summaryrefslogtreecommitdiffstats
path: root/tests/lib/Authentication
Commit message (Collapse)AuthorAgeFilesLines
* Just pass uid to the Token stuffRoeland Jago Douma2018-06-181-24/+4
| | | | | | We don't have user objects in the code everywhere Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add first testsRoeland Jago Douma2018-06-183-0/+775
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Certain tokens can expireRoeland Jago Douma2018-05-171-0/+75
| | | | | | | | However due to the nature of what we store in the token (encrypted passwords etc). We can't just delete the tokens because that would make the oauth refresh useless. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Allow the rotation of tokensRoeland Jago Douma2018-05-161-0/+42
| | | | | | This for example will allow rotating the apptoken for oauth Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Fix testsRoeland Jago Douma2018-05-152-13/+3
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Add all parameters to returnValueMapJulius Härtl2018-01-311-2/+2
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Merge pull request #7916 from nextcloud/2fa_logMorris Jobke2018-01-251-4/+11
|\ | | | | Add 2FA to logfile
| * Fix testsRoeland Jago Douma2018-01-251-4/+11
| | | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | Fix risky tests without assertionsJoas Schilling2018-01-251-0/+1
|/ | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Adjust tests for added lastCheck timeLukas Reschke2017-11-271-0/+1
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Fix duplicate session token after remembered loginChristoph Wurst2017-09-201-0/+8
| | | | | | | | | On a remembered login session, we create a new session token in the database with the values of the old one. As we actually don't need the old session token anymore, we can delete it right away. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Fix AppPassword 2FA authRoeland Jago Douma2017-09-121-1/+16
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Fix login with basic authRoeland Jago Douma2017-09-051-1/+5
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Improve 2FARoeland Jago Douma2017-08-291-17/+189
| | | | | | | | * Store the auth state in the session so we don't have to query it every time. * Added some tests Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* Merge pull request #4894 from nextcloud/generic-security-activitiesLukas Reschke2017-05-191-4/+4
|\ | | | | Change 2FA activities to more generic security activities
| * Fix testsRoeland Jago Douma2017-05-181-4/+4
| | | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | Add test for DefaultTokenMapperLukas Reschke2017-05-181-0/+11
| | | | | | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* | Rename table back to lowercaseLukas Reschke2017-05-181-6/+10
| | | | | | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* | delete auth token when client gets deletedBjoern Schiessle2017-05-181-6/+6
|/ | | | Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
* Fix warning with undefined methodJoas Schilling2017-04-201-4/+4
| | | | | | | | Trying to configure method "getRemember" which cannot be configured because it does not exist, has not been specified, is final, or is static Signed-off-by: Joas Schilling <coding@schilljs.com>
* Don't do a recursive searchJoas Schilling2017-03-221-1/+1
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* DefaultTokenProviderTest mocked/asserted the wrong methodChristoph Wurst2017-02-281-2/+2
| | | | | | | It's 'getRemember' instead of 'getRememberMe', hence some warnings were generated by phpunit. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* do not hard-require the token providerChristoph Wurst2017-01-111-1/+9
| | | | | | | | The provider might need DB access and therefore depenedency resolution fails on the setup page where we cannot inject the db implementation. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* use login hook credentials as fallbackChristoph Wurst2017-01-111-8/+55
| | | | | | | If no session token is available, we can use the credentials provided by the login hook. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* add login credential storeChristoph Wurst2017-01-112-0/+193
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* fix 2fa activities testsChristoph Wurst2016-12-201-4/+77
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* copy remember-me value when renewing a session tokenChristoph Wurst2016-11-271-1/+11
| | | | | | | | | On renew, a session token is duplicated. For some reason we did not copy over the remember-me attribute value. Hence, the new token was deleted too early in the background job and remember-me did not work properly. Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* add testRobin Appelman2016-11-161-0/+7
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* Adds TokenProvider and Mapper testsRoeland Jago Douma2016-11-162-0/+55
| | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* add testsRobin Appelman2016-11-161-0/+49
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* explicit typesRobin Appelman2016-11-161-1/+0
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* Add missing tests and fix PHPDocLukas Reschke2016-11-021-2/+116
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* bring back remember-meChristoph Wurst2016-11-023-8/+40
| | | | | | | | | | * try to reuse the old session token for remember me login * decrypt/encrypt token password and set the session id accordingly * create remember-me cookies only if checkbox is checked and 2fa solved * adjust db token cleanup to store remembered tokens longer * adjust unit tests Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Do not use underscores in PSR4 namespaces of the backup codes appChristoph Wurst2016-10-031-3/+2
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Fix getMock AuthenticationRoeland Jago Douma2016-09-063-16/+22
|
* add 2fa backup codes appChristoph Wurst2016-09-051-12/+72
| | | | | * add backup codes app unit tests * add integration tests for the backup codes app
* prevent infinite redirect loops if the there is no 2fa provider to passChristoph Wurst2016-08-241-4/+41
| | | | | | | This fixes infinite loops that are caused whenever a user is about to solve a 2FA challenge, but the provider app is disabled at the same time. Since the session value usually indicates that the challenge needs to be solved before we grant access we have to remove that value instead in this special case.
* Merge pull request #25172 from owncloud/token-login-validationVincent Petry2016-06-222-27/+16
|\ | | | | Token login validation
| * fix DefaultTokenMapperTestChristoph Wurst2016-06-201-0/+4
| |
| * fix default token provider testsChristoph Wurst2016-06-201-26/+0
| |
| * use token last_activity instead of session valueChristoph Wurst2016-06-171-1/+12
| |
* | update session token password on user password changeChristoph Wurst2016-06-211-0/+33
|/
* assert app is loaded in unit testsChristoph Wurst2016-06-161-0/+7
|
* load 2FA provider apps before querying classesChristoph Wurst2016-06-161-1/+4
|
* fail hard if 2fa provider can not be loaded (#25061)Christoph Wurst2016-06-131-3/+24
|
* Create session tokens for apache auth usersChristoph Wurst2016-05-311-0/+11
|
* One more PSR-4 fix (#24852)Joas Schilling2016-05-261-0/+187
|
* when generating browser/device token, save the login name for later password ↵Christoph Wurst2016-05-242-1/+7
| | | | checks
* add button to invalidate browser sessions/device tokensChristoph Wurst2016-05-232-0/+38
|
* Move tests/ to PSR-4 (#24731)Joas Schilling2016-05-203-0/+431
* Move a-b to PSR-4 * Move c-d to PSR-4 * Move e+g to PSR-4 * Move h-l to PSR-4 * Move m-r to PSR-4 * Move s-u to PSR-4 * Move files/ to PSR-4 * Move remaining tests to PSR-4 * Remove Test\ from old autoloader
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-08 16:29:38 +0000