ac2f9816a6
feat(auth): support permanent OCM refresh tokens and bearer login
...
Co-authored-by: Micke Nordin <kano@sunet.se >
Signed-off-by: Micke Nordin <kano@sunet.se >
Signed-off-by: Enrique Pérez Arnaud <enrique@cazalla.net >
2026-06-17 10:44:51 +02:00
088dba3c20
chore: Fix CreateSessionTokenCommandTest and add test for ephemeral session
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com >
2026-06-15 15:28:38 +02:00
da706223e4
Merge pull request #61140 from nextcloud/fix/fix-deprecations-in-tests
...
Fix deprecations in tests
2026-06-11 14:48:10 +02:00
996fcfe443
Merge pull request #57216 from Roszakos/2fa-stateless-provider-interface
...
feat (2fa): Add IStatelessProvider interface
2026-06-11 11:01:23 +02:00
1f246dec14
chore(tests): Set a token string to avoid getToken returning null from tests
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com >
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com >
2026-06-11 09:45:29 +02:00
c6452f01a5
chore(tests): Fix User UID mocking in TwoFactorAuth/ManagerTest.php
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com >
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com >
2026-06-11 09:45:28 +02:00
b4f86c032c
chore(tests): Avoid deprecation in PublicKeyTokenProvider
...
Also cleaned up the test a bit.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com >
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com >
2026-06-11 09:45:27 +02:00
1ab09ec753
chore: Apply new coding standard to all files
...
The diff can be checked using: git diff --ignore-all-space --ignore-blank-lines
To see only the changes not related to blank lines.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com >
2026-06-01 13:46:39 +02:00
c42bc0cf09
feat (2fa): Add IStatelessProvider interface
...
Signed-off-by: michal.roszak@put.poznan.pl <michal.roszak@put.poznan.pl >
2026-05-06 23:03:08 +02:00
e5b1799079
chore: add missing Override attribute to test files
...
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de >
2026-04-28 21:29:28 +02:00
c96ece0bcb
refactor: Add more typing
...
- repairs job
- database
- redis
And remove Helpertest which was unused outside of some tests.
Signed-off-by: Carl Schwan <carl.schwan@nextcloud.com >
2026-02-06 13:55:39 +01:00
4d47fdaa85
chore: Run rector with new rules for fetch
...
Signed-off-by: Carl Schwan <carl.schwan@nextcloud.com >
2025-11-18 17:45:57 +01:00
4e83d20837
feat(login): Add rememberme checkbox
...
Only present if allowed by configuration.
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com >
2025-11-13 13:25:59 +00:00
d6d6747a73
refactor: apply rector rules for PHPUnit 10
...
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de >
2025-10-27 21:56:04 +01:00
9b2fff5931
refactor(querybuilder): Port away from qb::execute() in tests/
...
Replace by either executeStatement or executeQuery
Signed-off-by: Carl Schwan <carl.schwan@nextclound.com >
2025-09-02 11:55:58 +02:00
c4e6fbdae7
fix(query-builder): Don't catch UniqueConstraintViolationException
...
UniqueConstraintViolationException is no longer throw directly but
instead is now wrapped inside a \OCP\DB\Exception. So check the
exception reason.
Signed-off-by: Carl Schwan <carl.schwan@nextclound.com >
2025-09-02 11:55:58 +02:00
4a35837741
feat(auth): adjust PublicKeyTokenProviderTest
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net >
2025-08-21 12:42:44 +02:00
ac545cc478
fix(SetUserTimezoneCommand): only write user login timezone if not yet set
...
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de >
2025-08-18 12:40:42 +02:00
aa15f9d16d
chore: run rector
...
Signed-off-by: Robin Appelman <robin@icewind.nl >
2025-07-01 22:45:52 +02:00
5981b7eb51
chore: apply new CSFixer rules
...
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de >
# Conflicts:
# apps/settings/lib/SetupChecks/PhpOpcacheSetup.php
2025-07-01 16:26:50 +02:00
3561937816
chore: run rector on tests with new rule
...
Signed-off-by: Robin Appelman <robin@icewind.nl >
2025-06-12 18:38:29 +02:00
29e39c0a2e
chore: run rector on tests
...
Signed-off-by: Robin Appelman <robin@icewind.nl >
2025-06-12 18:31:58 +02:00
5f9117b939
test: Fix coding standards
...
Signed-off-by: Joas Schilling <coding@schilljs.com >
2025-05-15 08:48:13 +02:00
53b116b8a5
test: Remove more withConsecutive
...
Signed-off-by: Joas Schilling <coding@schilljs.com >
2025-05-15 08:18:26 +02:00
bb6b462690
Merge pull request #51130 from nextcloud/fix/credential-passwordless-auth
...
fix: Do not build encrypted password if there is none
2025-03-07 16:49:18 +01:00
777cd941dc
fix: Do not build encrypted password if there is none
...
Signed-off-by: Julius Knorr <jus@bitgrid.net >
2025-03-06 09:31:29 +01:00
3c4feff028
fix: Move login via email logic to local backend
...
