averello/nextcloud-server-mirror
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-06-29 12:24:50 +02:00
Code Issues Packages Projects Releases Wiki Activity
88,512 Commits 1,008 Branches 1,229 Tags
executeUpdateRemove
Commit Graph

105 Commits

Author SHA1 Message Date
Carl Schwan 734904e7f0 feat(oauth2): Add commands for adding and deleting clients 
Refactor the code for doing that from the controller to a seperate
service.

Signed-off-by: Carl Schwan <carlschwan@kde.org>
 2026-06-15 13:06:09 +02:00
Côme Chilliet 1ab09ec753 chore: Apply new coding standard to all files 
The diff can be checked using: git diff --ignore-all-space --ignore-blank-lines
To see only the changes not related to blank lines.

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2026-06-01 13:46:39 +02:00
Peter Ringelmann 4b1c3fbe3b fix(settings,oauth2): preserve wipe state across admin deletion paths 
Signed-off-by: Peter Ringelmann <peter.ringelmann@nextcloud.com>
 2026-05-26 16:41:02 +02:00
Ferdinand Thiessen d8e8703796 chore: add missing Override attribute to app code 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2026-04-28 21:29:28 +02:00
Julien Veyssier 59b3d7a5b2 fix(oauth): rotate the auth token only if the access token rotation was successful 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2026-04-22 11:23:47 +02:00
Julien Veyssier c639dfdbfc fix(oauth): make the throttling reason more specific 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2026-04-22 11:23:47 +02:00
Julien Veyssier 72c4d0f72a fix(oauth): wrap token rotation in a transaction, only rotate if the token hasn't been modified since we have read it 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2026-04-22 11:23:47 +02:00
Kate bce67a250f Merge pull request #59764 from nextcloud/fix/add-missing-password-required 
fix: Add missing PasswordConfirmationRequired attributes
 2026-04-21 15:41:15 +02:00
Côme Chilliet cfd5f04116 fix: Add missing PasswordConfirmationRequired attributes 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2026-04-21 10:21:07 +02:00
Côme Chilliet 135a8128d4 fix(oauth2): Add missing urlencode for failure redirection 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2026-04-21 09:34:48 +02:00
Côme Chilliet 5c1b58c380 fix(oauth2): Do not store the code in throttle metadata 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2026-03-19 14:40:12 +01:00
nextcloud-command 663018455e refactor: Apply rector changes 
Signed-off-by: GitHub <noreply@github.com>
 2026-03-01 14:43:11 +00:00
provokateurin f12cecb684 feat(rector): Enable SafeDeclareStrictTypesRector 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2026-02-09 10:59:31 +01:00
Ferdinand Thiessen 6a570c0133 refactor(oauth2): migrate to Typescript and Vue 3 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2025-12-12 00:42:15 +01:00
Carl Schwan 4d47fdaa85 chore: Run rector with new rules for fetch 
Signed-off-by: Carl Schwan <carl.schwan@nextcloud.com>
 2025-11-18 17:45:57 +01:00
provokateurin 1b4722c330 fix(oauth2): Limit allowed grant_type values in getToken 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-08-25 13:40:35 +02:00
Ferdinand Thiessen 5981b7eb51 chore: apply new CSFixer rules 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>

# Conflicts:
#	apps/settings/lib/SetupChecks/PhpOpcacheSetup.php
 2025-07-01 16:26:50 +02:00
Richard Steinmetz 246da73a36 fix(oauth2): retain support for legacy ownCloud clients 
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
 2025-04-01 11:25:52 +02:00
Côme Chilliet 75f8bb51ed fix: Rename config option to skipAuthPickerApplications to match what it does 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-01-07 10:34:30 +01:00
Côme Chilliet e7be008dc1 feat(oauth2): Skip page before login as well for authorized applications 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2025-01-07 10:34:30 +01:00
provokateurin 085d4c9364 refactor(OpenAPI): Adjust scopes to match previous behavior 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2025-01-06 14:30:40 +01:00
provokateurin 381077028a refactor(apps): Use constructor property promotion when possible 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-10-21 12:37:59 +02:00
Ferdinand Thiessen 2ef74b9860 Merge pull request #47329 from nextcloud/feat/add-datetime-qbmapper-support 
feat(AppFramework): Add full support for date / time / datetime columns
 2024-10-18 19:05:08 +02:00
Git'Fellow a1681b0756 chore(db): Apply query prepared statements 
Fix: psalm

