would just break.
* Add InvalidTokenException
* add DefaultTokenMapper and use it to check if a auth token exists
* create new token for the browser session if none exists
hash stored token; save user agent
* encrypt login password when creating the token
As discussed we move all old style classes (OC_FOO_BAR) to legacy.
Then from there we can evaluate the need to convert them back or if they
can be fully deprecated/deleted.
Christoph Wurst
Morris Jobke
Sebastian Wessalowski
Felix Epp
Roeland Jago Douma
Thomas Müller
Lukas Reschke
RealRancor
Joas Schilling
Joas Schilling
Robin Appelman
Vincent Petry
Jörn Friedrich Dreyer
Lukas Reschke
Christoph Wurst
Christoph Wurst
Roeland Jago Douma