averello/nextcloud-server-mirror
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-03-04 18:28:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
86,065 Commits 712 Branches 1,186 Tags
carl/serverrequestinterface
Commit Graph

36 Commits

Author SHA1 Message Date
provokateurin
1b4722c330 fix(oauth2): Limit allowed grant_type values in getToken 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-08-25 13:40:35 +02:00
provokateurin
085d4c9364 refactor(OpenAPI): Adjust scopes to match previous behavior 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-01-06 14:30:40 +01:00
provokateurin
9836e9b164 chore(deps): Update nextcloud/coding-standard to v1.3.1 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-09-19 14:21:20 +02:00
Julien Veyssier
034917b790 fix(oauth2): store hashed secret instead of encrypted 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2024-09-02 14:38:39 +02:00
provokateurin
d8adbce1be refactor(oauth2): Replace security annotations with respective attributes 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-07-29 16:45:54 +02:00
Andy Scherzinger
cc1686dba9 chore: Add SPDX header 
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
 2024-05-31 10:38:47 +02:00
Côme Chilliet
eee9f1eec4 Always catch OCP versions of authentication exceptions 
And always throw OC versions for BC

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 14:02:15 +01:00
Julien Veyssier
d56950a6c9 adjust phpdoc types in OauthApiController 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:03 +02:00
Julien Veyssier
c6da99474e rename oauth2_access_token's created_at to code_created_at 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:02 +02:00
Julien Veyssier
779e1d51ac delete oauth access token when receiving a code that has expired 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:02 +02:00
Julien Veyssier
1ab45bad5d refuse oauth authorization code if a token has already been delivered (active token) 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:02 +02:00
Julien Veyssier
7bba410997 cleanup access tokens that are still in authorization state and that have expired 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:02 +02:00
Julien Veyssier
2995b0948f add tests for oauth2 authorization code expiration 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:02 +02:00
Julien Veyssier
807f173dec make oauth2 authorization code expire after 10 minutes 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:02 +02:00
Joas Schilling
25309bcb45 techdebt(DI): Use public IThrottler interface which exists since Nextcloud 25 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-08-28 15:50:45 +02:00
jld3103
1c19c567fe oauth2: Add OpenAPI spec 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-07-12 07:32:30 +02:00
Julien Veyssier
629adc318f add bruteforce protection in OauthApiController 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-06-19 11:18:06 +02:00
Julien Veyssier
18c742a901 encrypt oauth2 client secrets 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-06-07 11:36:08 +02:00
luz paz
9d26671f05 Fix typos in apps/ subdirectory 
Found via `codespell -q 3 -S l10n,./apps/files_external/3rdparty -L adn,ba,boxs,keypair,jus,optionel,ressource,tabel ./apps/`

Signed-off-by: luz paz <luzpaz@github.com>
Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>
 2022-09-05 12:59:54 +00:00
J0WI
3b656446af Introduce ISecureRandom::CHAR_ALPHANUMERIC 
Signed-off-by: J0WI <J0WI@users.noreply.github.com>
 2021-07-08 15:11:31 +02:00
John Molakvoæ (skjnldsv)
215aef3cbd Update php licenses 
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
 2021-06-04 22:02:41 +02:00
Christoph Wurst
cb057829f7 Update license headers for 19 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-29 11:57:22 +02:00
Christoph Wurst
44577e4345 Remove trailing and in between spaces 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2020-04-09 16:07:47 +02:00
Christoph Wurst
5bf3d1bb38 Update license headers 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2019-12-05 15:38:45 +01:00
Roeland Jago Douma
68748d4f85 Some php-cs fixes 
* Order the imports
* No leading slash on imports
* Empty line before namespace
* One line per import
* Empty after imports
* Emmpty line at bottom of file

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-11-22 20:52:10 +01:00
Roeland Jago Douma
b9ac258870 Strict controllers 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-12-07 13:43:22 +01:00
Roeland Jago Douma
674930da7f Move ExpiredTokenException to the correct namespace 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-30 19:30:45 +01:00
Roeland Jago Douma
75456b057d Reset bruteforce on token refresh OAuth 
When using atoken obtained via OAuth the token expires. Resulting in
brute force attempts hitting the requesting IP.

This resets the brute force attempts for that UID on a valid refresh of
the token.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-30 11:21:27 +01:00
Roeland Jago Douma
3556e78c25 The OAuth endpoint needs to support Basic Auth 
* Add test

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-05-29 15:17:54 +02:00
Roeland Jago Douma
5a97148863 Don't use special chars to avoid confusion 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-05-22 09:24:17 +02:00
Roeland Jago Douma
f7ecec855b Rotate token 
On a refresh token request:
* rorate
* reset expire

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-05-22 09:24:17 +02:00
Roeland Jago Douma
c28b25c4f0 Authenticate the clients on requesting a token 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-05-22 09:24:17 +02:00
Roeland Jago Douma
49795d2006 Set OAuth token expiration 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-05-22 09:24:17 +02:00
Lukas Reschke
88afd8b224 Cleanup code 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-05-18 20:49:08 +02:00
Lukas Reschke
4b4d3bb1c2 It's a bearer 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-05-18 20:49:05 +02:00
Lukas Reschke
5f71805c35 Add basic implementation for OAuth 2.0 Authorization Code Flow 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-05-18 20:49:03 +02:00