Commit graph

39943 commits

Author SHA1 Message Date
Lukas Reschke
7976927628 Merge pull request #4894 from nextcloud/generic-security-activities
Change 2FA activities to more generic security activities
2017-05-19 00:50:44 +02:00
Lukas Reschke
8c624bdef9 Merge pull request #4792 from nextcloud/fix-storage-wrappers-on-scanner
Make sure we use the passed-in storage when there is one
2017-05-19 00:49:58 +02:00
Lukas Reschke
0eb4970ec8 Merge pull request #4704 from nextcloud/add-oauth-code-flow-support
Add oauth code flow support
2017-05-18 23:30:44 +02:00
Lukas Reschke
c605472950 Merge pull request #4888 from nextcloud/theming-fallback-icons
Fallback to default favicon
2017-05-18 23:30:02 +02:00
Lukas Reschke
10930c9ff2 Merge pull request #4813 from nextcloud/accounts-table-migration-from-owncloud
Add a migration step to save the data from the accounts table before …
2017-05-18 22:31:36 +02:00
Roeland Jago Douma
19a1e01d6c
Update autoloader
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-05-18 22:11:29 +02:00
Roeland Jago Douma
e43649e67e
Fix tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
2017-05-18 22:10:57 +02:00
Christoph Wurst
258c8720dd
Fix backup codes activity type
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-05-18 22:10:57 +02:00
Christoph Wurst
58683f11ac
Publish 2fa backup codes activities to the right stream
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-05-18 22:10:57 +02:00
Christoph Wurst
1632bb4557
Move activities test code
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-05-18 22:10:57 +02:00
Christoph Wurst
0928b5f621
Change 2FA activities to more generic security activities
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2017-05-18 22:10:57 +02:00
Lukas Reschke
f4189699e7
Function accepts only integers
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 21:59:22 +02:00
Lukas Reschke
b8de3f40ee
Bearer comes first on the new endpoint
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 21:57:07 +02:00
Lukas Reschke
639ba526d0
Adjust realm from SabreDAV to Nextcloud
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 21:38:55 +02:00
Lukas Reschke
f93db724d7
Make legacy DAV backend use the BearerAuth backend as well
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 21:19:39 +02:00
Lukas Reschke
ba7b6bd973
Delete token after usage in test
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:58:05 +02:00
Lukas Reschke
fa6ec47a5c
Add indexes
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:58:04 +02:00
Lukas Reschke
7927aed991
Adjust token name
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:11 +02:00
Lukas Reschke
538112181f
Add additional test for accessing DAV using Bearer Auth
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:11 +02:00
Lukas Reschke
f2a01e1b08
Use a standardized Bearer now
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:10 +02:00
Lukas Reschke
df3909a7c3
Use Bearer backend for SabreDAV
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:10 +02:00
Lukas Reschke
30552090bc
Don't ignore OAuth2 app
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:10 +02:00
Lukas Reschke
691646bdae
Add tests for OAuth2 app
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:10 +02:00
Lukas Reschke
59e968977c
Add test for DefaultTokenMapper
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:09 +02:00
Lukas Reschke
d90eba3f85
Fix style issues pointed out in review
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:09 +02:00
Lukas Reschke
77827ebf11
Rename table back to lowercase
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:09 +02:00
Lukas Reschke
26ee889fec
Add tests for ClientFlowLoginController
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:08 +02:00
Lukas Reschke
a4116220cb
Add app to autoenabled provisioning API scenario
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:08 +02:00
Lukas Reschke
b07a0f51ba
Add OAuth state to session
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:08 +02:00
Lukas Reschke
88afd8b224
Cleanup code
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:08 +02:00
Lukas Reschke
9d91ebf8e0
Add XSD definitions
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:07 +02:00
Bjoern Schiessle
1eb7f4956b
delete auth token when client gets deleted
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-05-18 20:49:07 +02:00
Bjoern Schiessle
23b296b66e
use name of oauth app to identify auth token
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-05-18 20:49:07 +02:00
Bjoern Schiessle
bb19b37097
hide client secret by default
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-05-18 20:49:07 +02:00
Bjoern Schiessle
baa8490f44
add some spacing between the logo and the content of the page
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-05-18 20:49:06 +02:00
Bjoern Schiessle
a74d67b69c
show error page if no valid client identifier is given and if it is not a API request
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-05-18 20:49:06 +02:00
Bjoern Schiessle
1a8965b488
handle case if no valid client identifier is given
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-05-18 20:49:06 +02:00
Bjoern Schiessle
3775b14c4c
remove 'Alternative login using app token' in case of oauth login
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-05-18 20:49:05 +02:00
Lukas Reschke
e86749121c
Remove special characters
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:05 +02:00
Lukas Reschke
4b4d3bb1c2
It's a bearer
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:05 +02:00
Lukas Reschke
1470ec95ca
Fetch signle row
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:05 +02:00
Lukas Reschke
4d96cd3df7
Change to POST
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:04 +02:00
Lukas Reschke
c5ad3c9213
Increase length of encrypted token in database
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:04 +02:00
Lukas Reschke
0a2b57c93f
Get a single row
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:04 +02:00
Lukas Reschke
a5ddd65c10
Use query builder
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:03 +02:00
Lukas Reschke
5f71805c35
Add basic implementation for OAuth 2.0 Authorization Code Flow
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
2017-05-18 20:49:03 +02:00
Björn Schießle
879e11e7d1 Merge pull request #4812 from nextcloud/move-sharing-to-migration
Move the file sharing app to migration
2017-05-18 18:24:43 +02:00
Björn Schießle
6c20c42d1b Merge pull request #4939 from nextcloud/add-share-name-column
Add the column so we keep the value from before the update
2017-05-18 18:10:32 +02:00
Bjoern Schiessle
e9ab452ff3
rename secure drop back to files drop because of name collision with securedrop.org
Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
2017-05-18 16:55:58 +02:00
Robin Appelman
1f1e1b0d00
use unmasked permissions during scanning
Signed-off-by: Robin Appelman <robin@icewind.nl>
2017-05-18 16:38:54 +02:00