archive
/
nextcloud
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
dependabot/npm_and_yarn/simplewebauthn/types-10.0.0
dependabot/npm_and_yarn/nextcloud/logger-3.0.2
temp-db-replica-loss-prevention
automated/noid/stable27-update-psalm-baseline
chore/account-name
forbid-moving-subfolder
storage-cache-not-exists
master
fix/blur-chromium
stable27
enh/44122/fix-lag
fix/43612/avoid-pwd-confirm-sso
fix/files-cleanup-list
feat/taskprocessingapi/next-task-endpoint
feature/40205/show-add-menu-in-emptycontent
bugfix/noid/mark-more-configs-as-sensitive
enh/noid/allow-configure-config.owner
feat/excalidraw-file-support
stable28
feature/request-803
feat/45085/validate-config-values
add-border-width
techdebt/noid/log-condition-v2
feat/update-rooms-resources-event
fix/remove-old-scheduling-objects
stable29
backport/45374/stable29
feat/add-back-search-in-disabled-users
backport/44763/stable28
backport/44763/stable27
backport/44763/stable29
man/backport/45237/stable27
backport/45355/stable28
fix/move-eventsource-to-oc
add-temporary-border-radius-variable
enhanc/audit-tag-creator
backport/44457/stable28
fix/ldap-avoid-false-positive-mapping
fix/noid/prevent-duplicate-click-event-on-login
backport/44464/master
backport/44464/stable29
backport/45026/stable27
backport/45026/stable26
backport/45026/stable28
backport/45026/stable29
backport/44464/stable28
fix/stable27-download-action
fix/ldap-list-remnant-as-disabled
backport/stable29/44905
backport/stable28/44905
bug/noid/caldav-search-limit-and-timerange
remove-locking-config-sample
fix/import-axios
fix/webdav-aja
theming/create-color-from-background
fix/new-user-dialog
perf/systemtags-object-mapping-objectid-index
chore/migrate-vite
backport/44218/stable29
fix/issue-26668
dependabot/github_actions/github-actions-aa0aa929e5
dependabot/npm_and_yarn/nextcloud/browserslist-config-3.0.1
jr/meta/issue-template-bugs-closed-link
backport/44791/stable28
fix/get-row-outside
perf/sharing-events
backport/44218/stable27
backport/44218/stable28
check-phpoutdated
automated/noid/stable27-fix-npm-audit
dependabot/npm_and_yarn/cypress-split-1.23.2
dependabot/npm_and_yarn/nextcloud/browser-storage-0.4.0
dependabot/npm_and_yarn/nextcloud/l10n-3.1.0
dependabot/npm_and_yarn/nextcloud/stylelint-config-3.0.1
feat/bom-js
Jerome-Herbinet-date-and-time-wording-in-email-notifcation
backport/44496/stable28
backport/45196/stable28
fix/files-source-no-fileid
fix/dav/rate-limit-create-adress-book
feature/add-ability-to-sort-by-last-login
backport/44752/stable27
backport/44752/stable28
backport/44752/stable29
feat/auth/authtoken-clean-up
fix/allow-enforcing-windows-support
fix/ensure-blacklist-is-honored
fix/auth-token-uniq-constraint-violation-handling
artonge/fix/listen_to_group_removal_for_share
backport/45058/stable29
backport/45058/stable28
backport/45058/stable27
stable26
man/backport/44839/stable28
44219-share-server-respect-empty-expiry-date
