Commit graph

24 commits

Author SHA1 Message Date
Roeland Jago Douma
674930da7f
Move ExpiredTokenException to the correct namespace
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-30 19:30:45 +01:00
Roeland Jago Douma
19f84f7b54
Add tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 19:50:54 +02:00
Roeland Jago Douma
df34571d1d
Use constant for token version
And don't set the version in the constructor. That would possible cause
to many updates.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-18 22:11:55 +02:00
Roeland Jago Douma
4bbc21cb21
SetPassword on PublicKeyTokens
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-06-18 22:11:55 +02:00
Roeland Jago Douma
6b7cf46727
Certain tokens can expire
However due to the nature of what we store in the token (encrypted
passwords etc). We can't just delete the tokens because that would make
the oauth refresh useless.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-17 16:10:19 +02:00
Roeland Jago Douma
aba255997a
Allow the rotation of tokens
This for example will allow rotating the apptoken for oauth

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-16 19:27:19 +02:00
Roeland Jago Douma
466297829e
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-05-15 10:56:40 +02:00
Lukas Reschke
9ac878b6cb
Adjust tests for added lastCheck time
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-11-27 09:25:03 +01:00
Christoph Wurst
38bb6e1477
Fix duplicate session token after remembered login
On a remembered login session, we create a new session token
in the database with the values of the old one. As we actually
don't need the old session token anymore, we can delete it right
away.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-09-20 21:39:31 +02:00
Joas Schilling
d2d9f74707
Fix warning with undefined method
Trying to configure method "getRemember" which cannot be configured
because it does not exist, has not been specified, is final, or is
static

Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-04-20 12:37:59 +02:00
Christoph Wurst
e782f90d98
DefaultTokenProviderTest mocked/asserted the wrong method
It's 'getRemember' instead of 'getRememberMe', hence some warnings
were generated by phpunit.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-02-28 10:26:19 +01:00
Christoph Wurst
2183a1f3e6 copy remember-me value when renewing a session token
On renew, a session token is duplicated. For some reason we did
not copy over the remember-me attribute value. Hence, the new token
was deleted too early in the background job and remember-me did
not work properly.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-11-27 14:19:57 +01:00
Roeland Jago Douma
e5bc80b31d
Adds TokenProvider and Mapper tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2016-11-16 15:24:31 +01:00
Lukas Reschke
9d6e01ef40
Add missing tests and fix PHPDoc
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2016-11-02 13:39:17 +01:00
Christoph Wurst
d907666232
bring back remember-me
* try to reuse the old session token for remember me login
* decrypt/encrypt token password and set the session id accordingly
* create remember-me cookies only if checkbox is checked and 2fa solved
* adjust db token cleanup to store remembered tokens longer
* adjust unit tests

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-11-02 13:39:16 +01:00
Roeland Jago Douma
4d3b92e687
Fix getMock Authentication 2016-09-06 09:29:27 +02:00
Vincent Petry
3db5de95bd Merge pull request #25172 from owncloud/token-login-validation
Token login validation
2016-06-22 13:58:56 +02:00
Christoph Wurst
b805908dca
update session token password on user password change 2016-06-21 10:24:25 +02:00
Christoph Wurst
5c68084823
fix default token provider tests 2016-06-20 09:17:19 +02:00
Christoph Wurst
c4149c59c2
use token last_activity instead of session value 2016-06-17 15:42:28 +02:00
Christoph Wurst
c58d8159d7
Create session tokens for apache auth users 2016-05-31 17:07:49 +02:00
Christoph Wurst
ad10485cec
when generating browser/device token, save the login name for later password checks 2016-05-24 11:49:15 +02:00
Christoph Wurst
74277c25be
add button to invalidate browser sessions/device tokens 2016-05-23 09:11:12 +02:00
Joas Schilling
94ad54ec9b Move tests/ to PSR-4 (#24731)
* Move a-b to PSR-4

* Move c-d to PSR-4

* Move e+g to PSR-4

* Move h-l to PSR-4

* Move m-r to PSR-4

* Move s-u to PSR-4

* Move files/ to PSR-4

* Move remaining tests to PSR-4

* Remove Test\ from old autoloader
2016-05-20 15:38:20 +02:00
Renamed from tests/lib/authentication/token/defaulttokenprovidertest.php (Browse further)