upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-23 18:46:30 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 9
nextcloud/apps/oauth2
History
Peter Ringelmann a070301443
fix(frontend): add strict password confirmation for sensitive admin actions 
Register axios password confirmation interceptors in the apps
management, admin delegation, admin security, and OAuth2 settings
bundles, and pass PwdConfirmationMode.Strict on requests to endpoints
protected with #[PasswordConfirmationRequired(strict: true)], so that
the user password is verified via Basic auth on the request itself
rather than relying on the session timestamp.

Signed-off-by: Peter Ringelmann <peter.ringelmann@nextcloud.com>
2026-04-21 10:21:08 +02:00
..
appinfo feat(rector): Enable SafeDeclareStrictTypesRector 2026-02-09 10:59:31 +01:00
composer chore: Bump autoloader files for new composer version 2025-12-02 10:32:44 +01:00
l10n fix(l10n): Update translations from Transifex 2026-03-29 00:33:57 +00:00
lib fix: Add missing PasswordConfirmationRequired attributes 2026-04-21 10:21:07 +02:00
src fix(frontend): add strict password confirmation for sensitive admin actions 2026-04-21 10:21:08 +02:00
templates refactor(oauth2): migrate to Typescript and Vue 3 2025-12-12 00:42:15 +01:00
tests fix(oauth2): Do not store the code in throttle metadata 2026-03-19 14:40:12 +01:00
.l10nignore chore: Add SPDX header 2024-05-31 10:38:47 +02:00
openapi.json fix(oauth2): Limit allowed grant_type values in getToken 2025-08-25 13:40:35 +02:00
openapi.json.license chore: Add SPDX header 2024-05-31 10:38:47 +02:00