aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private/Authentication
Commit message (Collapse)AuthorAgeFilesLines
* chore: Add proper deprecation dates where missingFerdinand Thiessen2024-09-201-1/+1
| | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* chore(deps): Update nextcloud/coding-standard to v1.3.1provokateurin2024-09-193-3/+3
| | | | Signed-off-by: provokateurin <kate@provokateurin.de>
* chore: Migrate cleanAppId and getAppPath calls to IAppManager from OC_AppCôme Chilliet2024-09-131-19/+11
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* style: update codestyle for coding-standard 1.2.3Daniel Kesselberg2024-08-256-20/+20
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* feat(webauthn): Add user verification to webauthn challengesS1m2024-08-153-8/+27
| | | | | | | | Require user verification if all tokens are registered with UV flag, else discourage it Signed-off-by: S1m <git@sgougeon.fr> Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
* feat(auth): Clean-up unused auth tokens and wipe tokensChristoph Wurst2024-08-132-9/+21
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* fix(Token): take over scope in token refresh with login by cookieArthur Schiwon2024-07-193-6/+19
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* fix(Session): avoid race conditions on clustered setupsArthur Schiwon2024-07-101-1/+1
| | | | | | | | - re-stablishes old behaviour with cache to return null instead of throwing an InvalidTokenException when the token is cached as non-existing - token invalidation and re-generation are bundled in a DB transaction now Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* feat(notifications): Migrate server INotifiers to new exceptionsJoas Schilling2024-06-251-3/+3
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* refactor(Token): introduce scope constantsArthur Schiwon2024-06-051-1/+2
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* fix(Session): avoid password confirmation on SSOArthur Schiwon2024-06-051-0/+1
| | | | | | | | | | | SSO backends like SAML and OIDC tried a trick to suppress password confirmations as they are not possible by design. At least for SAML it was not reliable when existing user backends where used as user repositories. Now we are setting a special scope with the token, and also make sure that the scope is taken over when tokens are regenerated. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Merge pull request #45411 from ↵Daniel2024-05-291-2/+0
|\ | | | | | | | | nextcloud/fix/auth/selective-token-activity-update fix(auth): Update authtoken activity selectively
| * fix(auth): Update authtoken activity selectivelyChristoph Wurst2024-05-211-2/+0
| | | | | | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* | chore: Add SPDX headerAndy Scherzinger2024-05-2467-1315/+148
|/ | | | Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
* Merge pull request #45026 from nextcloud/fix/token-updateChristoph Wurst2024-05-161-0/+2
|\ | | | | Avoid updating the same oc_authtoken row twice
| * fix: Always set last activity if we update the row of an authtoken anywaysJulius Härtl2024-04-291-0/+2
| | | | | | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* | fix(session): Avoid race condition for cache::get() vs. cache::hasKey()Joas Schilling2024-04-291-6/+6
|/ | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* fix(deps): Bump web-auth/webauthn-lib from 3.3.9 to 4.8.5Ferdinand Thiessen2024-04-161-24/+24
| | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* fix: Fix new psalm errors from updateCôme Chilliet2024-04-081-9/+7
| | | | | | | Not sure about the SimpleContainer modification, let’s see what CI says about that. Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* fix: Apply new coding standard to all filesCôme Chilliet2024-04-029-11/+11
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* feat(perf): add cache for authtoken lookupBenjamin Gaussorgues2024-02-282-63/+78
| | | | Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
* feat: rename users to account or personVincent Petry2024-02-131-1/+1
| | | | | | Replace translated text in most locations Signed-off-by: Vincent Petry <vincent@nextcloud.com>
* chore: Fix missing template parameter for IEventListenerCôme Chilliet2024-01-302-0/+2
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Import OCP IToken as OCPIToken to avoid a name clash in lib/privateCôme Chilliet2024-01-113-65/+65
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Use OCP version of IToken in AppPasswordCreatedEventCôme Chilliet2024-01-111-6/+4
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Use IToken from OCP instead of OCCôme Chilliet2024-01-113-0/+3
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Suppress or fix psalm errors related to InvalidTokenExceptionCôme Chilliet2024-01-112-4/+6
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Always catch OCP versions of authentication exceptionsCôme Chilliet2024-01-114-10/+11
| | | | | | And always throw OC versions for BC Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* AppAPI: allowed to bypass Two-FactorAlexander Piskun2023-12-281-2/+2
| | | | Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
* chore: apply changes from Nextcloud coding standards 1.1.1Joas Schilling2023-11-2322-92/+92
| | | | | Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
* fix: Show error message when CSRF check fails at loginChristoph Wurst2023-11-081-0/+5
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Allow passing null to PublicKeyToken::setScope, fixes testsCôme Chilliet2023-10-231-2/+2
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Improve docblock annotations for tokens and their exceptionsCôme Chilliet2023-10-233-2/+5
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Use more precise typing for setScope method parameterCôme Chilliet2023-10-231-2/+2
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Make sure that OC interfaces returns OC interfaces for backward compatibilityCôme Chilliet2023-10-232-0/+26
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Move Exceptions used in OCP to OCPCôme Chilliet2023-10-233-33/+12
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Align PublicKeyToken with interface changesCôme Chilliet2023-10-231-10/+6
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Move IToken and IProvider::getToken to OCPCôme Chilliet2023-10-201-104/+2
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* fix(twofactor): avoid error in pgsql for duplicate entryBenjamin Gaussorgues2023-10-061-20/+17
| | | | Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
* Fix typoLucas Azevedo2023-08-251-1/+1
| | | | Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>
* Fixes from static analysisLucas Azevedo2023-08-251-3/+3
| | | | Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com> Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>
* Add last-used-before optionLucas Azevedo2023-08-254-0/+24
| | | | Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>
* docs: remove superfluous phpdocsDaniel Kesselberg2023-08-101-9/+1
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* fix!: Remove legacy event dispatching Symfony's GenericEvent from 2FA ManagerJoas Schilling2023-07-271-14/+1
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* chore: Replace \OC::$server->query with \OCP\Server::get in /libChristoph Wurst2023-07-061-2/+2
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Fix event names of 2FA related typed eventsJoas Schilling2023-07-033-3/+13
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Merge branch 'master' into enh/type-iconfig-getter-callsCôme Chilliet2023-04-201-51/+55
|\ | | | | Signed-off-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
| * fix(auth): Run token statements in atomic transactionChristoph Wurst2023-04-121-51/+55
| | | | | | | | | | | | All or nothing Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* | Use typed version of IConfig::getSystemValue as much as possibleCôme Chilliet2023-04-052-6/+6
|/ | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Fix types for reading and writing config valuesjld31032023-04-051-2/+2
| | | | Signed-off-by: jld3103 <jld3103yt@gmail.com>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-25 11:28:28 +0000