aboutsummaryrefslogtreecommitdiffstats
path: root/apps/oauth2/lib/Controller/OauthApiController.php
Commit message (Collapse)AuthorAgeFilesLines
* refactor(OpenAPI): Adjust scopes to match previous behaviorprovokateurin2025-01-061-0/+2
| | | | Signed-off-by: provokateurin <kate@provokateurin.de>
* chore(deps): Update nextcloud/coding-standard to v1.3.1provokateurin2024-09-191-1/+1
| | | | Signed-off-by: provokateurin <kate@provokateurin.de>
* fix(oauth2): store hashed secret instead of encryptedJulien Veyssier2024-09-021-2/+3
| | | | Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
* refactor(oauth2): Replace security annotations with respective attributesprovokateurin2024-07-291-4/+6
| | | | Signed-off-by: provokateurin <kate@provokateurin.de>
* chore: Add SPDX headerAndy Scherzinger2024-05-311-22/+2
| | | | Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
* Always catch OCP versions of authentication exceptionsCôme Chilliet2024-01-111-2/+2
| | | | | | And always throw OC versions for BC Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* adjust phpdoc types in OauthApiControllerJulien Veyssier2023-10-051-4/+4
| | | | Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
* rename oauth2_access_token's created_at to code_created_atJulien Veyssier2023-10-051-3/+3
| | | | Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
* delete oauth access token when receiving a code that has expiredJulien Veyssier2023-10-051-0/+3
| | | | Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
* refuse oauth authorization code if a token has already been delivered ↵Julien Veyssier2023-10-051-1/+11
| | | | | | (active token) Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
* cleanup access tokens that are still in authorization state and that have ↵Julien Veyssier2023-10-051-0/+5
| | | | | | expired Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
* add tests for oauth2 authorization code expirationJulien Veyssier2023-10-051-1/+1
| | | | Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
* make oauth2 authorization code expire after 10 minutesJulien Veyssier2023-10-051-6/+28
| | | | Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
* techdebt(DI): Use public IThrottler interface which exists since Nextcloud 25Joas Schilling2023-08-281-2/+2
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* oauth2: Add OpenAPI specjld31032023-07-121-6/+12
| | | | Signed-off-by: jld3103 <jld3103yt@gmail.com>
* add bruteforce protection in OauthApiControllerJulien Veyssier2023-06-191-5/+17
| | | | Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
* encrypt oauth2 client secretsJulien Veyssier2023-06-071-32/+23
| | | | Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
* Fix typos in apps/ subdirectoryluz paz2022-09-051-1/+1
| | | | | | | Found via `codespell -q 3 -S l10n,./apps/files_external/3rdparty -L adn,ba,boxs,keypair,jus,optionel,ressource,tabel ./apps/` Signed-off-by: luz paz <luzpaz@github.com> Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>
* Introduce ISecureRandom::CHAR_ALPHANUMERICJ0WI2021-07-081-2/+2
| | | | Signed-off-by: J0WI <J0WI@users.noreply.github.com>
* Update php licensesJohn Molakvoæ (skjnldsv)2021-06-041-2/+1
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Update license headers for 19Christoph Wurst2020-04-291-0/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Remove trailing and in between spacesChristoph Wurst2020-04-091-1/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Update license headersChristoph Wurst2019-12-051-1/+6
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Some php-cs fixesRoeland Jago Douma2019-11-221-1/+1
| | | | | | | | | | | * Order the imports * No leading slash on imports * Empty line before namespace * One line per import * Empty after imports * Emmpty line at bottom of file Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Strict controllersRoeland Jago Douma2018-12-071-13/+3
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Move ExpiredTokenException to the correct namespaceRoeland Jago Douma2018-10-301-1/+1
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Reset bruteforce on token refresh OAuthRoeland Jago Douma2018-10-301-1/+9
| | | | | | | | | | When using atoken obtained via OAuth the token expires. Resulting in brute force attempts hitting the requesting IP. This resets the brute force attempts for that UID on a valid refresh of the token. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* The OAuth endpoint needs to support Basic AuthRoeland Jago Douma2018-05-291-0/+5
| | | | | | * Add test Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Don't use special chars to avoid confusionRoeland Jago Douma2018-05-221-0/+7
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Rotate tokenRoeland Jago Douma2018-05-221-11/+43
| | | | | | | | On a refresh token request: * rorate * reset expire Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Authenticate the clients on requesting a tokenRoeland Jago Douma2018-05-221-2/+45
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Set OAuth token expirationRoeland Jago Douma2018-05-221-1/+3
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Cleanup codeLukas Reschke2017-05-181-1/+1
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* It's a bearerLukas Reschke2017-05-181-1/+1
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Add basic implementation for OAuth 2.0 Authorization Code FlowLukas Reschke2017-05-181-0/+88
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-14 09:25:06 +0000