backport/45055/stable29
backport/45055/stable28
feat/workflow-auto-update-node.yml
fix/appframework/csrf-request-checks
dependabot/npm_and_yarn/nextcloud/axios-2.5.0
feat/restore-to-original-dir
test-scanner-no-transactions-26
test-scanner-no-transactions
reshare-permission-logic-27
usermountcache-filecache-joins
unmark-login-date
debug/noid/log-reason-token-mismatch
fix/forbidden-files-insensitive
backport/45140/stable29
no-issue-use-correct-exceptions-in-share-class
noissue-refactor-share-class
fix/catch-redis-exception
backport/44838/stable28
backport/44956/stable28
bugfix/noid/sensitive-dav-forbidden-logging
rakekniven-patch-1
backport/45105/stable28
backport/44533/stable29
feat/upload-folders
feature/settings-design-improvements
backport/44938/stable28
fix/user-provider-search-shown
Jerome-Herbinet-education-bundle
backport/44794/stable27
backport/44972/stable28
backport/44805/stable28
dependabot/npm_and_yarn/nextcloud/cypress-1.0.0-beta.8
backport/44670/stable28
backport/44670/stable27
feat/26668/notifications-for-shared-calendars-2
stable25
stable24
stable23
forbid-moving-subfolder-24
fix/issue-43115
stable21
stable22
fix/db/two-primary-connections-transaction-isolation-level
feature/noid/wrapped-appconfig
backport/44923/stable28
backport/44923/stable27
backport/44973/stable29
backport/44794/stable28
backport/44745/stable29
backport/44745/stable28
backport/44745/stable27
44319-fix-fed-share-user-avatars
fix/lock-session-during-cookie-renew
backport/44884/stable28
backport/44884/stable29
backport/44884/stable27
backport/44805/stable29
backport/43252/stable27
fix/43260
Jerome-Herbinet-better-wordings-in-new-user-modal
pull_request-trigger
backport/44039/stable29
backport/44039/stable28
backport/44039/stable27
feat/localized-ownership-transfer-target
backport/44868/stable29
backport/44838/stable27
backport/44868/stable28
fix/retry-delete-if-locked
backport/43574/stable29
query-req-id-26
fix/side-bar-share-removed
backport/44644/stable29
artonge/feat/add_retry_support_to_query_builder
artonge/chore/user_retry_trait
fix/deps-min-pear
backport/44847/stable29
fix/noid/federation-really-surely-init-token
chore/psalm/more-rules
feat/log-large-assets
db-error-logging-27
db-error-logging
db-error-logging-28
fix/noid/ldap-n-counted-mapped-users
Fix/duplicate-reminders
backport/44756/stable29
feat/assetlinks-json
deps/symfony-polyfill-intl-grapheme
fix/deps/php-seclin
debug-file-exists-backtrace
path-available
backport/44306/stable29
oci-ci-faststart
fix/core-session-logout-logging
fix/auth/authtoken-activity-update-in-transaction
fix-federated-group-shares-when-no-longer-found-in-remote-server
fix/encryption/web-ui-bogus
bugfix/error-on-reshare-after-transfer-ownership
backport/44555/stable27
fix/handle-errors-in-migrate-key-format
dependabot/npm_and_yarn/davclient.js-de93b73
bugfix/noid/consistent-handling-of-SensitiveParameter
backport/44017/stable26
