averello/nextcloud-server-mirror
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-03-04 18:28:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
50,449 Commits 712 Branches 1,186 Tags
4f31b7b9cc2dac060194de2c769b149a2ac861ba
Commit Graph

79 Commits

Author SHA1 Message Date
Joas Schilling
565838da9c Update unit tests 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2019-07-16 13:32:44 +02:00
Christoph Wurst
d058ef2b6c Make it possible to wipe all tokens/devices of a user 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2019-07-09 13:57:04 +02:00
Christoph Wurst
1c261675ad Refactor: move remote wipe token logic to RW service 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2019-07-09 13:39:27 +02:00
Christoph Wurst
c50fe2a9c9 Send emails when remote wipe starts/finishes 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2019-07-02 21:59:23 +02:00
Christoph Wurst
aa6622ccef Decouple remote wipe notifcation channels with events 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2019-06-27 17:16:18 +02:00
Roeland Jago Douma
579162d7b9 Allow 2FA to be setup on first login 
Once 2FA is enforced for a user and they have no 2FA setup yet this will
now prompt them with a setup screen. Given that providers are enabled
that allow setup then.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2019-05-17 10:11:53 +02:00
Christoph Wurst
170582d4f5 Add a login chain to reduce the complexity of LoginController::tryLogin 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2019-05-07 18:04:36 +02:00
Joas Schilling
bb352fb667 Use the defined func()->count() instead of manual counting 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2018-11-08 15:44:45 +01:00
Roeland Jago Douma
674930da7f Move ExpiredTokenException to the correct namespace 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-30 19:30:45 +01:00
Christoph Wurst
83e994c11f Make it possible to enforce mandatory 2FA for groups 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-10-15 08:22:52 +02:00
Roeland Jago Douma
19f84f7b54 Add tests 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-02 19:50:54 +02:00
Roeland Jago Douma
956fe1b867 Generate backups code notification if not enable but 2fa is 
Generate a notification to generate backup codes if you enable an other
2FA provider but backup codes are not yet generated.

* Add event listner
* Insert background job
* Background job tests and emits notification every 2 weeks
* If the backup codes are generated the next run will remove the job

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-01 15:35:25 +02:00
Christoph Wurst
259c0ce11d Add mandatory 2FA service/class 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-09-30 11:47:29 +02:00
Morris Jobke
ee73f6c416 Merge pull request #11240 from nextcloud/feature/noid/consider-openssl-settings-from-config.php 
Consider openssl settings from config.php
 2018-09-25 18:04:20 +02:00
Christoph Wurst
7586b19e52 Only allow 2FA state changs if providers support the operation 
Ref https://github.com/nextcloud/server/issues/11019.

Add `twofactorauth:cleanup` command

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-09-25 09:54:20 +02:00
Daniel Kesselberg
6bdcec67ab Add openssl to mock 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
 2018-09-16 12:38:08 +02:00
Christoph Wurst
5c70aa2a22 Remove unused import 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-08-10 09:30:17 +02:00
Christoph Wurst
1124b87bc0 Fix 2FA being enforced if only backup codes provider is active 
Fixes https://github.com/nextcloud/server/issues/10634.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-08-10 09:26:40 +02:00
Christoph Wurst
8db66d5dfb Fix double-inserts of the same provider state 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-08-09 13:56:04 +02:00
Christoph Wurst
85bc5edb5e Add integration/unit test for the double-insert of same values 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-08-09 13:43:00 +02:00
Christoph Wurst
d8197f2b97 Rename providerset method to get primary providers 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-08-08 20:28:21 +02:00
Christoph Wurst
c6e47e8a51 Fix login redirection if only one 2FA provider is active 
Fixes https://github.com/nextcloud/server/issues/10500.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-08-08 15:25:59 +02:00
Christoph Wurst
d248a0bd1e Fix 2FA provider registry population on login 
If the 2FA provider registry has not been populated yet, we have to make
sure all available providers are loaded and queried on login. Otherwise
previously active 2FA providers aren't detected as enabled.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-08-08 06:57:52 +02:00
Christoph Wurst
fc149bab3c Fix duplicate inserts in the 2fa provider registry DAO 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-07-31 06:43:44 +02:00
Christoph Wurst
7be465febe Make new classes strict and fix license header 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-06-25 07:38:52 +02:00
Christoph Wurst
13d93f5b25 Make 2FA providers stateful 
This adds persistence to the Nextcloud server 2FA logic so that the server
knows which 2FA providers are enabled for a specific user at any time, even
when the provider is not available.

