29 Commits

Author	SHA1	Message	Date
Joas Schilling	927bea2b4d	fix(psalm): Satisfy psalm ... Signed-off-by: Joas Schilling <coding@schilljs.com>	2026-01-09 19:07:07 +01:00
Joas Schilling	a82827dff5	feat(app-passwords): Add config to disallow creating app-passwords ... Signed-off-by: Joas Schilling <coding@schilljs.com>	2026-01-09 19:07:07 +01:00
Joas Schilling	6b121c37da	feat: Allow to create one-time app passwords that only allow loading an app-password ... Signed-off-by: Joas Schilling <coding@schilljs.com>	2026-01-09 19:07:07 +01:00
Ferdinand Thiessen	495c364268	chore: use consistent casing for header names (required by openAPI) ... Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-06-09 19:24:26 +02:00
provokateurin	82fb8f8508	refactor: Extend rector to core/ ... Signed-off-by: provokateurin <kate@provokateurin.de>	2025-05-15 00:16:54 +02:00
provokateurin	77114fb327	fix(OpenAPI): Adjust array syntax to avoid ambiguities ... Signed-off-by: provokateurin <kate@provokateurin.de>	2024-11-05 09:58:11 +01:00
provokateurin	9836e9b164	chore(deps): Update nextcloud/coding-standard to v1.3.1 ... Signed-off-by: provokateurin <kate@provokateurin.de>	2024-09-19 14:21:20 +02:00
provokateurin	bc5c0262af	refactor(core): Make all attribute arguments named ... Signed-off-by: provokateurin <kate@provokateurin.de>	2024-07-27 22:36:18 +02:00
provokateurin	c57c3c1573	refactor(core): Replace security annotations with respective attributes ... Signed-off-by: provokateurin <kate@provokateurin.de>	2024-07-26 07:30:45 +02:00
Andy Scherzinger	e07a190641	chore: Add SPDX header ... Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	2024-05-27 14:53:40 +02:00
provokateurin	2c51933b6b	refactor(core): Switch to attribute based routing ... Signed-off-by: provokateurin <kate@provokateurin.de>	2024-02-21 12:07:50 +01:00
provokateurin	6243a9471d	feat(core): Add OCS endpoint for confirming the user password ... Signed-off-by: provokateurin <kate@provokateurin.de>	2024-02-20 14:28:00 +01:00
Côme Chilliet	eee9f1eec4	Always catch OCP versions of authentication exceptions ... And always throw OC versions for BC Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-01-11 14:02:15 +01:00
Joas Schilling	0d51d8fbcb	fix(core): Add password confirmation requirement for getapppassword ... Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-07-17 12:07:22 +02:00
jld3103	1be836273d	core: Add OpenAPI spec ... Signed-off-by: jld3103 <jld3103yt@gmail.com>	2023-07-13 07:24:15 +02:00
Faraz Samapoor	25cdc35473	Update core/Controller/AppPasswordController.php ... Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com> Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>	2023-06-05 18:26:27 +03:30
Faraz Samapoor	2713ab023f	Update core/Controller/AppPasswordController.php ... Co-authored-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com> Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>	2023-06-05 16:45:01 +03:30
Faraz Samapoor	450bf5c99e	Refactors controllers by using PHP8's constructor property promotion. ... Signed-off-by: Faraz Samapoor <f.samapoor@gmail.com>	2023-06-04 23:20:35 +03:30
Carl Schwan	b70c6a128f	Update core to PHP 7.4 standard ... - Typed properties - Port to LoggerInterface Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-05-20 22:18:06 +02:00
Joas Schilling	5f75d2e104	Remove old shortening ... Signed-off-by: Joas Schilling <coding@schilljs.com>	2022-03-23 21:42:29 +01:00
Joas Schilling	a0c7798c7d	Limit the length of app password names ... Signed-off-by: Joas Schilling <coding@schilljs.com>	2022-03-23 10:47:56 +01:00
John Molakvoæ (skjnldsv)	215aef3cbd	Update php licenses ... Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	2021-06-04 22:02:41 +02:00
Christoph Wurst	f8808e260d	Move app_password_created to a typed event ... Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-02-09 18:49:35 +01:00
Christoph Wurst	5bf3d1bb38	Update license headers ... Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2019-12-05 15:38:45 +01:00
Roeland Jago Douma	cd1f443804	Allow rotation of apppasswords ... Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-08-27 13:46:06 +02:00
Roeland Jago Douma	2dcb4cfbd6	Allow clients to delete their own apptoken ... Fixes #15480 Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2019-05-17 09:52:06 +02:00
Daniel Kesselberg	c583c5e7e2	Emit event if app password created ... Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2019-02-18 17:47:43 +01:00
Daniel Kesselberg	2ade2bef8c	Publish activity for app token created by ocs api ... Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2019-02-17 23:37:22 +01:00
Roeland Jago Douma	78273cb1e6	Add an endppoint for clients to request an app password ... Now that we allow enforcing 2 factor auth it make sense if we also allow and endpoint where the clients can in the background fetch an apppassword if they were configured before the login flow was present. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2018-10-03 19:05:20 +02:00