Commit graph

42 commits

Author SHA1 Message Date
Christoph Wurst
79a0ee4f4a
Consolidate personal two-factor provider settings
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-10-02 22:56:33 +02:00
Roeland Jago Douma
36bf522c8b
Add job to check users for backup code reminders
Now that we can enforce 2FA we also should notify users that have
enabled 2FA but do not yet have backup codes generated.

This adds a repair step that inserts a background job to do this.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-02 20:41:56 +02:00
Roeland Jago Douma
c557314262
Clear notification to generate backup code once codes are generated
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-01 15:35:25 +02:00
Roeland Jago Douma
956fe1b867
Generate backups code notification if not enable but 2fa is
Generate a notification to generate backup codes if you enable an other
2FA provider but backup codes are not yet generated.

* Add event listner
* Insert background job
* Background job tests and emits notification every 2 weeks
* If the backup codes are generated the next run will remove the job

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-10-01 15:35:25 +02:00
Christoph Wurst
82748a482e
Fix backup codes column length to fix Argon2 hash values
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-21 06:53:37 +02:00
Christoph Wurst
f8fe7488a5
Fix state propragation of the backup codes provider
Starting with Nextcloud 14, the server knows the enabled/disabled
state of 2fa providers. While it will query that information if it's
unknown (on first use), it won't notice any changes. Thus, providers
have to propagate that information themselves.

Ref https://github.com/nextcloud/twofactor_totp/pull/263
Ref https://github.com/nextcloud/twofactor_u2f/pull/210

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2018-08-01 21:21:30 +02:00
Roeland Jago Douma
b52c935c09
Make 2FA backupcodes strict
* and follow the interface again

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2018-03-26 11:31:02 +02:00
Joas Schilling
c2b1bd92d6
Merge pull request #8063 from nextcloud/inline-value
Return value immediately instead of assigning to a one-time variable
2018-01-26 10:15:39 +01:00
Morris Jobke
0a56d2185e
Return value immediately instead of assigning to a one-time variable
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-26 00:02:03 +01:00
Morris Jobke
870fe20acc
Use $var[] = $a instead of array_push - 2x faster
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
2018-01-25 22:36:03 +01:00
Joas Schilling
4a5282ba21
Fix the type hints of migrations and correctly inject the wrapped schema into migrations
Signed-off-by: Joas Schilling <coding@schilljs.com>
2018-01-17 11:37:36 +01:00
Joas Schilling
c65e591e88
Restore the sequencial order
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-29 11:10:57 +02:00
Joas Schilling
c58ff2990e
Migrate the twofactor_backupcodes app to bigint
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-29 11:10:57 +02:00
Joas Schilling
55d9d24370
Fix database structure of twofactor backupcodes app to match 12
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-09-19 14:37:56 +02:00
Morris Jobke
b4deba2078 Merge pull request #5483 from nextcloud/issue-5075-png-files-for-activity-emails
Use PNGs for icons in activity emails
2017-07-07 11:05:00 +02:00
Joas Schilling
fe6e8c2710 Fix dropping tables and handle the prefix automatically
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-05 13:02:16 +02:00
Joas Schilling
543c181ec5 Move twofactor_backupcodes to migrations
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-07-05 13:02:16 +02:00
Arthur Schiwon
793de6a8d0
move encryption to security (and behind two factor things)
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-27 12:21:18 +02:00
Arthur Schiwon
c5df6db631
move twofactor_* into security
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-23 13:18:08 +02:00
Arthur Schiwon
f6ecc46cfa
adapt twofactore_backupcodes
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2017-06-23 12:38:05 +02:00
Joas Schilling
90fa27694a
Use PNG version of the icons for shipped activities
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-06-20 13:48:51 +02:00
Christoph Wurst
58683f11ac
Publish 2fa backup codes activities to the right stream
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-05-18 22:10:57 +02:00
Christoph Wurst
0928b5f621
Change 2FA activities to more generic security activities
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-05-18 22:10:57 +02:00
Joas Schilling
74a6a6c839 Add a update step that copies all the backup codes
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-15 15:41:45 -05:00
Joas Schilling
2dc79efb32 Rename the table to a valid name
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-15 15:41:45 -05:00
Joas Schilling
cd79eb1b2c
Remove 2FA backup codes on user deletion
Signed-off-by: Joas Schilling <coding@schilljs.com>
2017-05-15 13:31:30 +02:00
Christoph Wurst
d8b3fe460e
Hide 2FA backup codes if no other 2FA providers are enabled
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-05-02 14:40:44 +02:00
Christoph Wurst
85e4febc24 ignore code we're unable to test
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-18 17:53:58 +01:00
Christoph Wurst
3b4b49fa95 test activity provider
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-18 17:53:58 +01:00
Christoph Wurst
6726c98bbd
use constant and clean up unit test
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-16 13:14:15 +01:00
Christoph Wurst
3b76699c9c
Increase 2fa backup codes entropy
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-01-16 11:24:03 +01:00
Christoph Wurst
3f4ba2d15d
fix typo
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-12-19 15:01:23 +01:00
Christoph Wurst
5bad93472d
catch specific BadMethodCallException
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-12-19 12:01:32 +01:00
Christoph Wurst
ed4017dfb4
fix minor issues
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-12-19 11:59:48 +01:00
Christoph Wurst
9300312046
push activity when backup codes are generated
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-12-19 11:59:47 +01:00
Christoph Wurst
7ae9442f3d
Publish, parse and filter 2FA activities
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-12-19 11:59:47 +01:00
Joas Schilling
bc3da3a8f5
Remove IDb interface which was deprecated for 3 years already
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-12-14 11:42:16 +01:00
Joas Schilling
86aa6197b8
Require confirmation when generating backup codes
Signed-off-by: Joas Schilling <coding@schilljs.com>
2016-11-18 11:57:16 +01:00
Christoph Wurst
f27b7fa8d1
Do not use underscores in PSR4 namespaces of the backup codes app
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2016-10-03 21:47:33 +02:00
Joas Schilling
6ac2b8d83f
Fix twofactor_backupcodes 2016-09-12 16:48:11 +02:00
Joas Schilling
60c22dd074
Fix more sniffing 2016-09-12 16:48:11 +02:00
Christoph Wurst
8acb734854
add 2fa backup codes app
* add backup codes app unit tests
* add integration tests for the backup codes app
2016-09-05 08:51:13 +02:00