summaryrefslogtreecommitdiffstats
path: root/tests/lib/Authentication
Commit message (Collapse)AuthorAgeFilesLines
* Allow configuring the activity update interval of tokenRoeland Jago Douma2020-10-061-0/+6
| | | | | | | | On some systems with a lot of users this creates a lot of extra DB writes. Being able to increase this interval helps there. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* adapt testGetLoginCredentialsInvalidTokenLoginCredentials() unit test to uid ↵Lionel Elie Mamane2020-07-091-5/+6
| | | | | | != loginname Signed-off-by: Lionel Elie Mamane <lionel@mamane.lu>
* Clean up auth tokens when user is deletedChristoph Wurst2020-06-161-0/+117
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Do not create remember me cookieJulius Härtl2020-04-231-1/+24
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Format control structures, classes, methods and functionChristoph Wurst2020-04-1033-36/+0
| | | | | | | | | | | | | | | To continue this formatting madness, here's a tiny patch that adds unified formatting for control structures like if and loops as well as classes, their methods and anonymous functions. This basically forces the constructs to start on the same line. This is not exactly what PSR2 wants, but I think we can have a few exceptions with "our" style. The starting of braces on the same line is pracrically standard for our code. This also removes and empty lines from method/function bodies at the beginning and end. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Use elseif instead of else ifChristoph Wurst2020-04-101-1/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Unify function spacing to PSR2 recommendationChristoph Wurst2020-04-093-6/+6
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Use a blank line after the opening tagChristoph Wurst2020-04-0913-8/+29
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Fix multiline commentsChristoph Wurst2020-04-081-1/+0
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* [POC] Event for failed login attemptsRoeland Jago Douma2020-03-311-1/+8
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Merge pull request #20170 from nextcloud/techdebt/remove-unused-importsChristoph Wurst2020-03-276-6/+0
|\ | | | | Remove unused imports
| * Remove unused importsChristoph Wurst2020-03-256-6/+0
| | | | | | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* | Use the shorter phpunit syntax for mocked return valuesChristoph Wurst2020-03-254-28/+28
|/ | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Check the user on remote wipeJoas Schilling2020-03-161-13/+3
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Clean up 2FA provider registry when a user is deletedChristoph Wurst2020-01-082-0/+24
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Mode to modern phpunitRoeland Jago Douma2019-11-276-46/+46
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Make phpunit8 compatibleRoeland Jago Douma2019-11-2731-31/+31
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Handle token insert conflictsChristoph Wurst2019-11-261-10/+44
| | | | | | | | | | | | | | | | Env-based SAML uses the "Apache auth" mechanism to log users in. In this code path, we first delete all existin auth tokens from the database, before a new one is inserted. This is problematic for concurrent requests as they might reach the same code at the same time, hence both trying to insert a new row wit the same token (the session ID). This also bubbles up and disables user_saml. As the token might still be OK (both request will insert the same data), we can actually just check if the UIDs of the conflict row is the same as the one we want to insert right now. In that case let's just use the existing entry and carry on. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Some php-cs fixesRoeland Jago Douma2019-11-225-6/+6
| | | | | | | | | | | * Order the imports * No leading slash on imports * Empty line before namespace * One line per import * Empty after imports * Emmpty line at bottom of file Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Use the actual password to update the tokensRoeland Jago Douma2019-09-181-2/+2
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Use Symfony's new contract Event class instead of the deprecated oneChristoph Wurst2019-09-121-8/+8
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Update unit testsJoas Schilling2019-07-161-2/+2
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Make it possible to wipe all tokens/devices of a userChristoph Wurst2019-07-091-0/+38
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Refactor: move remote wipe token logic to RW serviceChristoph Wurst2019-07-091-0/+30
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Send emails when remote wipe starts/finishesChristoph Wurst2019-07-021-0/+241
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Decouple remote wipe notifcation channels with eventsChristoph Wurst2019-06-275-0/+513
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Allow 2FA to be setup on first loginRoeland Jago Douma2019-05-172-0/+199
| | | | | | | | | Once 2FA is enforced for a user and they have no 2FA setup yet this will now prompt them with a setup screen. Given that providers are enabled that allow setup then. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl> Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Add a login chain to reduce the complexity of LoginController::tryLoginChristoph Wurst2019-05-0713-0/+1254
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Use the defined func()->count() instead of manual countingJoas Schilling2018-11-082-2/+2
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Move ExpiredTokenException to the correct namespaceRoeland Jago Douma2018-10-302-5/+2
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Make it possible to enforce mandatory 2FA for groupsChristoph Wurst2018-10-153-34/+216
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Add testsRoeland Jago Douma2018-10-024-6/+157
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Generate backups code notification if not enable but 2fa isRoeland Jago Douma2018-10-011-1/+27
| | | | | | | | | | | | Generate a notification to generate backup codes if you enable an other 2FA provider but backup codes are not yet generated. * Add event listner * Insert background job * Background job tests and emits notification every 2 weeks * If the backup codes are generated the next run will remove the job Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add mandatory 2FA service/classChristoph Wurst2018-09-302-0/+114
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Merge pull request #11240 from ↵Morris Jobke2018-09-251-0/+1
|\ | | | | | | | | nextcloud/feature/noid/consider-openssl-settings-from-config.php Consider openssl settings from config.php
| * Add openssl to mockDaniel Kesselberg2018-09-161-0/+1
| | | | | | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* | Only allow 2FA state changs if providers support the operationChristoph Wurst2018-09-254-28/+176
|/ | | | | | | | Ref https://github.com/nextcloud/server/issues/11019. Add `twofactorauth:cleanup` command Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Remove unused importChristoph Wurst2018-08-101-1/+0
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Fix 2FA being enforced if only backup codes provider is activeChristoph Wurst2018-08-101-0/+27
| | | | | | Fixes https://github.com/nextcloud/server/issues/10634. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Fix double-inserts of the same provider stateChristoph Wurst2018-08-091-2/+2
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Add integration/unit test for the double-insert of same valuesChristoph Wurst2018-08-091-0/+19
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Rename providerset method to get primary providersChristoph Wurst2018-08-081-1/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Fix login redirection if only one 2FA provider is activeChristoph Wurst2018-08-081-0/+18
| | | | | | Fixes https://github.com/nextcloud/server/issues/10500. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Fix 2FA provider registry population on loginChristoph Wurst2018-08-081-3/+79
| | | | | | | | If the 2FA provider registry has not been populated yet, we have to make sure all available providers are loaded and queried on login. Otherwise previously active 2FA providers aren't detected as enabled. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Fix duplicate inserts in the 2fa provider registry DAOChristoph Wurst2018-07-311-0/+19
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Make new classes strict and fix license headerChristoph Wurst2018-06-253-4/+22
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Make 2FA providers statefulChristoph Wurst2018-06-205-136/+451
| | | | | | | | | | | This adds persistence to the Nextcloud server 2FA logic so that the server knows which 2FA providers are enabled for a specific user at any time, even when the provider is not available. The `IStatefulProvider` interface was added as tagging interface for providers that are compatible with this new API. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Use constant for token versionRoeland Jago Douma2018-06-183-0/+5
| | | | | | | And don't set the version in the constructor. That would possible cause to many updates. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add more testsRoeland Jago Douma2018-06-184-31/+492
| | | | | | | | * Add a lot of tests * Fixes related to those tests * Fix tests Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* SetPassword on PublicKeyTokensRoeland Jago Douma2018-06-182-12/+19
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-03 22:35:21 +0000