summaryrefslogtreecommitdiffstats
path: root/tests/Core/Controller/ClientFlowLoginControllerTest.php
Commit message (Collapse)AuthorAgeFilesLines
* Change PHPDoc type hint from PHPUnit_Framework_MockObject_MockObject to ↵Morris Jobke2020-08-121-12/+12
| | | | | | \PHPUnit\Framework\MockObject\MockObject Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Remove trailing and in between spacesChristoph Wurst2020-04-091-1/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Unify function spacing to PSR2 recommendationChristoph Wurst2020-04-091-1/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Use the short array syntax, everywhereChristoph Wurst2020-03-261-1/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Use the shorter phpunit syntax for mocked return valuesChristoph Wurst2020-03-251-2/+2
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Mode to modern phpunitRoeland Jago Douma2019-11-271-1/+1
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Make phpunit8 compatibleRoeland Jago Douma2019-11-271-1/+1
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Check getRedirectUri() for queriesRussellAult2019-11-131-3/+12
| | | | | | | | Resolves Issue #17885 Check getRedirectUri() for queries, and add a '&' instead of a '?' to $redirectUri if it already has them; otherwise, $redirectUri might end up with two '?'. Signed-off-by: RussellAult <russellault@users.noreply.github.com>
* fix oauth client redirectSergej Nikolaev2019-10-041-1/+2
| | | | Signed-off-by: Sergej Nikolaev <kinolaev@gmail.com>
* Fix login flow form actionsRoeland Jago Douma2019-08-111-0/+6
| | | | | | | | So fun fact. Chrome considers a redirect after submitting a form part of the form actions. Since we redirect to a new protocol (nc://login/). Causing the form submission to work but the redirect failing hard. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Emit event if app password createdDaniel Kesselberg2019-02-181-30/+14
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* Publish activity for app token created by client login flowDaniel Kesselberg2019-02-171-1/+35
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* Add StandaloneTemplateResponseRoeland Jago Douma2019-02-061-5/+5
| | | | | | | This can be used by pages that do not have the full Nextcloud UI. So notifications etc do not load there. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Fix template paramterRoeland Jago Douma2019-01-181-1/+1
| | | | | | Else we get shown an error page instead of the correct 403. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Fix testsJohn Molakvoæ (skjnldsv)2018-11-291-64/+0
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* Use the proper server for the apptoken flow loginRoeland Jago Douma2018-11-011-2/+8
| | | | | | | | | | | | | If a user can't authenticate normally (because they have 2FA that is not available on their devices for example). The redirect that is generated should be of the proper format. This means 1. Include the protocol 2. Include the possible subfolder Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Request->getHeader() should always return a stringMorris Jobke2018-01-171-0/+13
| | | | | | | | PHPDoc (of the public API) says that this method returns string but it also returns null, which is not allowed in some method calls. This fixes that behaviour and returns an empty string and fixes all code paths that explicitly checked for null to be still compliant. Found while enabling the strict_typing for lib/private for the PHP7+ migration. Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Add unit testJoas Schilling2018-01-151-0/+123
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* fix testsBjoern Schiessle2017-12-081-8/+0
| | | | Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
* Fix flowMario Danic2017-11-091-2/+18
| | | | Signed-off-by: Mario Danic <mario@lovelyhq.com>
* Theming: theme flow redirection pageJulius Härtl2017-11-081-1/+1
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Fix testsMorris Jobke2017-09-061-0/+12
| | | | Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Add tests for ClientFlowLoginControllerLukas Reschke2017-05-181-19/+181
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Update login flow redirectionMario Danic2017-05-041-2/+2
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* AppToken to 72 charsRoeland Jago Douma2017-04-251-2/+2
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add new auth flowLukas Reschke2017-04-251-0/+408
This implements the basics for the new app-password based authentication flow for our clients. The current implementation tries to keep it as simple as possible and works the following way: 1. Unauthenticated client opens `/index.php/login/flow` 2. User will be asked whether they want to grant access to the client 3. If accepted the user has the chance to do so using existing App Token or automatically generate an app password. If the user chooses to use an existing app token then that one will simply be redirected to the `nc://` protocol handler. While we can improve on that in the future, I think keeping this smaller at the moment has its advantages. Also, in the near future we have to think about an automatic migration endpoint so there's that anyways :-) If the user chooses to use the regular login the following happens: 1. A session state token is written to the session 2. User is redirected to the login page 3. If successfully authenticated they will be redirected to a page redirecting to the POST controller 4. The POST controller will check if the CSRF token as well as the state token is correct, if yes the user will be redirected to the `nc://` protocol handler. This approach is quite simple but also allows to be extended in the future. One could for example allow external websites to consume this authentication endpoint as well. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-07 20:06:42 +0000