nextcloud

mirror of https://github.com/nextcloud/server.git synced 2026-02-20 16:35:37 -05:00

Author	SHA1	Message	Date
provokateurin	f12cecb684	feat(rector): Enable SafeDeclareStrictTypesRector Signed-off-by: provokateurin <kate@provokateurin.de>	2026-02-09 10:59:31 +01:00
Ferdinand Thiessen	6a570c0133	refactor(oauth2): migrate to Typescript and Vue 3 Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2025-12-12 00:42:15 +01:00
Carl Schwan	4d47fdaa85	chore: Run rector with new rules for fetch Signed-off-by: Carl Schwan <carl.schwan@nextcloud.com>	2025-11-18 17:45:57 +01:00
provokateurin	1b4722c330	fix(oauth2): Limit allowed grant_type values in getToken Signed-off-by: provokateurin <kate@provokateurin.de>	2025-08-25 13:40:35 +02:00
Ferdinand Thiessen	5981b7eb51	chore: apply new CSFixer rules Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de> # Conflicts: # apps/settings/lib/SetupChecks/PhpOpcacheSetup.php	2025-07-01 16:26:50 +02:00
Richard Steinmetz	246da73a36	fix(oauth2): retain support for legacy ownCloud clients Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>	2025-04-01 11:25:52 +02:00
Côme Chilliet	75f8bb51ed	fix: Rename config option to skipAuthPickerApplications to match what it does Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-01-07 10:34:30 +01:00
Côme Chilliet	e7be008dc1	feat(oauth2): Skip page before login as well for authorized applications Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2025-01-07 10:34:30 +01:00
provokateurin	085d4c9364	refactor(OpenAPI): Adjust scopes to match previous behavior Signed-off-by: provokateurin <kate@provokateurin.de>	2025-01-06 14:30:40 +01:00
provokateurin	381077028a	refactor(apps): Use constructor property promotion when possible Signed-off-by: provokateurin <kate@provokateurin.de>	2024-10-21 12:37:59 +02:00
Ferdinand Thiessen	2ef74b9860	Merge pull request #47329 from nextcloud/feat/add-datetime-qbmapper-support feat(AppFramework): Add full support for date / time / datetime columns	2024-10-18 19:05:08 +02:00
Git'Fellow	a1681b0756	chore(db): Apply query prepared statements Fix: psalm fix: bad file fix: bug chore: add batch chore: add batch chore: add batch fix: psalm	2024-10-17 20:30:47 +02:00
Ferdinand Thiessen	0e54c2bd43	fix: Adjust Entity types Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>	2024-10-17 18:31:44 +02:00
provokateurin	54ec472d9a	fix(BackgroundJobs): Adjust intervals and time sensitivities Signed-off-by: provokateurin <kate@provokateurin.de>	2024-10-08 11:26:53 +02:00
Côme Chilliet	1a4978c4ea	chore: Apply rector configuration to apps folder Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-09-20 17:51:00 +02:00
provokateurin	9836e9b164	chore(deps): Update nextcloud/coding-standard to v1.3.1 Signed-off-by: provokateurin <kate@provokateurin.de>	2024-09-19 14:21:20 +02:00
Julien Veyssier	120e7e838c	fix(oauth2): fix tests Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2024-09-02 14:38:39 +02:00
Julien Veyssier	034917b790	fix(oauth2): store hashed secret instead of encrypted Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2024-09-02 14:38:39 +02:00
Artur Neumann	cc44ec54ad	invalidate oauth2 tokens only for seen users Signed-off-by: Artur Neumann <artur@jankaritech.com>	2024-08-16 10:33:52 +02:00
provokateurin	d8adbce1be	refactor(oauth2): Replace security annotations with respective attributes Signed-off-by: provokateurin <kate@provokateurin.de>	2024-07-29 16:45:54 +02:00
Andy Scherzinger	cc1686dba9	chore: Add SPDX header Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>	2024-05-31 10:38:47 +02:00
Côme Chilliet	eee9f1eec4	Always catch OCP versions of authentication exceptions And always throw OC versions for BC Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>	2024-01-11 14:02:15 +01:00
Joas Schilling	aa5f037af7	chore: apply changes from Nextcloud coding standards 1.1.1 Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>	2023-11-23 10:36:13 +01:00
Julien Veyssier	d56950a6c9	adjust phpdoc types in OauthApiController Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:03 +02:00
