aboutsummaryrefslogtreecommitdiffstats
path: root/apps/oauth2/lib/Controller/OauthApiController.php
Commit message (Collapse)AuthorAgeFilesLines
* oauth2: Add OpenAPI specjld31032023-07-121-6/+12
| | | | Signed-off-by: jld3103 <jld3103yt@gmail.com>
* add bruteforce protection in OauthApiControllerJulien Veyssier2023-06-191-5/+17
| | | | Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
* encrypt oauth2 client secretsJulien Veyssier2023-06-071-32/+23
| | | | Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
* Fix typos in apps/ subdirectoryluz paz2022-09-051-1/+1
| | | | | | | Found via `codespell -q 3 -S l10n,./apps/files_external/3rdparty -L adn,ba,boxs,keypair,jus,optionel,ressource,tabel ./apps/` Signed-off-by: luz paz <luzpaz@github.com> Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>
* Introduce ISecureRandom::CHAR_ALPHANUMERICJ0WI2021-07-081-2/+2
| | | | Signed-off-by: J0WI <J0WI@users.noreply.github.com>
* Update php licensesJohn Molakvoæ (skjnldsv)2021-06-041-2/+1
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Update license headers for 19Christoph Wurst2020-04-291-0/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Remove trailing and in between spacesChristoph Wurst2020-04-091-1/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Update license headersChristoph Wurst2019-12-051-1/+6
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Some php-cs fixesRoeland Jago Douma2019-11-221-1/+1
| | | | | | | | | | | * Order the imports * No leading slash on imports * Empty line before namespace * One line per import * Empty after imports * Emmpty line at bottom of file Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Strict controllersRoeland Jago Douma2018-12-071-13/+3
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Move ExpiredTokenException to the correct namespaceRoeland Jago Douma2018-10-301-1/+1
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Reset bruteforce on token refresh OAuthRoeland Jago Douma2018-10-301-1/+9
| | | | | | | | | | When using atoken obtained via OAuth the token expires. Resulting in brute force attempts hitting the requesting IP. This resets the brute force attempts for that UID on a valid refresh of the token. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* The OAuth endpoint needs to support Basic AuthRoeland Jago Douma2018-05-291-0/+5
| | | | | | * Add test Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Don't use special chars to avoid confusionRoeland Jago Douma2018-05-221-0/+7
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Rotate tokenRoeland Jago Douma2018-05-221-11/+43
| | | | | | | | On a refresh token request: * rorate * reset expire Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Authenticate the clients on requesting a tokenRoeland Jago Douma2018-05-221-2/+45
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Set OAuth token expirationRoeland Jago Douma2018-05-221-1/+3
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Cleanup codeLukas Reschke2017-05-181-1/+1
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* It's a bearerLukas Reschke2017-05-181-1/+1
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Add basic implementation for OAuth 2.0 Authorization Code FlowLukas Reschke2017-05-181-0/+88
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>