aboutsummaryrefslogtreecommitdiffstats
path: root/core/Controller/ClientFlowLoginController.php
Commit message (Collapse)AuthorAgeFilesLines
* refactor(core): Replace security annotations with respective attributesprovokateurin2024-07-261-11/+9
| | | | Signed-off-by: provokateurin <kate@provokateurin.de>
* chore: Add SPDX headerAndy Scherzinger2024-05-271-29/+2
| | | | Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
* refactor(core): Switch to attribute based routingprovokateurin2024-02-211-0/+5
| | | | Signed-off-by: provokateurin <kate@provokateurin.de>
* refactor: Migrate IgnoreOpenAPI attributes to OpenAPIprovokateurin2024-01-181-2/+2
| | | | Signed-off-by: provokateurin <kate@provokateurin.de>
* Suppress or fix psalm errors related to InvalidTokenExceptionCôme Chilliet2024-01-111-2/+1
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Always catch OCP versions of authentication exceptionsCôme Chilliet2024-01-111-2/+3
| | | | | | And always throw OC versions for BC Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* chore: apply changes from Nextcloud coding standards 1.1.1Joas Schilling2023-11-231-3/+3
| | | | | Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
* rename oauth2_access_token's created_at to code_created_atJulien Veyssier2023-10-051-1/+1
| | | | Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
* make oauth2 authorization code expire after 10 minutesJulien Veyssier2023-10-051-0/+3
| | | | Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
* core: Add OpenAPI specjld31032023-07-131-0/+3
| | | | Signed-off-by: jld3103 <jld3103yt@gmail.com>
* Applies agreed-upon indentation convention to the changed controllers.Faraz Samapoor2023-06-051-13/+15
| | | | | | Based on https://github.com/nextcloud/server/pull/38636#discussion_r1218167753 Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
* Refactors controllers by using PHP8's constructor property promotion.Faraz Samapoor2023-06-041-34/+11
| | | | Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
* Refactors "strpos" calls in /core to improve code readability.Faraz Samapoor2023-06-021-2/+2
| | | | Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>
* feat(app-framework): Add UseSession attribute to replace annotationChristoph Wurst2023-01-271-3/+4
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Update core to PHP 7.4 standardCarl Schwan2022-05-201-57/+19
| | | | | | | - Typed properties - Port to LoggerInterface Signed-off-by: Carl Schwan <carl@carlschwan.eu>
* Show user account on grant loginflow stepJoas Schilling2022-05-131-0/+6
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Add direct arg to login flowVincent Petry2022-03-281-11/+6
| | | | | Signed-off-by: Vincent Petry <vincent@nextcloud.com> Co-Authored-by: Carl Schwan <carl@carlschwan.eu>
* Pass username prefill through unauthenticated request redirectsJulius Härtl2021-12-291-1/+2
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Update php licensesJohn Molakvoæ (skjnldsv)2021-06-041-2/+1
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Move app_password_created to a typed eventChristoph Wurst2021-02-091-7/+8
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Update the license headers for Nextcloud 20Christoph Wurst2020-08-241-0/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Make magic strings of ClientFlowLogin and v2 publicly availableJoas Schilling2020-07-171-6/+6
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Validate app password on alternative loginRoeland Jago Douma2020-05-071-0/+18
| | | | | | Fixes #20838 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Update license headers for 19Christoph Wurst2020-04-291-0/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Add visibility to all constantsChristoph Wurst2020-04-101-1/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Format control structures, classes, methods and functionChristoph Wurst2020-04-101-7/+7
| | | | | | | | | | | | | | | To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Use elseif instead of else ifChristoph Wurst2020-04-101-1/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Update license headersChristoph Wurst2019-12-051-2/+5
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Check getRedirectUri() for queriesRussellAult2019-11-131-3/+11
| | | | | | | | Resolves Issue #17885 Check getRedirectUri() for queries, and add a '&' instead of a '?' to $redirectUri if it already has them; otherwise, $redirectUri might end up with two '?'. Signed-off-by: RussellAult <russellault@users.noreply.github.com>
* fix oauth client redirectSergej Nikolaev2019-10-041-2/+10
| | | | Signed-off-by: Sergej Nikolaev <kinolaev@gmail.com>
* Fix login flow form actionsRoeland Jago Douma2019-08-111-2/+14