remove-filecache-joins
chore/use-nextcloud-cypress-docker-node
occ-as-root
backport/44075/stable28
backport/44075/stable27
backport/44075/stable26
feat/dav/calendar-object-admin-audit-log
27-shared-null-storage-merged
wrapper-instanceof-resiliant-squash
fix/noid/return-verified-email
backport/44236/stable28
backport/44132/stable28
fix/44288/catch-filesmetadatanotfound-exception
jr/enh/updates/options-buttons-web-ui
enh/users-configured-quota-value
storage-id-cache-memcache
enh/noid/returns-formated-app-values-2
fix/session/transactional-remember-me-renewal
backport/44130/stable28
backport/44130/stable27
backport/44130/stable26
release/29.0.0beta2
fix/subadmin-user-groups
enh/noid/fix-personal-settings-layout
fix/dav/abort-incomplete-caldav-changes-sync
fix/noid/null-safe-metadata
cache-move-select-children
filecache-chunking
login-less-custom-bundle
fieat/profile-pronounces
backport/43252/stable28
backport/43252/stable26
smb-notify-test
share-mount-check-no-in
backport/41327/stable26
Jerome-Herbinet-better-devices-wipe-action-wording
fixstable26/sharing/locking-orphan-share-delete
enh/displayname-group-search
enh/identityproof/key_storage
enh/set-nest-transactions-with-savepoints
enh/favorite-search
remove-non-accessible-shares
stream-assembly-stream-size
seekable-http-size-24
fix/noid/ldap-displayname-cached
invalidateTokensOnlySeenUsers
remove-unset-parameters
fix/profile/set-config-cache-after-write
fix/download-limit-streaming
merge-token-updates
feat/database/primary-replica-split-stable28
backport/39607/stable26
core/cypress-use-github
feature/minSupportDesktopVerMsg
enh/test-mtime-after-move
fix/updatenotification-legacy-toast
ignore-write-test-unlink-err
enh/add-details-to-code-integrity-check
HolgerHees-fix-csp-nonce-handling
fix/do-not-throw-from-countusers
perf/noid/split-getSharedWith-query-into-more-performance-sets
container-optimizations
certificate-manager-fallback
contctsinteraction-usersetting
dav-fix-birthday-sync
enhancement/passwordless-login-token
backport/42930/stable26
fix/session/log-session-id
chore/ncselect-label-warning
metaGenMemLimit
backport/42971/stable25
backport/42172/stable26
instance-quota
file-info-key-location-27
storage-debug-info
backport/40939/stable28
fix/session/log-session-start-error
refactor/app/remove-register-routes
bugfix/cleanup-s3-multipart
enh/noid/avatar-chinese
fix/log-login-flow-state-token-errors
fix/adjust-default-color-background-plain-to-new-background
debugging/noid/listener-measuring
add-caldav-repair-middleware
fix/carddav/create-sab-concurrently
revert/41453
optionally-hide-hidden-files-in-public-share-access
enh/noid/gs.federation.auto_accept_shares
obj-delete-not-found-20
obj-delete-not-found
enh/in-app-search
getMountsForFileId-non-sparse
fix/noid/deleted-circles-share
enh/noid/disable-user-unmount
bugfix/noid/improve-installation-speed-of-oracle
location-provider
