| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | | |
| | |
| | |
| | | |
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Found via `codespell -q 3 -S l10n -L jus ./lib/private`
Signed-off-by: luz paz <luzpaz@github.com>
|
| |\ \ \
| | | |
| | | | |
delete files before cleaning cache when cleaning user files
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
otherwise, when using object store, we loose track of which files the user owns before we can delete them
Signed-off-by: Robin Appelman <robin@icewind.nl>
|
| | |/ /
|/| |
| | |
| | |
| | |
| | |
| | |
| | | |
This is an helpful helper that should be used in more place than just
server and this is already the case with groupfodlers, deck, user_oidc
and more using it, so let's make it public
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
For passwords bigger than 250 characters, use a bigger key since the
performance impact is minor (around one second to encrypt the password).
For passwords bigger than 470 characters, give up earlier and throw
exeception recommanding admin to either enable the previously enabled
configuration or use smaller passwords.
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
|
| |/ /
| |
| |
| |
| |
| |
| |
| | |
This adds an option to disable storing passwords in the database. This
might be desirable when using single use token as passwords or very
large passwords.
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
|
| | |
| |
| |
| | |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |\ \
| | |
| | | |
remove storage wrappers when deleting the user storage
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Robin Appelman <robin@icewind.nl>
|
| |/ /
| |
| |
| | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| | |
| |
| |
| |
| |
| | |
And always pass the exception object to the logger.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| | |
| |
| |
| | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |/
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |\
| |
| |
| |
| | |
nextcloud/techdebt/noid/remove-default-token-provider
Remove default token which is deprecated since Nextcloud 13
|
| | |
| |
| |
| | |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |/
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
|
|
| |
First round of modifications for PHP 8.1
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The auth token activity logic works as follows
* Read auth token
* Compare last activity time stamp to current time
* Update auth token activity if it's older than x seconds
This works fine in isolation but with concurrency that means that
occasionally the same token is read simultaneously by two processes and
both of these processes will trigger an update of the same row.
Affectively the second update doesn't add much value. It might set the
time stamp to the exact same time stamp or one a few seconds later. But
the last activity is no precise science, we don't need this accuracy.
This patch changes the UPDATE query to include the expected value in a
comparison with the current data. This results in an affected row when
the data in the DB still has an old time stamp, but won't affect a row
if the time stamp is (nearly) up to date.
This is a micro optimization and will possibly not show any significant
performance improvement. Yet in setups with a DB cluster it means that
the write node has to send fewer changes to the read nodes due to the
lower number of actual changes.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
|
|
|
|
| |
For historic reasons we couldn't add a nullable type hint before
nullable type hints were supported by our target php versions. This is
now possible.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
| |
Signed-off-by: Julius Härtl <jus@bitgrid.net>
|
| |
|
|
| |
Signed-off-by: Tobias Assmann <tobias.assmann@ecsec.de>
|
| |
|
|
| |
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |
|
|
| |
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
|
| |
|
|
| |
Signed-off-by: Robin Appelman <robin@icewind.nl>
|
| |
|
|
| |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |
|
|
| |
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |
|
|
| |
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
|
| |
|
|
|
|
|
| |
* Shiny new events
* Listener to still emit the old event
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |\
| |
| | |
Move app_password_created to a typed event
|
| | |
| |
| |
| | |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |/
|
|
|
|
|
|
| |
Else you can end up that you renewed your password (LDAP for example).
But they still don't work because you did not use them before you logged
in.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |
|
|
|
|
|
|
| |
The IConfig service is documented to handle its data as strings, hence
this changes the code a bit to ensure we store keys as string and
convert them back when reading.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
| |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
| |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
| |
Signed-off-by: Joas Schilling <coding@schilljs.com>
|
| |
|
|
| |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
| |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
|
|
|
|
| |
On some systems with a lot of users this creates a lot of extra DB
writes.
Being able to increase this interval helps there.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |\
| |
| |
| |
| | |
nextcloud/fix/credentials-store-upgrade-property-undefined
Fix undefined class property access after upgrade from 19 to 20
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
The serialized data in 19 has one property less and this was not
considered in the code. Hence adding a fallback. Moreover I'm changing
the deserialization into an array instead of object, as that is the
safer option.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |/
|
|
|
|
|
| |
There are still lots of outdated headers, so time for another round of
updates.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
When your password changes out of bounds your Nextcloud tokens will
become invalid. There is no real way around that. However we should make
sure that if you successfully log in again your passwords are all
updates
* Added event listener to the PostLoggedInEvent so that we can act on it
- Only if it is not a token login
* Make sure that we actually reset the invalid state when we update a
token. Else it keeps being marked invalid and thus not used.
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
|
| |\
| |
| | |
Return correct loginname in credentials
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
even when token is invalid or has no password.
Returning the uid as loginname is wrong, and leads to problems when
these differ. E.g. the getapppassword API was creating app token with
the uid as loginname. In a scenario with external authentication (such
as LDAP), these tokens were then invalidated next time their underlying
password was checked, and systematically ceased to function.
Co-authored-by: kesselb <mail@danielkesselberg.de>
for: switch to consistent camelCase
Signed-off-by: Lionel Elie Mamane <lionel@mamane.lu>
|
| |/
|
|
| |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
| |
|
|
|
|
| |
Found by Psalm 3.14.1
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
|
| |\
| |
| | |
Emit an event for every disabled 2FA provider during cleanup
|
| | |
| |
| |
| | |
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
|
