summaryrefslogtreecommitdiffstats
path: root/lib/private/Authentication/TwoFactorAuth
Commit message (Collapse)AuthorAgeFilesLines
* Fix types for reading and writing config valuesjld31032023-04-051-2/+2
| | | | Signed-off-by: jld3103 <jld3103yt@gmail.com>
* composer run cs:fixCôme Chilliet2023-01-206-6/+0
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Do not setup a session when not required on WebDAV requestsJulius Härtl2022-12-211-1/+2
| | | | | | | | | | If basic auth is used on WebDAV endpoints, we will not setup a session by default but instead set a test cookie. Clients which handle session cookies properly will send back the cookie then on the second request and a session will be initialized which can be resued for authentication. Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Fix the type of the return array in a few more placesCarl Schwan2022-10-182-4/+4
| | | | Signed-off-by: Carl Schwan <carl@carlschwan.eu>
* Only check the twofactor state once per requestJoas Schilling2021-12-011-1/+9
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Update php licensesJohn Molakvoæ (skjnldsv)2021-06-048-15/+8
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Move 2fa backupscode to new registrationRoeland Jago Douma2021-04-201-1/+1
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Move 2FA registration to IBootstrapRoeland Jago Douma2021-04-201-1/+17
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add real events for enabled 2fa providers for usersRoeland Jago Douma2021-03-221-4/+16
| | | | | | | * Shiny new events * Listener to still emit the old event Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Convert 2FA token type to stringChristoph Wurst2021-01-221-3/+3
| | | | | | | | The IConfig service is documented to handle its data as strings, hence this changes the code a bit to ensure we store keys as string and convert them back when reading. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Update all license headers for Nextcloud 21Christoph Wurst2020-12-161-0/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Use PSR logger in authenticationJoas Schilling2020-10-121-9/+12
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Emit an event for every disabled 2FA provider during cleanupChristoph Wurst2020-06-162-10/+34
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Add visibility to all constantsChristoph Wurst2020-04-103-6/+6
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Format control structures, classes, methods and functionChristoph Wurst2020-04-107-13/+0
| | | | | | | | | | | | | | | To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Unify function spacing to PSR2 recommendationChristoph Wurst2020-04-092-2/+2
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Fix (array) indent style to always use one tabChristoph Wurst2020-04-091-2/+2
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Remove unused importsChristoph Wurst2020-03-252-3/+0
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Merge pull request #19820 from nextcloud/fix/mismatching-docblock-return-typeChristoph Wurst2020-03-091-1/+1
|\ | | | | Fix mismatching docblock return types
| * Fix mismatching docblock return typesChristoph Wurst2020-03-061-1/+1
| | | | | | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* | Fix mismatching doc block parameter typesChristoph Wurst2020-03-061-1/+1
|/ | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Clean up 2FA provider registry when a user is deletedChristoph Wurst2020-01-082-0/+16
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Update license headersChristoph Wurst2019-12-058-19/+23
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Use Symfony's new contract Event class instead of the deprecated oneChristoph Wurst2019-09-121-4/+3
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Allow 2FA to be setup on first loginRoeland Jago Douma2019-05-171-0/+14
| | | | | | | | | Once 2FA is enforced for a user and they have no 2FA setup yet this will now prompt them with a setup screen. Given that providers are enabled that allow setup then. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Clean pending 2FA authentication on password resetRoeland Jago Douma2019-01-291-0/+9
| | | | | | | | | | | When a password is reste we should make sure that all users are properly logged in. Pending states should be cleared. For example a session where the 2FA code is not entered yet should be cleared. The token is now removed so the session will be killed the next time this is checked (within 5 minutes). Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Make it possible to enforce mandatory 2FA for groupsChristoph Wurst2018-10-153-6/+158
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Emit event on enablign or disabling of 2FA providerRoeland Jago Douma2018-10-011-1/+15
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add mandatory 2FA service/classChristoph Wurst2018-09-302-2/+60
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Only allow 2FA state changs if providers support the operationChristoph Wurst2018-09-254-25/+111
| | | | | | | | Ref https://github.com/nextcloud/server/issues/11019. Add `twofactorauth:cleanup` command Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Fix handlng of concurrent inserts of the 2FA provider registry DAOChristoph Wurst2018-08-311-20/+9
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Fix 2FA being enforced if only backup codes provider is activeChristoph Wurst2018-08-101-4/+9
| | | | | | Fixes https://github.com/nextcloud/server/issues/10634. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Fix double-inserts of the same provider stateChristoph Wurst2018-08-091-6/+19
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Rename providerset method to get primary providersChristoph Wurst2018-08-081-1/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Fix login redirection if only one 2FA provider is activeChristoph Wurst2018-08-081-0/+11
| | | | | | Fixes https://github.com/nextcloud/server/issues/10500. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Fix 2FA provider registry population on loginChristoph Wurst2018-08-081-1/+3
| | | | | | | | If the 2FA provider registry has not been populated yet, we have to make sure all available providers are loaded and queried on login. Otherwise previously active 2FA providers aren't detected as enabled. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Fix duplicate inserts in the 2fa provider registry DAOChristoph Wurst2018-07-311-10/+18
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Make new classes strict and fix license headerChristoph Wurst2018-06-252-0/+2
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Make 2FA providers statefulChristoph Wurst2018-06-205-72/+391
| | | | | | | | | | | This adds persistence to the Nextcloud server 2FA logic so that the server knows which 2FA providers are enabled for a specific user at any time, even when the provider is not available. The `IStatefulProvider` interface was added as tagging interface for providers that are compatible with this new API. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Dispatch event on twofactor failure and successRoeland Jago Douma2018-01-251-13/+30
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Update license headersMorris Jobke2017-11-061-1/+3
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Fix AppPassword 2FA authRoeland Jago Douma2017-09-121-1/+5
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Fix login with basic authRoeland Jago Douma2017-09-051-1/+0
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Improve 2FARoeland Jago Douma2017-08-291-3/+67
| | | | | | | | * Store the auth state in the session so we don't have to query it every time. * Added some tests Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Change 2FA activities to more generic security activitiesChristoph Wurst2017-05-181-5/+6
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* fix minor issuesChristoph Wurst2016-12-191-5/+18
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Publish, parse and filter 2FA activitiesChristoph Wurst2016-12-191-1/+31
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* fix undefined index error when the backup codes provider is not activeChristoph Wurst2016-11-281-0/+3
| | | | | | | | In users have not created backup codes yet the app is not enabled for that user and therefore we got an undefined index error because the code assumed it was always there. It now properly returns null. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Fix typ in constant nameLukas Reschke2016-11-021-4/+4
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Fix invalid PHPDocsLukas Reschke2016-11-021-1/+1
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-29 02:51:59 +0000