wbrawner/server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
49251 commits 157 branches 562 tags 714 MiB
Commit graph

50 commits

Author SHA1 Message Date
Roeland Jago Douma
3d17ab0936
Do not send notification if no active 2fa 
If the job is still present we should also not fire it off if there is
not a single active 2FA provider.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-03-05 20:21:37 +01:00
Roeland Jago Douma
1c29a01956
Clear backupcodes reminder if no 2FA is enabled 
Fixes #14125

Listen to 2FA disable event. If a provider is disabled for a user. We
check if there are no more providers. If there are no more providers we
Remove the backupcode reminder notification (if still present).

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-03-05 20:14:16 +01:00
Joas Schilling
01f4506dad
Add a link to the notification to create the backup codes 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2019-02-11 15:32:34 +01:00
Christoph Wurst
0e6cb988a1
Add a key parameter to the new initial state API 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2019-01-30 16:08:08 +01:00
Roeland Jago Douma
f30877ea7c
Provide initial state 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-01-29 22:21:54 +01:00
Roeland Jago Douma
0971232050
Provide initial state for backupcodes in template 
This saves a direct request to the server when loading the backup codes.
There is no need for this as the data is already known.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-01-15 20:45:42 +01:00
Roeland Jago Douma
da7dd24378
Switch to OCP background jobs 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-01-14 20:09:12 +01:00
Roeland Jago Douma
49a4f2fd61
Switch to QBMapper 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2019-01-14 15:50:04 +01:00
Christoph Wurst
79a0ee4f4a
Consolidate personal two-factor provider settings 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-10-02 22:56:33 +02:00
Roeland Jago Douma
36bf522c8b
Add job to check users for backup code reminders 
Now that we can enforce 2FA we also should notify users that have
enabled 2FA but do not yet have backup codes generated.

This adds a repair step that inserts a background job to do this.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-02 20:41:56 +02:00
Roeland Jago Douma
c557314262
Clear notification to generate backup code once codes are generated 
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-01 15:35:25 +02:00
Roeland Jago Douma
956fe1b867
Generate backups code notification if not enable but 2fa is 
Generate a notification to generate backup codes if you enable an other
2FA provider but backup codes are not yet generated.

* Add event listner
* Insert background job
* Background job tests and emits notification every 2 weeks
* If the backup codes are generated the next run will remove the job

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-10-01 15:35:25 +02:00
Christoph Wurst
82748a482e
Fix backup codes column length to fix Argon2 hash values 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-08-21 06:53:37 +02:00
Christoph Wurst
f8fe7488a5
Fix state propragation of the backup codes provider 
Starting with Nextcloud 14, the server knows the enabled/disabled
state of 2fa providers. While it will query that information if it's
unknown (on first use), it won't notice any changes. Thus, providers
have to propagate that information themselves.

Ref https://github.com/nextcloud/twofactor_totp/pull/263
Ref https://github.com/nextcloud/twofactor_u2f/pull/210

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2018-08-01 21:21:30 +02:00
Roeland Jago Douma
b52c935c09
Make 2FA backupcodes strict 
* and follow the interface again

