aboutsummaryrefslogtreecommitdiffstats
path: root/tests/lib/Security
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #46571 from nextcloud/chore/migrate-to-filenamevalidatorStephan Orbaugh2024-07-221-9/+6
|\ | | | | refactor: Migrate some legacy and core functions to `IFilenameValidator`
| * refactor: Migrate some legacy and core functions to `IFilenameValidator`Ferdinand Thiessen2024-07-191-9/+6
| | | | | | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* | feat(security): Add public API to allow validating IP Ranges and checking ↵Joas Schilling2024-07-191-13/+16
| | | | | | | | | | | | | | for "in range" Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
* | feat(security): restrict admin actions to IP rangesBenjamin Gaussorgues2024-07-191-0/+74
|/ | | | Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
* test: Test hash validationChristopher Ng2024-07-041-0/+25
| | | | Signed-off-by: Christopher Ng <chrng8@gmail.com>
* chore: Add SPDX headerAndy Scherzinger2024-05-1328-429/+70
| | | | Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
* fix(security): Handle idn_to_utf8 returning falseJoas Schilling2023-12-041-3/+12
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* chore: apply changes from Nextcloud coding standards 1.1.1Joas Schilling2023-11-233-11/+11
| | | | | Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
* fix(CSP): Only add `strict-dynamic` when using noncesFerdinand Thiessen2023-11-171-2/+2
| | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* fix!(ContentSecurityPolicy): Make `strict-dynamic` enabled by default on ↵Ferdinand Thiessen2023-11-171-2/+2
| | | | | | `script-src-elem` Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* fix: Make bypass function public APIJoas Schilling2023-08-212-5/+5
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* feat: Expose if the own IP is allowed to bypass bruteforce protectionJoas Schilling2023-08-211-4/+11
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* feat(security): Add a bruteforce protection backend base on memcacheJoas Schilling2023-08-212-23/+164
| | | | | | Similar to the ratelimit backend Signed-off-by: Joas Schilling <coding@schilljs.com>
* fix: Align doc type with creationJoas Schilling2023-07-272-4/+2
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* chore(appframework)!: Drop ↵Christoph Wurst2023-06-121-6/+2
| | | | | | \OCP\AppFramework\Http\EmptyContentSecurityPolicy::allowInlineScript Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Adapt tests to config value typingCôme Chilliet2023-04-054-11/+11
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Merge pull request #37542 from ↵Joas Schilling2023-04-031-0/+9
|\ | | | | | | | | nextcloud/bugfix/noid/allow-to-opt-out-of-ratelimit-for-testing feat(security): Allow to opt-out of ratelimit protection, e.g. for te…
| * feat(security): Allow to opt-out of ratelimit protection, e.g. for testing on CIJoas Schilling2023-04-031-0/+9
| | | | | | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* | fix DBAL exception handling in setValuesArthur Schiwon2023-03-311-2/+21
|/ | | | | | | | | This seems to be a left over after abstracting DBAL. Nowadays, IQueryBuilder::executeStatement() only throws a \OCP\DB\Exception, where previously original DBAL exceptions where thrown. These are now wrapped, the orignal classes are now mapped to a reason. Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* composer run cs:fixCôme Chilliet2023-01-206-6/+0
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Fix syntax in VerificationTokenTest.phpCôme Chilliet2022-11-151-1/+1
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Fix dynamic properties and other problems in tests for PHP 8.2Côme Chilliet2022-11-141-4/+7
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Add remote host validation APIChristoph Wurst2022-10-312-0/+255
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Remove deprecated at matcher from tests/libCôme Chilliet2022-08-292-25/+25
| | | | | | Only 15 warnings left in there Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Validate requested length is random string generatorVincent Petry2022-05-121-1/+16
| | | | Signed-off-by: Vincent Petry <vincent@nextcloud.com>
* Add CSP policy merge priority for booleansVincent Petry2022-04-011-1/+2
| | | | | | When two booleans conflict when merging CSP policies, true will win. Signed-off-by: Vincent Petry <vincent@nextcloud.com>
