averello/nextcloud-server-mirror
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-02-27 18:37:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
84,313 Commits 689 Branches 1,186 Tags
fixup
Commit Graph

194 Commits

Author SHA1 Message Date
Carl Schwan
c4e6fbdae7 fix(query-builder): Don't catch UniqueConstraintViolationException 
UniqueConstraintViolationException is no longer throw directly but
instead is now wrapped inside a \OCP\DB\Exception. So check the
exception reason.

Signed-off-by: Carl Schwan <carl.schwan@nextclound.com>
 2025-09-02 11:55:58 +02:00
Julien Veyssier
3d36834284 feat(auth): include the token entity in TokenInvalidatedEvent 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2025-08-21 12:42:44 +02:00
Julien Veyssier
4a35837741 feat(auth): adjust PublicKeyTokenProviderTest 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2025-08-21 12:42:44 +02:00
Julien Veyssier
3da919c783 feat(auth): dispatch new TokenInvalidatedEvent when PublicKeyTokenProvider::invalidateToken is called 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2025-08-21 12:42:44 +02:00
Julien Veyssier
8ffd30bbf9 feat(auth): dispatch new TokenInvalidatedEvent when PublicKeyTokenProvider::invalidateTokenById is called 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
 2025-08-21 12:42:43 +02:00
Ferdinand Thiessen
5981b7eb51 chore: apply new CSFixer rules 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>

# Conflicts:
#	apps/settings/lib/SetupChecks/PhpOpcacheSetup.php
 2025-07-01 16:26:50 +02:00
Ferdinand Thiessen
0e54c2bd43 fix: Adjust Entity types 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-10-17 18:31:44 +02:00
Git'Fellow
c254855222 chore(db): Correctly apply query types 
fix: psalm

fix: error

fix: add batch

fix: fatal error

fix: add batch

chore: add batch

chore: add batch

fix: psalm

fix: typo

fix: psalm

fix: return bool

fix: revert Manager
 2024-10-17 09:21:07 +02:00
Ferdinand Thiessen
a8f46af20f chore: Add proper deprecation dates where missing 
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
 2024-09-20 00:46:03 +02:00
Daniel Kesselberg
af6de04e9e style: update codestyle for coding-standard 1.2.3 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2024-08-25 19:34:58 +02:00
Christoph Wurst
5100e3152d feat(auth): Clean-up unused auth tokens and wipe tokens 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-08-13 12:39:11 +02:00
Arthur Schiwon
99182aac37 fix(Token): take over scope in token refresh with login by cookie 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-07-19 15:53:46 +02:00
Arthur Schiwon
6a783d9b08 fix(Session): avoid race conditions on clustered setups 
- re-stablishes old behaviour with cache to return null instead of throwing
  an InvalidTokenException when the token is cached as non-existing
- token invalidation and re-generation are bundled in a DB transaction now

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-07-10 13:28:33 +02:00
Arthur Schiwon
f6d6efef3a refactor(Token): introduce scope constants 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-06-05 19:01:14 +02:00
Arthur Schiwon
340939e688 fix(Session): avoid password confirmation on SSO 
SSO backends like SAML and OIDC tried a trick to suppress password
confirmations as they are not possible by design. At least for SAML it was
not reliable when existing user backends where used as user repositories.

Now we are setting a special scope with the token, and also make sure that
the scope is taken over when tokens are regenerated.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2024-06-05 19:01:13 +02:00
Daniel
fca38e12c8 Merge pull request #45411 from nextcloud/fix/auth/selective-token-activity-update 
fix(auth): Update authtoken activity selectively
 2024-05-29 12:05:45 +02:00
Andy Scherzinger
dae7c159f7 chore: Add SPDX header 
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
 2024-05-24 13:11:22 +02:00
Christoph Wurst
bcc02a3c71 fix(auth): Update authtoken activity selectively 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2024-05-21 07:55:01 +02:00
Christoph Wurst
fe7217d2d3 Merge pull request #45026 from nextcloud/fix/token-update 
Avoid updating the same oc_authtoken row twice
 2024-05-16 12:00:32 +02:00
Julius Härtl
04780ae30a fix: Always set last activity if we update the row of an authtoken anyways 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2024-04-29 15:20:17 +02:00
Joas Schilling
bc4a102f52 fix(session): Avoid race condition for cache::get() vs. cache::hasKey() 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2024-04-29 12:45:44 +02:00
Côme Chilliet
ec5133b739 fix: Apply new coding standard to all files 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-04-02 14:16:21 +02:00
Benjamin Gaussorgues
d1189f923c feat(perf): add cache for authtoken lookup 
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2024-02-28 15:04:04 +01:00
Côme Chilliet
a526a382bf Import OCP IToken as OCPIToken to avoid a name clash in lib/private 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 15:45:14 +01:00
Côme Chilliet
8fc39aeb1c Use IToken from OCP instead of OC 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 14:02:15 +01:00
Côme Chilliet
95ea6188dc Suppress or fix psalm errors related to InvalidTokenException 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 14:02:15 +01:00
Côme Chilliet
eee9f1eec4 Always catch OCP versions of authentication exceptions 
And always throw OC versions for BC