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
 2018-03-26 11:31:02 +02:00
Joas Schilling
c2b1bd92d6
Merge pull request #8063 from nextcloud/inline-value 
Return value immediately instead of assigning to a one-time variable
 2018-01-26 10:15:39 +01:00
Morris Jobke
0a56d2185e
Return value immediately instead of assigning to a one-time variable 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2018-01-26 00:02:03 +01:00
Morris Jobke
870fe20acc
Use $var[] = $a instead of array_push - 2x faster 
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
 2018-01-25 22:36:03 +01:00
Joas Schilling
4a5282ba21
Fix the type hints of migrations and correctly inject the wrapped schema into migrations 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2018-01-17 11:37:36 +01:00
Joas Schilling
c65e591e88
Restore the sequencial order 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-09-29 11:10:57 +02:00
Joas Schilling
c58ff2990e
Migrate the twofactor_backupcodes app to bigint 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-09-29 11:10:57 +02:00
Joas Schilling
55d9d24370
Fix database structure of twofactor backupcodes app to match 12 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-09-19 14:37:56 +02:00
Morris Jobke
b4deba2078 Merge pull request #5483 from nextcloud/issue-5075-png-files-for-activity-emails 
Use PNGs for icons in activity emails
 2017-07-07 11:05:00 +02:00
Joas Schilling
fe6e8c2710 Fix dropping tables and handle the prefix automatically 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-07-05 13:02:16 +02:00
Joas Schilling
543c181ec5 Move twofactor_backupcodes to migrations 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-07-05 13:02:16 +02:00
Arthur Schiwon
793de6a8d0
move encryption to security (and behind two factor things) 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2017-06-27 12:21:18 +02:00
Arthur Schiwon
c5df6db631
move twofactor_* into security 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2017-06-23 13:18:08 +02:00
Arthur Schiwon
f6ecc46cfa
adapt twofactore_backupcodes 
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
 2017-06-23 12:38:05 +02:00
Joas Schilling
90fa27694a
Use PNG version of the icons for shipped activities 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-06-20 13:48:51 +02:00
Christoph Wurst
58683f11ac
Publish 2fa backup codes activities to the right stream 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2017-05-18 22:10:57 +02:00
Christoph Wurst
0928b5f621
Change 2FA activities to more generic security activities 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2017-05-18 22:10:57 +02:00
Joas Schilling
74a6a6c839 Add a update step that copies all the backup codes 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-05-15 15:41:45 -05:00
Joas Schilling
2dc79efb32 Rename the table to a valid name 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-05-15 15:41:45 -05:00
Joas Schilling
cd79eb1b2c
Remove 2FA backup codes on user deletion 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2017-05-15 13:31:30 +02:00
Christoph Wurst
d8b3fe460e
Hide 2FA backup codes if no other 2FA providers are enabled 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2017-05-02 14:40:44 +02:00
Christoph Wurst
85e4febc24 ignore code we're unable to test 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2017-01-18 17:53:58 +01:00
Christoph Wurst
3b4b49fa95 test activity provider 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2017-01-18 17:53:58 +01:00
Christoph Wurst
6726c98bbd
use constant and clean up unit test 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2017-01-16 13:14:15 +01:00
Christoph Wurst
3b76699c9c
Increase 2fa backup codes entropy 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2017-01-16 11:24:03 +01:00
Christoph Wurst
3f4ba2d15d
fix typo 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2016-12-19 15:01:23 +01:00
Christoph Wurst
5bad93472d
catch specific BadMethodCallException 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2016-12-19 12:01:32 +01:00
Christoph Wurst
ed4017dfb4
fix minor issues 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2016-12-19 11:59:48 +01:00
Christoph Wurst
9300312046
push activity when backup codes are generated 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2016-12-19 11:59:47 +01:00
Christoph Wurst
7ae9442f3d
Publish, parse and filter 2FA activities 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2016-12-19 11:59:47 +01:00
Joas Schilling
bc3da3a8f5
Remove IDb interface which was deprecated for 3 years already 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2016-12-14 11:42:16 +01:00
Joas Schilling
86aa6197b8
Require confirmation when generating backup codes 
Signed-off-by: Joas Schilling <coding@schilljs.com>
 2016-11-18 11:57:16 +01:00
Christoph Wurst
f27b7fa8d1
Do not use underscores in PSR4 namespaces of the backup codes app 
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
 2016-10-03 21:47:33 +02:00
Joas Schilling
6ac2b8d83f
Fix twofactor_backupcodes 2016-09-12 16:48:11 +02:00
Joas Schilling
60c22dd074
Fix more sniffing 2016-09-12 16:48:11 +02:00
Christoph Wurst
8acb734854
add 2fa backup codes app 
* add backup codes app unit tests
* add integration tests for the backup codes app
 2016-09-05 08:51:13 +02:00