* Migrate from ILogger to LoggerInterface where needed in the testsCôme Chilliet2022-03-243-9/+9
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Allow to set a strict-dynamic CSP through the APIJulius Härtl2022-03-091-0/+2
| | | | Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Check style updateCarl Schwan2022-01-131-1/+1
| | | | Signed-off-by: Carl Schwan <carl@carlschwan.eu>
* Improve normalizer detecting IPv4 inside of IPv6Vincent Petry2021-11-221-1/+9
| | | | | | | The subnet for an IPv4 address inside of IPv6 is now returned in its IPv4 form. Signed-off-by: Vincent Petry <vincent@nextcloud.com>
* Fix getting subnet of ipv4 mapped ipv6 addressesVincent Petry2021-11-221-0/+4
| | | | Signed-off-by: Vincent Petry <vincent@nextcloud.com>
* Add an OCP for trusted domain helperJoas Schilling2021-10-281-10/+23
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Remove tests that just prove mocked calls and don't actually validate ↵Julius Härtl2021-09-271-81/+0
| | | | | | anything useful Signed-off-by: Julius Härtl <jus@bitgrid.net>
* Merge pull request #28728 from nextcloud/add-database-backend-limiterLukas Reschke2021-09-132-36/+19
|\ | | | | Add database ratelimiting backend
| * Adjust testsLukas Reschke2021-09-062-16/+12
| | | | | | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
| * Adjust logic to store period instead of current timestampLukas Reschke2021-09-062-20/+7
| | | | | | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* | add a job to clean up expired verification tokensArthur Schiwon2021-09-091-2/+39
| | | | | | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* | move verification token logic out of lost password controllerArthur Schiwon2021-09-091-0/+272
|/ | | | | | | - to make it reusable - needed for local email verification Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Merge pull request #26626 from J0WI/strict-securityRoeland Jago Douma2021-05-1822-0/+64
|\ | | | | Make Security module strict
| * Make Security module strictJ0WI2021-04-1922-0/+64
| | | | | | | | Signed-off-by: J0WI <J0WI@users.noreply.github.com>
* | Update CredentialsManagerTest.phpJoas Schilling2021-04-211-3/+0
| | | | | | | | Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
* | Fix security credentials manager testJoas Schilling2021-04-201-18/+11
|/ | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Increase subnet matcherLukas Reschke2021-04-071-2/+10
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Bump nextcloud/coding-standard from 0.3.0 to 0.5.0dependabot-preview[bot]2021-02-181-1/+1
| | | | | | | | | | Bumps [nextcloud/coding-standard](https://github.com/nextcloud/coding-standard) from 0.3.0 to 0.5.0. - [Release notes](https://github.com/nextcloud/coding-standard/releases) - [Changelog](https://github.com/nextcloud/coding-standard/blob/master/CHANGELOG.md) - [Commits](https://github.com/nextcloud/coding-standard/compare/v0.3.0...v0.5.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Bump doctrine/dbal from 2.12.0 to 3.0.0Christoph Wurst2021-01-081-4/+11
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Improve CertificateManager to not be user context dependentMorris Jobke2020-11-031-42/+19
| | | | | | | | | * removes the ability for users to import their own certificates (for external storage) * reliably returns the same certificate bundles system wide (and not depending on the user context and available sessions) The user specific certificates were broken in some cases anyways, as they are only loaded if the specific user is logged in and thus causing unexpected behavior for background jobs and other non-user triggered code paths. Signed-off-by: Morris Jobke <hey@morrisjobke.de>
* Implement unit tests for versions 1 and 2.lynn-stephenson2020-10-151-0/+20
| | | | Signed-off-by: lynn-stephenson <lynn.stephenson@protonmail.com>
* Format code to a single space around binary operatorsChristoph Wurst2020-10-051-4/+4
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Don't break when the IP is emptyJoas Schilling2020-09-101-2/+22
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* Change PHPDoc type hint from PHPUnit_Framework_MockObject_MockObject to ↵Morris Jobke2020-08-127-23/+23
| | | | | | \PHPUnit\Framework\MockObject\MockObject Signed-off-by: Morris Jobke <hey@morrisjobke.de>
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-01 14:34:06 +0000