aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private/Authentication
Commit message (Collapse)AuthorAgeFilesLines
* fix(session): Avoid race condition for cache::get() vs. cache::hasKey()Joas Schilling2024-04-291-6/+6
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* fix(deps): Bump web-auth/webauthn-lib from 3.3.9 to 4.8.5Ferdinand Thiessen2024-04-161-24/+24
| | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* fix: Fix new psalm errors from updateCôme Chilliet2024-04-081-9/+7
| | | | | | | Not sure about the SimpleContainer modification, let’s see what CI says about that. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* fix: Apply new coding standard to all filesCôme Chilliet2024-04-029-11/+11
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* feat(perf): add cache for authtoken lookupBenjamin Gaussorgues2024-02-282-63/+78
| | | | Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
* feat: rename users to account or personVincent Petry2024-02-131-1/+1
| | | | | | Replace translated text in most locations Signed-off-by: Vincent Petry <vincent@nextcloud.com>
* chore: Fix missing template parameter for IEventListenerCôme Chilliet2024-01-302-0/+2
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Import OCP IToken as OCPIToken to avoid a name clash in lib/privateCôme Chilliet2024-01-113-65/+65
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Use OCP version of IToken in AppPasswordCreatedEventCôme Chilliet2024-01-111-6/+4
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Use IToken from OCP instead of OCCôme Chilliet2024-01-113-0/+3
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Suppress or fix psalm errors related to InvalidTokenExceptionCôme Chilliet2024-01-112-4/+6
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Always catch OCP versions of authentication exceptionsCôme Chilliet2024-01-114-10/+11
| | | | | | And always throw OC versions for BC Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* AppAPI: allowed to bypass Two-FactorAlexander Piskun2023-12-281-2/+2
| | | | Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
* chore: apply changes from Nextcloud coding standards 1.1.1Joas Schilling2023-11-2322-92/+92
| | | | | Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
* fix: Show error message when CSRF check fails at loginChristoph Wurst2023-11-081-0/+5
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Allow passing null to PublicKeyToken::setScope, fixes testsCôme Chilliet2023-10-231-2/+2
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Improve docblock annotations for tokens and their exceptionsCôme Chilliet2023-10-233-2/+5
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Use more precise typing for setScope method parameterCôme Chilliet2023-10-231-2/+2
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Make sure that OC interfaces returns OC interfaces for backward compatibilityCôme Chilliet2023-10-232-0/+26
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Move Exceptions used in OCP to OCPCôme Chilliet2023-10-233-33/+12
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Align PublicKeyToken with interface changesCôme Chilliet2023-10-231-10/+6
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Move IToken and IProvider::getToken to OCPCôme Chilliet2023-10-201-104/+2
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* fix(twofactor): avoid error in pgsql for duplicate entryBenjamin Gaussorgues2023-10-061-20/+17
| | | | Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
* Fix typoLucas Azevedo2023-08-251-1/+1
| | | | Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>
* Fixes from static analysisLucas Azevedo2023-08-251-3/+3
| | | | Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com> Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>
* Add last-used-before optionLucas Azevedo2023-08-254-0/+24
| | | | Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>
* docs: remove superfluous phpdocsDaniel Kesselberg2023-08-101-9/+1
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* fix!: Remove legacy event dispatching Symfony's GenericEvent from 2FA ManagerJoas Schilling2023-07-271-14/+1
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* chore: Replace \OC::$server->query with \OCP\Server::get in /libChristoph Wurst2023-07-061-2/+2
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Fix event names of 2FA related typed eventsJoas Schilling2023-07-033-3/+13
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Merge branch 'master' into enh/type-iconfig-getter-callsCôme Chilliet2023-04-201-51/+55
|\ | | | | Signed-off-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
| * fix(auth): Run token statements in atomic transactionChristoph Wurst2023-04-121-51/+55
| | | | | | | | | | | | All or nothing Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* | Use typed version of IConfig::getSystemValue as much as possibleCôme Chilliet2023-04-052-6/+6
|/ | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Fix types for reading and writing config valuesjld31032023-04-051-2/+2
| | | | Signed-off-by: jld3103 <jld3103yt@gmail.com>
* Merge pull request #36033 from ↵Côme Chilliet2023-03-151-1/+11
|\ | | | | | | | | nextcloud/invalidateTokensWhenDeletingOAuthClientMaster [master] invalidate existing tokens when deleting an oauth client
| * public interface to invalidate tokens of userArtur Neumann2023-03-141-1/+11
| | | | | | | | Signed-off-by: Artur Neumann <artur@jankaritech.com>
* | Don't try to hash a nonexisting passwordEmber 'n0emis' Keske2023-03-131-1/+1
|/ | | | | | Allows to log-in via a passwordless authentication provider, eg SSO Signed-off-by: Ember 'n0emis' Keske <git@n0emis.eu>
* fix(authentication): Handle null or empty string password hashJoas Schilling2023-02-101-1/+1
| | | | | | | | This can happen when the auth.storeCryptedPassword config is used, which previously errored with: Hasher::verify(): Argument #2 ($hash) must be of type string, null given Signed-off-by: Joas Schilling <coding@schilljs.com>
* Merge pull request #36621 from ↵Joas Schilling2023-02-101-1/+30
|\ | | | | | | | | nextcloud/perf/noid/only-check-for-token-when-it-can-actually-be fix(performance): Only search for auth tokens when the provided login…
| * fix(authentication): Check minimum length when creating app tokensJoas Schilling2023-02-091-2/+10
| | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
| * fix(performance): Only search for auth tokens when the provided login is ↵Joas Schilling2023-02-081-1/+22
| | | | | | | | | | | | long enough Signed-off-by: Joas Schilling <coding@schilljs.com>
* | fix(authtoken): Store only one hash for authtokens with the current password ↵Julius Härtl2023-02-092-1/+50
|/ | | | | | per user Signed-off-by: Julius Härtl <jus@bitgrid.net>
* composer run cs:fixCôme Chilliet2023-01-2042-44/+0
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Merge pull request #36001 from nextcloud/validate-user-tzVincent Petry2023-01-111-1/+5
|\ | | | | Validate user timezone given from login data before saving it
| * Validate user timezone given from login data before saving itThomas Citharel2023-01-041-1/+5
| | | | | | | | | | | | Follow-up to #36000 Signed-off-by: Thomas Citharel <tcit@tcit.fr>
* | fix(authentication): Update the token when the hash is null or can not be ↵Joas Schilling2023-01-091-4/+21
| | | | | | | | | | | | verified Signed-off-by: Joas Schilling <coding@schilljs.com>
* | fix(authentication): Only hash the new password when neededJoas Schilling2023-01-091-2/+6
| | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* | fix(authentication): Invert the logic to the original intentionJoas Schilling2023-01-091-2/+3
| | | | | | | | | | | | | | We need to store the new authentication details when the hash did **not** verify the old password. Signed-off-by: Joas Schilling <coding@schilljs.com>
* | fix(authentication): Only verify each hash onceJoas Schilling2023-01-091-2/+4
| | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* | Merge pull request #33898 from nextcloud/fix/authtoken-password-updateJulius Härtl2023-01-052-4/+22
|\ \ | | | | | | PublickKeyTokenProvider: Fix password update routine with password hash
generated by cgit v1.2.3 (git 2.39.1) at 2025-07-02 02:26:43 +0000