Mirrors/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2024-08-16 14:12:54 +02:00
Code Issues Actions 27 Packages Projects Releases Wiki Activity
67,703 Commits 404 Branches 1,020 Tags 5.1 GiB
1ce8fc6b31
Commit Graph

41 Commits

Author SHA1 Message Date
Côme Chilliet
f5c361cf44
composer run cs:fix 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-01-20 11:45:08 +01:00
Christoph Wurst
8aea25b5b9
Add remote host validation API 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2022-10-31 16:13:28 +01:00
Joas Schilling
c0f47af2d0
Add a public interface for the bruteforce throttler and register for injection 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2022-07-28 10:57:10 +02:00
Joas Schilling
c42f5bc5f6
Add an OCP for trusted domain helper 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2021-10-28 10:24:16 +02:00
Arthur Schiwon
0dee717c94
Confirm mails only per POST 
- this is to avoid automatic confirmation by certain softwares that open
  links

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2021-09-09 19:23:04 +02:00
Arthur Schiwon
a20de15b43
add a job to clean up expired verification tokens 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2021-09-09 14:03:35 +02:00
Arthur Schiwon
19cc757531
move verification token logic out of lost password controller 
- to make it reusable
- needed for local email verification

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2021-09-09 14:03:29 +02:00
J0WI
3b656446af Introduce ISecureRandom::CHAR_ALPHANUMERIC 
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
 2021-07-08 15:11:31 +02:00
John Molakvoæ (skjnldsv)
215aef3cbd
Update php licenses 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
 2021-06-04 22:02:41 +02:00
J0WI
ca7b37ce5a Make Security module strict 
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
 2021-04-19 17:31:12 +02:00
Roeland Jago Douma
b5e9f7e846
Merge pull request #22432 from nextcloud/enh/phpdoc 
Add php docs build script
 2020-08-26 21:18:11 +02:00
Julius Härtl
45a474071e
Remove @package annotations from public namespace 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2020-08-26 16:59:40 +02:00
Christoph Wurst
2a054e6c04
Update the license headers for Nextcloud 20 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-08-24 14:54:25 +02:00
Joas Schilling
35a8519591
Fix CS 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-08-19 11:20:36 +02:00
Joas Schilling
e66bc4a8a7
Send "429 Too Many Requests" in case of brute force protection 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2020-08-19 11:20:35 +02:00
Morris Jobke
782a2df392
Add PHP doc for events 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2020-08-10 14:24:24 +02:00
Christoph Wurst
cb057829f7
Update license headers for 19 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-29 11:57:22 +02:00
Arthur Schiwon
5437844b7e
fix credentialsManager documentation and ensure userId to be used as string 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2020-04-15 19:34:23 +02:00
Christoph Wurst
28f8eb5dba
Add visibility to all constants 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-10 16:54:27 +02:00
Christoph Wurst
caff1023ea
Format control structures, classes, methods and function 
To continue this formatting madness, here's a tiny patch that adds
unified formatting for control structures like if and loops as well as
classes, their methods and anonymous functions. This basically forces
the constructs to start on the same line. This is not exactly what PSR2
wants, but I think we can have a few exceptions with "our" style. The
starting of braces on the same line is pracrically standard for our
code.

This also removes and empty lines from method/function bodies at the
beginning and end.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-10 14:19:56 +02:00
Christoph Wurst
a8a06a82d2
Remove trailing whitespaces from comments 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-09 16:09:23 +02:00
Christoph Wurst
41b5e5923a
Use exactly one empty line after the namespace declaration 
For PSR2

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-09 11:48:10 +02:00
Christoph Wurst
5bf3d1bb38
Update license headers 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2019-12-05 15:38:45 +01:00
Christoph Wurst
1a886b1472
Add typed events for password_policy 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2019-11-27 09:56:12 +01:00
Christoph Wurst
a1ef939c06
Use Symfony's new contract Event class instead of the deprecated one 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2019-09-12 14:44:55 +02:00
Roeland Jago Douma
b8c5008acf
Add feature policy header 
This adds the events and the classes to modify the feature policy.
It also adds a default restricted feature policy.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-08-10 14:26:22 +02:00
Roeland Jago Douma
5ac857bcdc
Add an event to edit the CSP 
This introduces and event that can be listend to when we actually use
the CSP. This means that apps no longer have to always inject their CSP
but only do so when it is required. Yay for being lazy.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-07-08 20:35:15 +02:00
Roeland Jago Douma
767679ccf4
Remove deprecatred StringUtils class 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-05-28 22:20:23 +02:00
Morris Jobke
798b267d49
Do not use spaces in generated passwords 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2019-04-15 16:29:52 +02:00
Roeland Jago Douma
372f3d2a60
Remove deprecated functions from SecureRandom 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-12-07 19:33:32 +01:00
Roeland Jago Douma
be5c050acc
Throw exception if decryption fails 
For #11868

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-11-14 12:47:35 +01:00
Roeland Jago Douma
0e0db37658
Make OCP\Security stricter 
* Add typehints
* Add return types
* Opcode opts from phpstorm
* Made strict
* Fixed tests: No need to test bogus values anymore strict typing fixes
this

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-01-16 22:01:19 +01:00
Roeland Jago Douma
6e1ee1e7a7
Fix tests 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-01-14 21:04:52 +01:00
Roeland Jago Douma
de5d7aa331
Strict ISecure random 
* Declare strict
* Scalar arguments
* Return type
* Use fully qualified name for strlen

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-01-13 21:39:34 +01:00
Morris Jobke
ca28df6fcc
Adds type hinting for scalar types in ICrypto->decrypt 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2018-01-13 00:06:03 +01:00
Morris Jobke
0eebff152a
Update license headers 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2017-11-06 16:56:19 +01:00
Roeland Jago Douma
361d2badd8
Some phpstorm inspection fixes 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-07-22 21:10:16 +02:00
Fabrizio Steiner
f2a2b34e46 Increase device password entropy. Use lower- and upper-case characters and digits, but exclude ambiguous characters. The number of digits has also been increased to 25. 
Signed-off-by: Fabrizio Steiner <fabrizio.steiner@gmail.com>
 2017-05-08 14:04:40 +02:00
Joas Schilling
ba87db3fcc
Fix others 2016-07-21 18:13:57 +02:00
Lukas Reschke
aba539703c
Update license headers 2016-05-26 19:57:24 +02:00
Roeland Jago Douma
f67f888d50
Move \OCP\Security to PSR-4 2016-05-18 18:28:31 +02:00