aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private/Authentication/Token/Manager.php
Commit message (Collapse)AuthorAgeFilesLines
* fix(Token): take over scope in token refresh with login by cookieArthur Schiwon2024-07-191-2/+5
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* chore: Add SPDX headerAndy Scherzinger2024-05-241-22/+2
| | | | Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
* Import OCP IToken as OCPIToken to avoid a name clash in lib/privateCôme Chilliet2024-01-111-24/+24
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Use IToken from OCP instead of OCCôme Chilliet2024-01-111-0/+1
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Suppress or fix psalm errors related to InvalidTokenExceptionCôme Chilliet2024-01-111-1/+3
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Always catch OCP versions of authentication exceptionsCôme Chilliet2024-01-111-6/+7
| | | | | | And always throw OC versions for BC Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* chore: apply changes from Nextcloud coding standards 1.1.1Joas Schilling2023-11-231-6/+6
| | | | | Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
* Add last-used-before optionLucas Azevedo2023-08-251-0/+4
| | | | Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>
* public interface to invalidate tokens of userArtur Neumann2023-03-141-1/+11
| | | | Signed-off-by: Artur Neumann <artur@jankaritech.com>
* composer run cs:fixCôme Chilliet2023-01-201-1/+0
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Automatically cut the token name on the first levelJoas Schilling2022-03-231-2/+2
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Limit the length of app password namesJoas Schilling2022-03-231-0/+4
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Remove default token which is deprecated since Nextcloud 13Joas Schilling2021-12-011-40/+5
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Update php licensesJohn Molakvoæ (skjnldsv)2021-06-041-2/+1
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Format control structures, classes, methods and functionChristoph Wurst2020-04-101-3/+1
| | | | | | | | | | | | | | | To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Update license headersChristoph Wurst2019-12-051-7/+12
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Handle token insert conflictsChristoph Wurst2019-11-261-9/+24
| | | | | | | | | | | | | | | | Env-based SAML uses the "Apache auth" mechanism to log users in. In this code path, we first delete all existin auth tokens from the database, before a new one is inserted. This is problematic for concurrent requests as they might reach the same code at the same time, hence both trying to insert a new row wit the same token (the session ID). This also bubbles up and disables user_saml. As the token might still be OK (both request will insert the same data), we can actually just check if the UIDs of the conflict row is the same as the one we want to insert right now. In that case let's just use the existing entry and carry on. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Make renewSessionToken return the new tokenRoeland Jago Douma2019-10-091-3/+4
| | | | | | | Avoids directly getting the token again. We just inserted it so it and have all the info. So that query is just a waste. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Error with exception on SSL errorMorris Jobke2019-07-181-0/+2
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Remote wipe supportRoeland Jago Douma2019-05-201-0/+5
| | | | | | | | This allows a user to mark a token for remote wipe. Clients that support this can then wipe the device properly. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Move ExpiredTokenException to the correct namespaceRoeland Jago Douma2018-10-301-0/+1
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Catch more occurences where ExpiredTokenException can be thrownRoeland Jago Douma2018-10-211-1/+5
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Expired PK tokens should not fall back to legacy tokensRoeland Jago Douma2018-10-211-0/+2
| | | | | | Fixes #11919 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Update all the publickey tokens if needed on web loginRoeland Jago Douma2018-10-021-0/+7
| | | | | | | | | | * On weblogin check if we have invalid public key tokens * If so update them all with the new token This ensures that your marked as invalid tokens work again if you once login on the web. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Mark token as invalid if the password doesn't matchRoeland Jago Douma2018-10-021-0/+5
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* CommentsRoeland Jago Douma2018-06-191-1/+16
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add getProvider helper functionRoeland Jago Douma2018-06-181-35/+17
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add more testsRoeland Jago Douma2018-06-181-2/+10
| | | | | | | | * Add a lot of tests * Fixes related to those tests * Fix tests Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Generate the new publicKey tokens by default!Roeland Jago Douma2018-06-181-2/+1
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Actually convert the tokenRoeland Jago Douma2018-06-181-8/+19
| | | | | | | | | | * When getting the token * When rotating the token * Also store the encrypted password as base64 to avoid weird binary stuff Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add publickey provider to managerRoeland Jago Douma2018-06-181-47/+52
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Just pass uid to the Token stuffRoeland Jago Douma2018-06-181-4/+4
| | | | | | We don't have user objects in the code everywhere Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Initial PKT implementationRoeland Jago Douma2018-06-181-4/+4
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Abstract the Provider via a managerRoeland Jago Douma2018-06-181-0/+210
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-13 20:37:49 +0000