fix: bad file

fix: bug

chore: add batch

chore: add batch

chore: add batch

fix: psalm
 2024-10-17 20:30:47 +02:00
Ferdinand Thiessen 0e54c2bd43 fix: Adjust Entity types 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-10-17 18:31:44 +02:00
provokateurin 54ec472d9a fix(BackgroundJobs): Adjust intervals and time sensitivities 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-10-08 11:26:53 +02:00
Côme Chilliet 1a4978c4ea chore: Apply rector configuration to apps folder 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-09-20 17:51:00 +02:00
provokateurin 9836e9b164 chore(deps): Update nextcloud/coding-standard to v1.3.1 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-09-19 14:21:20 +02:00
Julien Veyssier 120e7e838c fix(oauth2): fix tests 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2024-09-02 14:38:39 +02:00
Julien Veyssier 034917b790 fix(oauth2): store hashed secret instead of encrypted 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2024-09-02 14:38:39 +02:00
Artur Neumann cc44ec54ad invalidate oauth2 tokens only for seen users 
Signed-off-by: Artur Neumann <artur@jankaritech.com>
 2024-08-16 10:33:52 +02:00
provokateurin d8adbce1be refactor(oauth2): Replace security annotations with respective attributes 
Signed-off-by: provokateurin <kate@provokateurin.de>
 2024-07-29 16:45:54 +02:00
Andy Scherzinger cc1686dba9 chore: Add SPDX header 
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
 2024-05-31 10:38:47 +02:00
Côme Chilliet eee9f1eec4 Always catch OCP versions of authentication exceptions 
And always throw OC versions for BC

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 14:02:15 +01:00
Joas Schilling aa5f037af7 chore: apply changes from Nextcloud coding standards 1.1.1 
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-23 10:36:13 +01:00
Julien Veyssier d56950a6c9 adjust phpdoc types in OauthApiController 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:03 +02:00
Julien Veyssier d2bc483adf adjust oauth app 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:02 +02:00
Julien Veyssier 32f984c520 adjust oauth tests 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:02 +02:00
Julien Veyssier c6da99474e rename oauth2_access_token's created_at to code_created_at 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:02 +02:00
Julien Veyssier e944980eb6 add db index on oauth2_access_tokens's (token_count, created_at) 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:02 +02:00
Julien Veyssier 779e1d51ac delete oauth access token when receiving a code that has expired 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:02 +02:00
Julien Veyssier 1ab45bad5d refuse oauth authorization code if a token has already been delivered (active token) 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:02 +02:00
Julien Veyssier 7bba410997 cleanup access tokens that are still in authorization state and that have expired 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:02 +02:00
Julien Veyssier 2995b0948f add tests for oauth2 authorization code expiration 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:02 +02:00
Julien Veyssier 807f173dec make oauth2 authorization code expire after 10 minutes 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-10-05 14:24:02 +02:00
Joas Schilling 25309bcb45 techdebt(DI): Use public IThrottler interface which exists since Nextcloud 25 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-08-28 15:50:45 +02:00
jld3103 1c19c567fe oauth2: Add OpenAPI spec 
Signed-off-by: jld3103 <jld3103yt@gmail.com>
 2023-07-12 07:32:30 +02:00
Julien Veyssier 629adc318f add bruteforce protection in OauthApiController 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-06-19 11:18:06 +02:00
Julien Veyssier 578bf8cc0b add extra migration that sets the secret column length in case the previous step has run when it was setting it to 256 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-06-14 17:21:38 +02:00
Julien Veyssier 24e517c5b3 make oauth2 client secret column larger 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2023-06-14 17:21:38 +02:00