The `IStatefulProvider` interface was added as tagging interface for providers
that are compatible with this new API.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-06-20 08:30:26 +02:00
Roeland Jago Douma
df34571d1d Use constant for token version 
And don't set the version in the constructor. That would possible cause
to many updates.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-06-18 22:11:55 +02:00
Roeland Jago Douma
9e7a95fe58 Add more tests 
* Add a lot of tests
* Fixes related to those tests
* Fix tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-06-18 22:11:55 +02:00
Roeland Jago Douma
4bbc21cb21 SetPassword on PublicKeyTokens 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-06-18 22:11:55 +02:00
Roeland Jago Douma
4c0d710479 Just pass uid to the Token stuff 
We don't have user objects in the code everywhere

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-06-18 22:11:54 +02:00
Roeland Jago Douma
1f17010e0b Add first tests 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-06-18 22:11:54 +02:00
Roeland Jago Douma
6b7cf46727 Certain tokens can expire 
However due to the nature of what we store in the token (encrypted
passwords etc). We can't just delete the tokens because that would make
the oauth refresh useless.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-05-17 16:10:19 +02:00
Roeland Jago Douma
aba255997a Allow the rotation of tokens 
This for example will allow rotating the apptoken for oauth

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-05-16 19:27:19 +02:00
Roeland Jago Douma
466297829e Fix tests 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-05-15 10:56:40 +02:00
Julius Härtl
372e06d742 Add all parameters to returnValueMap 
Signed-off-by: Julius Härtl <jus@bitgrid.net>
 2018-01-31 14:15:12 +01:00
Morris Jobke
b9bbb894f8 Merge pull request #7916 from nextcloud/2fa_log 
Add 2FA to logfile
 2018-01-25 15:57:32 +01:00
Roeland Jago Douma
c92eff919e Fix tests 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-01-25 13:25:09 +01:00
Joas Schilling
bf2be08c9f Fix risky tests without assertions 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2018-01-25 11:33:25 +01:00
Lukas Reschke
9ac878b6cb Adjust tests for added lastCheck time 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-11-27 09:25:03 +01:00
Christoph Wurst
38bb6e1477 Fix duplicate session token after remembered login 
On a remembered login session, we create a new session token
in the database with the values of the old one. As we actually
don't need the old session token anymore, we can delete it right
away.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2017-09-20 21:39:31 +02:00
Roeland Jago Douma
9163cf9241 Fix AppPassword 2FA auth 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-09-12 22:28:43 +02:00
Roeland Jago Douma
b96485b6bd Fix login with basic auth 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-09-05 12:24:41 +02:00
Roeland Jago Douma
84b7022118 Improve 2FA 
* Store the auth state in the session so we don't have to query it every
time.
* Added some tests

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-08-29 20:27:36 +02:00
Lukas Reschke
7976927628 Merge pull request #4894 from nextcloud/generic-security-activities 
Change 2FA activities to more generic security activities
 2017-05-19 00:50:44 +02:00
Roeland Jago Douma
e43649e67e Fix tests 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2017-05-18 22:10:57 +02:00
Lukas Reschke
59e968977c Add test for DefaultTokenMapper 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-05-18 20:49:09 +02:00
Lukas Reschke
77827ebf11 Rename table back to lowercase 
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
 2017-05-18 20:49:09 +02:00
Bjoern Schiessle
1eb7f4956b delete auth token when client gets deleted 
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
 2017-05-18 20:49:07 +02:00
Joas Schilling
d2d9f74707 Fix warning with undefined method 
Trying to configure method "getRemember" which cannot be configured
because it does not exist, has not been specified, is final, or is
static

Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-04-20 12:37:59 +02:00
Joas Schilling
5695a4ec92 Don't do a recursive search 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-03-22 10:44:13 +01:00