Backends can decide which names they accept for login,
e.g. with user_ldap you can configure arbitrary login fields.
This was a hacky approach to allow login via email,
so instead this is now only handled by the local user backend.
This also fixes some other related problems:
Other logic relys on `backend::get()` which was not handling email,
so e.g. password policy could not block users logged in via email
if they use out-dated passwords.
Similar for other integrations, as the user backend was not consistent with
what is a login name and what not.
Co-authored-by: Ferdinand Thiessen <opensource@fthiessen.de >
Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com >
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de >
2025-03-03 18:02:07 +01:00
5ea5b2de84
fix: Handle exception when clearing previously removed two factor tokens
...
If a token was already removed from the database but not from the
configuration clearing the tokens will try to remove it again from the
database, which caused a DoesNotExistException to be thrown.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com >
2024-11-05 11:14:05 +01:00
381a2aa627
fix: Clear pending two factor tokens also from configuration
...
Otherwise as the tokens were removed from the database but not from the
configuration the next time that the tokens were cleared the previous
tokens were still got from the configuration, and trying to remove them
again from the database ended in a DoesNotExistException being thrown.
Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com >
2024-11-05 11:14:04 +01:00
a74ef8237d
fix: crypto type made not nullable and tests run using ICrypto
...
Signed-off-by: yemkareems <yemkareems@gmail.com >
2024-10-28 15:04:11 +05:30
505dfd65fd
fix: encrypt and store password, decrypt and retrieve the same
...
Signed-off-by: yemkareems <yemkareems@gmail.com >
2024-10-28 11:22:36 +05:30
9836e9b164
chore(deps): Update nextcloud/coding-standard to v1.3.1
...
Signed-off-by: provokateurin <kate@provokateurin.de >
2024-09-19 14:21:20 +02:00
49dd79eabb
refactor: Add void return type to PHPUnit test methods
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at >
2024-09-15 22:32:31 +02:00
af6de04e9e
style: update codestyle for coding-standard 1.2.3
...
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de >
2024-08-25 19:34:58 +02:00
5100e3152d
feat(auth): Clean-up unused auth tokens and wipe tokens
...
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at >
2024-08-13 12:39:11 +02:00
f6d6efef3a
refactor(Token): introduce scope constants
...
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de >
2024-06-05 19:01:14 +02:00
1f7e2ba599
chore: Add SPDX header
...
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de >
2024-05-13 17:41:36 +02:00
f9ce6bfdff
Refactor OC\Server::getHasher
...
Signed-off-by: Andrew Summers <18727110+summersab@users.noreply.github.com >
2024-03-15 13:04:27 +01:00
d1189f923c
feat(perf): add cache for authtoken lookup
...
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com >
2024-02-28 15:04:04 +01:00
26d343d33a
AppAPI: allowed to bypass Two-Factor
...
Signed-off-by: Alexander Piskun <bigcat88@icloud.com >
2023-12-28 20:59:02 +03:00
aa5f037af7
chore: apply changes from Nextcloud coding standards 1.1.1
...
Signed-off-by: Joas Schilling <coding@schilljs.com >
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com >
2023-11-23 10:36:13 +01:00
771a7b92cc
Add tests for occ user:auth-tokens:delete
...
Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com >
2023-08-25 02:27:41 -03:00
f57c12b14e
Fix various deprecation warnings in tests on PHP 8.3
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com >
2023-08-14 18:13:12 +02:00
dac31ad101
fix!: Remove legacy event dispatching Symfony's GenericEvent from 2FA Manager
...
Signed-off-by: Joas Schilling <coding@schilljs.com >
2023-07-27 09:57:52 +02:00
05aa39d777
Fix event names of 2FA related typed events
...
Signed-off-by: Joas Schilling <coding@schilljs.com >
2023-07-03 14:25:01 +02:00
8d5165e8dc
Adapt tests to config value typing
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com >
2023-04-05 17:42:14 +02:00
37cfccabc1
unit tests for Manager::invalidateTokensOfUser
...
Signed-off-by: Artur Neumann <artur@jankaritech.com >
2023-03-14 17:13:30 +01:00
a81d8ecef5
Fix unit tests
...
Signed-off-by: Joas Schilling <coding@schilljs.com >
2023-02-09 16:15:47 +01:00
f5c361cf44
composer run cs:fix
...
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com >
2023-01-20 11:45:08 +01:00
adfe367106
PublickKeyTokenProvider: Fix password update routine with password hash
...
Signed-off-by: Marcel Klehr <mklehr@gmx.net >
2023-01-04 08:30:53 +01:00
Enrique Pérez Arnaud
Côme Chilliet
Louis
michal.roszak@put.poznan.pl
Ferdinand Thiessen
Carl Schwan
Carl Schwan
Julien Veyssier
Robin Appelman
Joas Schilling
Julius Knorr
Daniel Calviño Sánchez
yemkareems
provokateurin
Christoph Wurst
Daniel Kesselberg
Arthur Schiwon
Andy Scherzinger
Andrew Summers
Benjamin Gaussorgues
Alexander Piskun
Lucas Azevedo
Artur Neumann
Marcel Klehr