Jerome-Herbinet-share-with-fix
normlize-less
followup/39574/ocm-provider-without-beautiful-urls
kerberos-saved-ticket-27
feat/expose-nc-groups-to-system-addressbook-contacts
stable20
kerberos-saved-ticket
fix/dashboard--performance-and-refactoring
feat/settings/too-much-caching-setup-check
dept-remove-csrf-dependency-from-request
fix/session/log-likely-lost-session-conditions
oc-wnd-migrate-25
fix/wrong-file-size-unit-used
feat/database/query-result-fetch-associative-fetch-num
oc-wnd-migrate
artonge/debt/core_main.js
feat/cors-on-webdav
fix/noid/refresh-filesize-on-conflict-24
profile-request
dav-push-sync
updater-change-mimetype-objectstore
fix/refactor-user-access-to-file-list
sftp-known-mtime
exceptionsTranslateShare
sftp-fopen-write-stat-cache
revoke-admin-overwrite-8
fix/debounce-account-properties
feat/noid/ratelimit-header
feat/node-dist
stable18
feat/account/add-birthday-prop
fix-remove-auto-guessing-for-preview-semaphore
stable19
log-event-recursion
enh/repair-mimetype-job
repair-tree-invalid-parent
fix-dav-properties-column-type
fix/caldav/event-organizer-interaction
background-job-list-reserved
fix/session-cron
run-test-mime-type-icon-again
fox/noid/extended-auth-on-webdav
files-external-setup-path
share-list-set-owner
enh/a11y-util
7935-download-files-via-post
bugfix/avoid-extra-stream-copy
bug/files-scroll
enh/filepicker-permissions
user-files-debug-info
bugfix/38171/revert-status-when-overwritten
email-template-html-fragment
admin_audit/enh/move-to-event-listeners
chore/security/log-password-confirmation-user-backend
feat-add-iavaialble-in-maintenance-mode
bugfix/noid/unavailable-shares
enh/noid/add-avif
locate-key-fix
external-list-for
JonathanTreffler-stop-spamming-deprecations
storage-cache-init-in-transaction
enh/trashbin-scan-command
enh/extend-allowed-cloud-id-characters
trashbin-skip-logging
fix-migration-closures
direct-access-shared-calendar
add-vtimezone-data-when-creating-personal-calendar
artonge/feat/download_providers
fix/theming-variables
hidden-folder
add-setting-to-hide-birthday-deceased-contacts
file-cache-insertion-atomic
extract-caldav-sharing-plugin
enh/noid/add-imagick-destroy
remove_depreated_files
chore/catch-missing-non-optional-controller-parameter
enhancement/typed-db-entity
multi-object-store
feat/mail-admin-vue
enhancement/caldav-resources-sync-command
enh/noid/getcachebuster-in-webmanifest
home-storage-lazy-datadir
fix/noid/identity-proof-key-checksum
use_HSTS
share-null-source
upload-chunk-locking
setupmanager-lazy-user
introduce/orm
mountcache-lazy-user
share-lazy-user
add-integration-tests-for-getting-folder-sizes
enh/noid/iconfig
add-clear-add-to-user-status-public-api
cache-mimtype-mapping
stable17
stable16
work/sharing_trash
fix/wrong-image-type
dont-allow-reusing-usernames
stable15
stable14
stable13
stable12
stable-swift-v3
stable11
stable10
stable9
v28.0.5
v27.1.9
v29.0.0
v27.1.9rc1
v28.0.5rc1
v29.0.0rc5
v29.0.0rc4
