0
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2025-05-20 21:20:14 +00:00
Commit graph

84 commits

Author SHA1 Message Date
Ferdinand Thiessen
a8f46af20f
chore: Add proper deprecation dates where missing
Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
2024-09-20 00:46:03 +02:00
Daniel Kesselberg
af6de04e9e
style: update codestyle for coding-standard 1.2.3
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
2024-08-25 19:34:58 +02:00
Christoph Wurst
5100e3152d
feat(auth): Clean-up unused auth tokens and wipe tokens
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2024-08-13 12:39:11 +02:00
Arthur Schiwon
99182aac37
fix(Token): take over scope in token refresh with login by cookie
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2024-07-19 15:53:46 +02:00
Arthur Schiwon
6a783d9b08
fix(Session): avoid race conditions on clustered setups
- re-stablishes old behaviour with cache to return null instead of throwing
  an InvalidTokenException when the token is cached as non-existing
- token invalidation and re-generation are bundled in a DB transaction now

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2024-07-10 13:28:33 +02:00
Arthur Schiwon
340939e688
fix(Session): avoid password confirmation on SSO
SSO backends like SAML and OIDC tried a trick to suppress password
confirmations as they are not possible by design. At least for SAML it was
not reliable when existing user backends where used as user repositories.

Now we are setting a special scope with the token, and also make sure that
the scope is taken over when tokens are regenerated.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
2024-06-05 19:01:13 +02:00
Daniel
fca38e12c8
Merge pull request from nextcloud/fix/auth/selective-token-activity-update
fix(auth): Update authtoken activity selectively
2024-05-29 12:05:45 +02:00
Andy Scherzinger
dae7c159f7
chore: Add SPDX header
Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
2024-05-24 13:11:22 +02:00
Christoph Wurst
bcc02a3c71
fix(auth): Update authtoken activity selectively
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2024-05-21 07:55:01 +02:00
Christoph Wurst
fe7217d2d3
Merge pull request from nextcloud/fix/token-update
Avoid updating the same oc_authtoken row twice
2024-05-16 12:00:32 +02:00
Julius Härtl
04780ae30a fix: Always set last activity if we update the row of an authtoken anyways
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2024-04-29 15:20:17 +02:00
Joas Schilling
bc4a102f52
fix(session): Avoid race condition for cache::get() vs. cache::hasKey()
Signed-off-by: Joas Schilling <coding@schilljs.com>
2024-04-29 12:45:44 +02:00
Côme Chilliet
ec5133b739 fix: Apply new coding standard to all files
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2024-04-02 14:16:21 +02:00
Benjamin Gaussorgues
d1189f923c
feat(perf): add cache for authtoken lookup
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
2024-02-28 15:04:04 +01:00
Côme Chilliet
a526a382bf
Import OCP IToken as OCPIToken to avoid a name clash in lib/private
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2024-01-11 15:45:14 +01:00
Côme Chilliet
8fc39aeb1c Use IToken from OCP instead of OC
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2024-01-11 14:02:15 +01:00
Joas Schilling
aa5f037af7
chore: apply changes from Nextcloud coding standards 1.1.1
Signed-off-by: Joas Schilling <coding@schilljs.com>
Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
2023-11-23 10:36:13 +01:00
Lucas Azevedo
fe9b9c1955 Add last-used-before option
Signed-off-by: Lucas Azevedo <lhs_azevedo@hotmail.com>
2023-08-25 02:07:57 -03:00
Côme Chilliet
b294edad80
Merge branch 'master' into enh/type-iconfig-getter-calls
Signed-off-by: Côme Chilliet <91878298+come-nc@users.noreply.github.com>
2023-04-20 16:52:38 +02:00
Christoph Wurst
5eb768ac5e
fix(auth): Run token statements in atomic transaction
All or nothing

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2023-04-12 15:55:42 +02:00
Côme Chilliet
426c0341ff
Use typed version of IConfig::getSystemValue as much as possible
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
2023-04-05 12:50:08 +02:00
Ember 'n0emis' Keske
6881d2f2f1
Don't try to hash a nonexisting password
Allows to log-in via a passwordless authentication provider, eg SSO

Signed-off-by: Ember 'n0emis' Keske <git@n0emis.eu>
2023-03-13 10:32:53 +01:00
Joas Schilling
6417ea0265
fix(authentication): Handle null or empty string password hash
This can happen when the auth.storeCryptedPassword config is used,
which previously errored with:
Hasher::verify(): Argument  ($hash) must be of type string, null given

Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-02-10 09:18:50 +01:00
Joas Schilling
e47d56ac36
Merge pull request from nextcloud/perf/noid/only-check-for-token-when-it-can-actually-be
fix(performance): Only search for auth tokens when the provided login…
2023-02-10 01:29:30 +01:00
Julius Härtl
580feecdbf
fix(authtoken): Store only one hash for authtokens with the current password per user
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2023-02-09 13:44:00 +01:00
Joas Schilling
7a85a1596e
fix(authentication): Check minimum length when creating app tokens
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-02-09 09:58:35 +01:00
Joas Schilling
03a585ab4f
fix(performance): Only search for auth tokens when the provided login is long enough
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-02-08 22:45:23 +01:00
Joas Schilling
2fb4dac7ad
fix(authentication): Update the token when the hash is null or can not be verified
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-01-09 16:32:36 +01:00
Joas Schilling
28b18d561c
fix(authentication): Only hash the new password when needed
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-01-09 15:58:26 +01:00
Joas Schilling
c5bb19641c
fix(authentication): Invert the logic to the original intention
We need to store the new authentication details when the hash did **not** verify
the old password.

Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-01-09 15:13:08 +01:00
Joas Schilling
55d8aec759
fix(authentication): Only verify each hash once
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-01-09 14:53:12 +01:00
Julius Härtl
18164ae516
Merge pull request from nextcloud/fix/authtoken-password-update
PublickKeyTokenProvider: Fix password update routine with password hash
2023-01-05 08:01:47 +01:00
Joas Schilling
b4a29644cc
Add a const for the max user password length
Signed-off-by: Joas Schilling <coding@schilljs.com>
2023-01-04 11:23:43 +01:00
Marcel Klehr
adfe367106
PublickKeyTokenProvider: Fix password update routine with password hash
Signed-off-by: Marcel Klehr <mklehr@gmx.net>
2023-01-04 08:30:53 +01:00
Christoph Wurst
c5922e67d3
Run session token renewals in a database transaction
The session token renewal does
1) Read the old token
2) Write a new token
3) Delete the old token

If two processes succeed to read the old token there can be two new tokens because
the queries were not run in a transaction. This is particularly problematic on
clustered DBs where 1) would go to a read node and 2) and 3) go to a write node.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2022-10-18 08:28:22 +02:00
Carl Schwan
9919116716
Merge pull request from nextcloud/bugfix/empty-secret
Add fallback routines for empty secret cases
2022-10-17 16:02:58 +02:00
Carl Schwan
ef31396727
Mark method as deprecated
Co-authored-by: Joas Schilling <213943+nickvergessen@users.noreply.github.com>
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
2022-09-13 13:06:54 +02:00
Julius Härtl
9d1ec582ba
Do not update passwords if nothing changed
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-08-09 09:35:44 +02:00
Carl Schwan
952acd4d27
Merge pull request from nextcloud/fix/handle-one-time-passwords
Handle one time password better
2022-07-29 12:26:52 +02:00
Carl Schwan
702445ba3b
Handle one time password better
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
2022-07-28 14:26:25 +02:00
Carl Schwan
d5c23dbb9f Move CappedMemoryCache to OCP
This is an helpful helper that should be used in more place than just
server and this is already the case with groupfodlers, deck, user_oidc
and more using it, so let's make it public

Signed-off-by: Carl Schwan <carl@carlschwan.eu>
2022-07-14 15:54:31 +02:00
Carl Schwan
1c23c029af Handler large passwords
For passwords bigger than 250 characters, use a bigger key since the
performance impact is minor (around one second to encrypt the password).

For passwords bigger than 470 characters, give up earlier and throw
exeception recommanding admin to either enable the previously enabled
configuration or use smaller passwords.

Signed-off-by: Carl Schwan <carl@carlschwan.eu>
2022-07-05 11:37:14 +02:00
Carl Schwan
cdf3b60555 Handle one time passwords
This adds an option to disable storing passwords in the database. This
might be desirable when using single use token as passwords or very
large passwords.

Signed-off-by: Carl Schwan <carl@carlschwan.eu>
2022-07-05 11:25:44 +02:00
Joas Schilling
7b3e2217de
Fix user agent trimming on installation
Signed-off-by: Joas Schilling <coding@schilljs.com>
2022-05-09 08:36:34 +02:00
Joas Schilling
a0c7798c7d
Limit the length of app password names
Signed-off-by: Joas Schilling <coding@schilljs.com>
2022-03-23 10:47:56 +01:00
Julius Härtl
553cb499b2
Rotate token after fallback
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-03-10 14:01:21 +01:00
Julius Härtl
81f8719cc0
Add fallback routines for empty secret cases
Signed-off-by: Julius Härtl <jus@bitgrid.net>
2022-03-10 14:01:21 +01:00
Joas Schilling
397b9098e8
Also cache non-existing to reuse it
Signed-off-by: Joas Schilling <coding@schilljs.com>
2022-02-16 16:51:22 +01:00
Joas Schilling
c0ba89ecc9
Remove default token which is deprecated since Nextcloud 13
Signed-off-by: Joas Schilling <coding@schilljs.com>
2021-12-01 18:41:31 +01:00
Christoph Wurst
7dd7256cfe
Prevent duplicate auth token activity updates
The auth token activity logic works as follows
* Read auth token
* Compare last activity time stamp to current time
* Update auth token activity if it's older than x seconds

This works fine in isolation but with concurrency that means that
occasionally the same token is read simultaneously by two processes and
both of these processes will trigger an update of the same row.
Affectively the second update doesn't add much value. It might set the
time stamp to the exact same time stamp or one a few seconds later. But
the last activity is no precise science, we don't need this accuracy.

This patch changes the UPDATE query to include the expected value in a
comparison with the current data. This results in an affected row when
the data in the DB still has an old time stamp, but won't affect a row
if the time stamp is (nearly) up to date.

This is a micro optimization and will possibly not show any significant
performance improvement. Yet in setups with a DB cluster it means that
the write node has to send fewer changes to the read nodes due to the
lower number of actual changes.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
2021-10-22 09:32:22 +02:00