| | | | | | | | So fun fact. Chrome considers a redirect after submitting a form part of the form actions. Since we redirect to a new protocol (nc://login/). Causing the form submission to work but the redirect failing hard. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Emit event if app password createdDaniel Kesselberg2019-02-181-28/+9
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* Publish activity for app token created by client login flowDaniel Kesselberg2019-02-171-1/+30
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* Add StandaloneTemplateResponseRoeland Jago Douma2019-02-061-8/+8
| | | | | | | This can be used by pages that do not have the full Nextcloud UI. So notifications etc do not load there. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Fix template paramterRoeland Jago Douma2019-01-181-1/+1
| | | | | | Else we get shown an error page instead of the correct 403. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Fix loginflow with apptoken enter on iOSRoeland Jago Douma2019-01-041-0/+12
| | | | | | | It seems iOS doesn't like us to change the location. So now we submit it to the server that geneartes the redirect. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Fix SAML Client login flow on Apple devicesRoeland Jago Douma2018-12-171-0/+1
| | | | | | | | | | | Because the redirect from the SAML/SSO endpoint is a POST the lax/strict cookies are not properly send. Note that it is not strictly requried on this endpoint as we do not need the remember me data. Only the real session info is enough. The endpoint is also already protected by a state token. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Remove redirect pageJohn Molakvoæ (skjnldsv)2018-11-291-28/+0
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Use the proper server for the apptoken flow loginRoeland Jago Douma2018-11-011-21/+23
| | | | | | | | | | | | | If a user can't authenticate normally (because they have 2FA that is not available on their devices for example). The redirect that is generated should be of the proper format. This means 1. Include the protocol 2. Include the possible subfolder Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Do not invalidate main token on OAuthRoeland Jago Douma2018-09-061-3/+3
| | | | | | | | | | | | | | | | Fixes #10584 We deleted the main token when using the login flow else mutliple tokens would show up for a single user. However in the case of OAuth this is perfectly fine as the authentication happens really in your browser: 1. You are already logged in, no need to log you out 2. You are not logged in yet, but since you log in into the exact same browser the expected behavior is to stay logged in. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Don't use special chars to avoid confusionRoeland Jago Douma2018-05-221-1/+1
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Improve login flowRoeland Jago Douma2018-04-081-0/+38
| | | | | | | * Add page explaining you are about to grant access * Show grant access page after login Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Request->getHeader() should always return a stringMorris Jobke2018-01-171-1/+1
| | | | | | | | PHPDoc (of the public API) says that this method returns string but it also returns null, which is not allowed in some method calls. This fixes that behaviour and returns an empty string and fixes all code paths that explicitly checked for null to be still compliant. Found while enabling the strict_typing for lib/private for the PHP7+ migration. Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Fix bug with proxiesMario Danic2018-01-151-1/+12
| | | | Signed-off-by: Mario Danic <mario@lovelyhq.com>
* Clear login token once apppassword is generatedRoeland Jago Douma2018-01-041-0/+3
| | | | | | | | | | | | | Fixes #7697 When using the new login flow a token will be generated since we login. However after that we generate yet another token to return (as we should). However we should kill the current session token as we are done with it. And will never use it again. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Fix flowMario Danic2017-11-091-1/+10
| | | | Signed-off-by: Mario Danic <mario@lovelyhq.com>
* Theming: theme flow redirection pageJulius Härtl2017-11-081-1/+1
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Update license headersMorris Jobke2017-11-061-0/+5
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Fix undefined index oauthStateMorris Jobke2017-09-061-0/+1
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Add tests for ClientFlowLoginControllerLukas Reschke2017-05-181-6/+4
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-05 11:00:33 +0000