Julien Veyssier	d2bc483adf	adjust oauth app Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +02:00
Julien Veyssier	32f984c520	adjust oauth tests Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +02:00
Julien Veyssier	c6da99474e	rename oauth2_access_token's created_at to code_created_at Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +02:00
Julien Veyssier	e944980eb6	add db index on oauth2_access_tokens's (token_count, created_at) Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +02:00
Julien Veyssier	779e1d51ac	delete oauth access token when receiving a code that has expired Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +02:00
Julien Veyssier	1ab45bad5d	refuse oauth authorization code if a token has already been delivered (active token) Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +02:00
Julien Veyssier	7bba410997	cleanup access tokens that are still in authorization state and that have expired Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +02:00
Julien Veyssier	2995b0948f	add tests for oauth2 authorization code expiration Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +02:00
Julien Veyssier	807f173dec	make oauth2 authorization code expire after 10 minutes Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-10-05 14:24:02 +02:00
Joas Schilling	25309bcb45	techdebt(DI): Use public IThrottler interface which exists since Nextcloud 25 Signed-off-by: Joas Schilling <coding@schilljs.com>	2023-08-28 15:50:45 +02:00
jld3103	1c19c567fe	oauth2: Add OpenAPI spec Signed-off-by: jld3103 <jld3103yt@gmail.com>	2023-07-12 07:32:30 +02:00
Julien Veyssier	629adc318f	add bruteforce protection in OauthApiController Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-06-19 11:18:06 +02:00
Julien Veyssier	578bf8cc0b	add extra migration that sets the secret column length in case the previous step has run when it was setting it to 256 Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-06-14 17:21:38 +02:00
Julien Veyssier	24e517c5b3	make oauth2 client secret column larger Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-06-14 17:21:38 +02:00
Julien Veyssier	18c742a901	encrypt oauth2 client secrets Signed-off-by: Julien Veyssier <julien-nc@posteo.net>	2023-06-07 11:36:08 +02:00
Artur Neumann	f634badf12	public interface to invalidate tokens of user Signed-off-by: Artur Neumann <artur@jankaritech.com>	2023-03-14 17:13:29 +01:00
Artur Neumann	21be557e2a	invalidate existing tokens when deleting an oauth client Signed-off-by: Artur Neumann <artur@jankaritech.com>	2023-03-14 17:13:23 +01:00
luz paz	9d26671f05	Fix typos in apps/ subdirectory Found via `codespell -q 3 -S l10n,./apps/files_external/3rdparty -L adn,ba,boxs,keypair,jus,optionel,ressource,tabel ./apps/` Signed-off-by: luz paz <luzpaz@github.com> Signed-off-by: nextcloud-command <nextcloud-command@users.noreply.github.com>	2022-09-05 12:59:54 +00:00
Carl Schwan	53db418ee9	Cleanup oauth2 admin settings - Use more vue components - Add link to doc Signed-off-by: Carl Schwan <carl@carlschwan.eu>	2022-07-14 12:16:13 +02:00
Daniel Kesselberg	11cacb52d4	Use property name for addType Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>	2022-05-12 21:12:46 +02:00
Louis Chemineau	c5722869be	Add oauth2_clients migration for Owncloud Signed-off-by: Louis Chemineau <louis@chmn.me>	2022-03-24 18:08:43 +01:00
Joas Schilling	c6ae53096c	More test fixing Signed-off-by: Joas Schilling <coding@schilljs.com>	2021-12-01 22:17:19 +01:00
J0WI	3b656446af	Introduce ISecureRandom::CHAR_ALPHANUMERIC Signed-off-by: J0WI <J0WI@users.noreply.github.com>	2021-07-08 15:11:31 +02:00
John Molakvoæ (skjnldsv)	215aef3cbd	Update php licenses Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>	2021-06-04 22:02:41 +02:00
Christoph Wurst	99f2fa73d1	Fix usage of rename executeUpdate Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>	2021-05-05 10:35:25 +02:00
Roeland Jago Douma	c2f7c417b2	Add psalm annotation to the DB handlers of OAuth2 * Psalm annotations * To new executeUpdate Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>	2021-03-11 14:33:15 +01:00

1 2

93 commits