nextcloud

Tree: f01754a389

Author	SHA1	Message	Date
Morris Jobke	0eebff152a	Update license headers Signed-off-by: Morris Jobke <hey@morrisjobke.de>	6 years ago
Christoph Wurst	6676232a56	Allow 2FA providers to specify their custom CSP Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	6 years ago
Lukas Reschke	2e4cd44556	Inject \OCP\IURLGenerator to make tests work Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	7 years ago
Lukas Reschke	a04feff9a7	Properly allow \OCP\Authentication\IApacheBackend to specify logout URL Any `\OCP\Authentication\IApacheBackend` previously had to implement `getLogoutAttribute` which returns a string. This string is directly injected into the logout `<a>` tag, so returning something like `href="foo"` would result in `<a href="foo">`. This is rather error prone and also in Nextcloud 12 broken as the logout entry has been moved with `054e161eb5` inside the navigation manager where one cannot simply inject attributes. Thus this feature is broken in Nextcloud 12 which effectively leads to the bug described at nextcloud/user_saml#112, people cannot logout anymore when using SAML using SLO. Basically in case of SAML you have a SLO url which redirects you to the IdP and properly logs you out there as well. Instead of monkey patching the Navigation manager I decided to instead change `\OCP\Authentication\IApacheBackend` to use `\OCP\Authentication\IApacheBackend::getLogoutUrl` instead where it can return a string with the appropriate logout URL. Since this functionality is only prominently used in the SAML plugin. Any custom app would need a small change but I'm not aware of any and there's simply no way to fix this properly otherwise. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	7 years ago
Lukas Reschke	c1b8f152d8	Add rate limit to TOTP solve challenge controller Fixes https://github.com/nextcloud/server/issues/2626 Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	7 years ago
Christoph Wurst	243c9c0941	fix coding style and increase code coverage Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	7 years ago
Cornelius Kölbel	e077e01bf2	Add a TwoFactorException A Two Factor third party App may throw a TwoFactorException() with a more detailed error message in case the authentication fails. The 2FA Controller will then display the message of this Exception to the user. Working on #26593 Signed-off-by: Lukas Reschke <lukas@statuscode.ch>	7 years ago
Christoph Wurst	eff904473d	Set redirect_url on 2FA challenge page Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	7 years ago
Christoph Wurst	8acb734854	add 2fa backup codes app * add backup codes app unit tests * add integration tests for the backup codes app	7 years ago
Christoph Wurst	0a0c7a9b92	redirect to default app after solving the 2FA challenge	7 years ago
Roeland Jago Douma	f6423f74e3	Minor cleanup in core Controllers	7 years ago
Joas Schilling	ba87db3fcc	Fix others	8 years ago
blizzz	51fd2602a7	Revert "Downstream 2016-06-08"	8 years ago
Joas Schilling	7f88645eab	Allow to cancel 2FA after login	8 years ago
Joas Schilling	3e3b326c85	Allow to cancel 2FA after login	8 years ago
Christoph Wurst	5e71d23ded	remember redirect_url when solving the 2FA challenge	8 years ago
Lukas Reschke	aba539703c	Update license headers	8 years ago
Christoph Wurst	ad10485cec	when generating browser/device token, save the login name for later password checks	8 years ago
Christoph Wurst	dfb4d426c2	Add two factor auth to core	8 years ago

18 Commits (f01754a389cf30cbebd391f812e46548dc062cc2)