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2024-01-11 14:02:15 +01:00
Joas Schilling
aa5f037af7 chore: apply changes from Nextcloud coding standards 1.1.1 
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
 2023-11-23 10:36:13 +01:00
Côme Chilliet
d8b42c6131 Allow passing null to PublicKeyToken::setScope, fixes tests 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-10-23 15:52:07 +02:00
Côme Chilliet
33a24134a7 Improve docblock annotations for tokens and their exceptions 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-10-23 15:20:04 +02:00
Côme Chilliet
58a57a714e Use more precise typing for setScope method parameter 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-10-23 15:19:38 +02:00
Côme Chilliet
356f0291a2 Align PublicKeyToken with interface changes 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-10-23 09:41:32 +02:00
Côme Chilliet
f94fb33062 Move IToken and IProvider::getToken to OCP 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-10-20 17:51:33 +02:00
Lucas Azevedo
2a36acfc2b Fix typo 
Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>
 2023-08-25 11:20:34 -03:00
Lucas Azevedo
c93b1634d3 Fixes from static analysis 
Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com>
Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>
 2023-08-25 10:41:46 -03:00
Lucas Azevedo
fe9b9c1955 Add last-used-before option 
Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>
 2023-08-25 02:07:57 -03:00
Côme Chilliet
b294edad80 Merge branch 'master' into enh/type-iconfig-getter-calls 
Signed-off-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
 2023-04-20 16:52:38 +02:00
Christoph Wurst
5eb768ac5e fix(auth): Run token statements in atomic transaction 
All or nothing

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2023-04-12 15:55:42 +02:00
Côme Chilliet
426c0341ff Use typed version of IConfig::getSystemValue as much as possible 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-04-05 12:50:08 +02:00
Côme Chilliet
8568c11d24 Merge pull request #36033 from nextcloud/invalidateTokensWhenDeletingOAuthClientMaster 
[master] invalidate existing tokens when deleting an oauth client
 2023-03-15 11:09:51 +01:00
Artur Neumann
f634badf12 public interface to invalidate tokens of user 
Signed-off-by: Artur Neumann <artur@jankaritech.com>
 2023-03-14 17:13:29 +01:00
Ember 'n0emis' Keske
6881d2f2f1 Don't try to hash a nonexisting password 
Allows to log-in via a passwordless authentication provider, eg SSO

Signed-off-by: Ember 'n0emis' Keske <git@n0emis.eu>
 2023-03-13 10:32:53 +01:00
Joas Schilling
6417ea0265 fix(authentication): Handle null or empty string password hash 
This can happen when the auth.storeCryptedPassword config is used,
which previously errored with:
Hasher::verify(): Argument #2 ($hash) must be of type string, null given

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-02-10 09:18:50 +01:00
Joas Schilling
e47d56ac36 Merge pull request #36621 from nextcloud/perf/noid/only-check-for-token-when-it-can-actually-be 
fix(performance): Only search for auth tokens when the provided login…
 2023-02-10 01:29:30 +01:00
Julius Härtl
580feecdbf fix(authtoken): Store only one hash for authtokens with the current password per user 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2023-02-09 13:44:00 +01:00
Joas Schilling
7a85a1596e fix(authentication): Check minimum length when creating app tokens 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-02-09 09:58:35 +01:00
Joas Schilling
03a585ab4f fix(performance): Only search for auth tokens when the provided login is long enough 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-02-08 22:45:23 +01:00
Côme Chilliet
f5c361cf44 composer run cs:fix 
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
 2023-01-20 11:45:08 +01:00
Joas Schilling
2fb4dac7ad fix(authentication): Update the token when the hash is null or can not be verified 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-01-09 16:32:36 +01:00
Joas Schilling
28b18d561c fix(authentication): Only hash the new password when needed 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2023-01-09 15:58:26 +01:00