v29.0.0rc3
v29.0.0rc2
v29.0.0rc1
v26.0.13
v27.1.8
v28.0.4
v29.0.0beta6
v29.0.0beta5
v28.0.4rc1
v27.1.8rc1
v26.0.13rc1
v29.0.0beta4
v29.0.0beta3
v29.0.0beta2
v29.0.0beta1
v26.0.12
v27.1.7
v28.0.3
v27.1.7rc2
v26.0.12rc2
v28.0.3rc2
v28.0.3rc1
v27.1.7rc1
v26.0.12rc1
v28.0.2
v28.0.2rc5
v28.0.2rc4
v26.0.11
v27.1.6
v28.0.2rc3
v28.0.2rc2
v27.1.6rc2
v26.0.11rc2
v28.0.2rc1
v27.1.6rc1
v26.0.11rc1
v28.0.1
v28.0.1rc1
v26.0.10
v27.1.5
v28.0.0
v28.0.0rc4
v28.0.0rc3
v27.1.5rc1
v26.0.10rc1
v28.0.0rc2
v28.0.0rc1
v27.1.4
v26.0.9
v28.0.0beta4
v27.1.4rc1
v26.0.9rc1
v28.0.0beta3
v28.0.0beta2
v28.0.0beta1
v25.0.13
v26.0.8
v27.1.3
v27.1.3rc2
v26.0.8rc2
v25.0.13rc2
v25.0.13rc1
v26.0.8rc1
v27.1.3rc1
v27.1.2
v27.1.2rc1
v27.1.1
v26.0.7
v25.0.12
v27.1.0
v27.1.0rc4
v26.0.6
v25.0.11
v27.1.0rc3
v27.1.0rc2
v25.0.11rc1
v26.0.6rc1
v27.1.0rc1
v27.1.0beta3
v27.1.0beta2
v26.0.5
v25.0.10
v27.0.2
v27.0.2rc1
v26.0.5rc1
v25.0.10rc1
v25.0.9
v26.0.4
v27.0.1
v25.0.9rc2
v26.0.4rc2
v27.0.1rc2
v27.0.1rc1
v26.0.4rc1
v25.0.9rc1
v25.0.8
v26.0.3
v26.0.3rc2
v25.0.8rc2
v26.0.3rc1
v25.0.8rc1
v27.0.0
v27.0.0rc4
v27.0.0rc3
v27.0.0rc2
v26.0.2
v25.0.7
v26.0.2rc1
v25.0.7rc1
v27.0.0rc1
v27.0.0beta2
v27.0.0beta1
v24.0.12
v25.0.6
v26.0.1
v26.0.1rc1
v24.0.12rc1
v25.0.6rc1
v25.0.5
v24.0.11
v26.0.0
v25.0.5rc1
v24.0.11rc1
v26.0.0rc3
v26.0.0rc2
v26.0.0rc1
v26.0.0beta5
v24.0.10
v25.0.4
v26.0.0beta4
v25.0.4rc1
v24.0.10rc1
v26.0.0beta3
v26.0.0beta2
v26.0.0beta1
v24.0.9
v25.0.3
v24.0.9rc2
v25.0.3rc2
v25.0.3rc1
v24.0.9rc1
v23.0.12
v24.0.8
v25.0.2
v25.0.2rc3
v23.0.12rc2
v24.0.8rc2
v25.0.2rc2
v25.0.2rc1
v23.0.12rc1
v24.0.8rc1
v25.0.1
v24.0.7
v23.0.11
v24.0.7rc1
v25.0.1rc1
v23.0.11rc1
v25.0.0
v25.0.0rc5
v25.0.0rc4
v25.0.0rc3
v24.0.6
v23.0.10
v25.0.0rc2
v24.0.6rc1
v23.0.10rc1
v25.0.0rc1
v25.0.0beta7
v25.0.0beta6
v25.0.0beta5
v24.0.5
v23.0.9
v25.0.0beta4
v24.0.5rc1
v23.0.9rc1
v25.0.0beta3
v25.0.0beta2
v25.0.0beta1
v24.0.4
v23.0.8
v24.0.4rc1
v23.0.8rc1
v22.2.10
v23.0.7
v24.0.3
v23.0.7rc2
v22.2.10rc2
v24.0.3rc2
v22.2.10rc1
v23.0.7rc1
v24.0.3rc1
v24.0.2
v23.0.6
v22.2.9
v22.2.9rc1
v23.0.6rc1
v24.0.2rc1
v24.0.1
v23.0.5
v22.2.8
v22.2.8rc1
v23.0.5rc1
v24.0.1rc1
v24.0.0
v24.0.0rc3
v24.0.0rc2
v23.0.4
v22.2.7
v23.0.4rc1
v22.2.7rc1
v24.0.0rc1
v24.0.0beta3
v24.0.0beta2
v24.0.0beta1
v23.0.3
v22.2.6
v23.0.3rc2
v22.2.6rc2
v22.2.6rc1
v23.0.3rc1
v21.0.9
v22.2.5
v23.0.2
v21.0.9rc1
v22.2.5rc1
v23.0.2rc1
v21.0.8
v22.2.4
v23.0.1
v22.2.4rc3
v21.0.8rc3
v23.0.1rc3
v23.0.1rc2
v22.2.4rc2
v21.0.8rc2
v21.0.8rc1
v22.2.4rc1
v23.0.1rc1
v23.0.0
v23.0.0rc3
v21.0.7
v22.2.3
v22.2.2
v23.0.0rc2
v23.0.0rc1
v20.0.14
v21.0.6
v22.2.1
v23.0.0beta3
v20.0.14rc1
v21.0.6rc1
v22.2.1rc1
v23.0.0beta2
v23.0.0beta1
v21.0.5
v22.2.0
v20.0.13
v20.0.13rc1
v22.2.0rc2
v21.0.5rc1
v22.1.1
v22.1.1rc2
v22.1.1rc1
v22.1.0
v21.0.4
v20.0.12
22.1.0
20.0.12rc1
v21.0.4rc1
v22.1.0rc1
v22.0.0
v19.0.13
v20.0.11
v21.0.3
v22.0.0rc2
v21.0.3rc1
v20.0.11rc1
v19.0.13rc1
v22.0.0rc1
v22.0.0beta5
v22.0.0beta4
v22.0.0beta3
v22.0.0beta2
v22.0.0beta1
v19.0.12
v19.0.11
v20.0.10
v21.0.2
v19.0.11RC1
v20.0.10RC1
v21.0.2RC1
v19.0.10
v20.0.9
v21.0.1
v21.0.1RC1
v20.0.9RC1
v19.0.10RC1
v20.0.8
v19.0.9
v21.0.0
v19.0.9RC1
v20.0.8RC1
v21.0.0RC2
v21.0.0RC1
v20.0.7
v20.0.7RC1
v21.0.0beta8
v20.0.6
v19.0.8
v18.0.14
v21.0.0beta7
v18.0.14RC1
v19.0.8RC1
v20.0.6RC1
v21.0.0beta6
v20.0.5
v19.0.7
v18.0.13
v20.0.5RC2
v21.0.0beta5
v20.0.5RC1
v19.0.7RC1
v18.0.13RC1
v21.0.0beta4
v21.0.0beta3
v21.0.0beta2
v20.0.4
v21.0.0beta1
v18.0.12
v19.0.6
v20.0.3
v20.0.3RC2
v19.0.6RC2
v18.0.12RC2
v20.0.2
v19.0.5
v18.0.11
v20.0.2RC2
v19.0.5RC2
v18.0.11RC2
v20.0.2RC1
v18.0.11RC1
v19.0.5RC1
v20.0.1
v20.0.1RC1
v19.0.4
v18.0.10
v17.0.10
v18.0.10RC2
v19.0.4RC2
v20.0.0
v19.0.40RC1
v18.0.10RC1
v17.0.10RC1
v20.0.0RC2
v20.0.0RC1
v20.0.0beta4
v18.0.9
v19.0.3
v18.0.9RC1
v19.0.3RC1
v20.0.0beta3
v20.0.0beta2
v19.0.2
v18.0.8
v17.0.9
v17.0.9RC2
v18.0.8RC2
v19.0.2RC2
v20.0.0beta1
v19.0.2RC1
v18.0.8RC1
v17.0.9RC1
v19.0.1
v18.0.7
v17.0.8
v19.0.1RC1
v18.0.7RC1
v17.0.8RC1
v18.0.6
v16.0.11
v17.0.7
v18.0.5
v17.0.5RC1
v17.0.7RC1
v16.0.11RC1
v19.0.0
v19.0.0RC3
v19.0.0RC2
v19.0.0RC1
v19.0.0beta7
v19.0.0beta6
v19.0.0beta5
v16.0.10
v17.0.6
v18.0.4
v17.0.6RC2
v16.0.10RC2
v18.0.4RC2
v19.0.0beta4
v19.0.0beta3
v16.0.10RC1
v17.0.6RC1
v18.0.4RC1
v19.0.0beta2
v19.0.0beta1
v18.0.2
v17.0.4
v16.0.9
v18.0.2RC2
v17.0.4RC2
v16.0.9RC2
v16.0.9RC1
v17.0.4RC1
v18.0.2RC1
v18.0.1
v18.0.1RC3
v18.0.1RC2
v18.0.1RC1
v17.0.3
v16.0.8
v16.0.8RC1
v17.0.3RC1
v18.0.0
v18.0.0RC2
v18.0.0RC1
v18.0.0beta4
v18.0.0beta3
v17.0.2
v16.0.7
v15.0.14
v15.0.14RC1
v16.0.7RC1
v17.0.2RC1
v18.0.0beta2
v18.0.0beta1
v16.0.6
v15.0.13
v17.0.1
v16.0.6rc1
v15.0.13rc1
v17.0.1rc1
v17.0.0
v16.0.5
v15.0.12
v15.0.12RC1
v16.0.5RC1
v17.0.0rc2
v17.0.0rc1
v17.0.0beta4
v17.0.0beta3
v17.0.0beta2
v17.0.0beta1
v16.0.4
v15.0.11
v14.0.14
15.0.11
16.0.4
v16.0.4RC1
v15.0.11RC1
v14.0.14RC1
v16.0.3
v15.0.10
v14.0.13
v15.0.9
v16.0.2
v14.0.13RC1
v15.0.9RC1
v14.0.12
v16.0.1
v15.0.8
v14.0.11
v14.0.11RC1
v15.0.8RC1
v16.0.1RC1
v16.0.0
16.0.0RC2
v16.0.0RC1
v14.0.10
v15.0.7
v16.0.0beta3
v14.0.9
v15.0.6
v15.0.6RC1
v14.0.9RC1
v16.0.0beta2
v16.0.0beta1
v16.0.0alpha1
v15.0.5
v14.0.8
v13.0.12
v14.0.8RC2
v15.0.5RC2
v15.0.5RC1
v14.0.8RC1
v13.0.12RC1
v15.0.4
v15.0.3
v14.0.7
v13.0.11
v15.0.3RC1
v14.0.7RC1
v13.0.11RC1
v15.0.2
v14.0.6
v13.0.10
v15.0.1
v14.0.5
v13.0.9
v13.0.9RC2
v14.0.5RC2
v15.0.1RC2
v13.0.9RC1
v14.0.5RC1
v15.0.1RC1
v15.0.0
v15.0.0RC3
v15.0.0RC2
v15.0.0RC1
v14.0.4
v13.0.8
v12.0.13
v14.0.4RC2
v13.0.8RC2
v12.0.13RC2
v15.0.0beta2
v14.0.4RC1
v13.0.8RC1
v12.0.13RC1
v15.0.0beta1
v14.0.3
v14.0.2
v13.0.7
v12.0.12
v14.0.2RC2
v13.0.7RC2
v12.0.12RC2
v12.0.12RC1
v13.0.7RC1
v14.0.2RC1
14.0.2RC1
12.0.12RC1
13.0.7RC1
v14.0.1
v14.0.1RC1
v14.0.0
v14.0.0RC2
v12.0.11
v13.0.6
v14.0.0RC1
v12.0.11RC1
v13.0.6RC1
v14.0.0beta4
v14.0.0beta3
v14.0.0beta2
v14.0.0beta1
v12.0.10
v13.0.5
v13.0.5RC2
v12.0.10RC1
v13.0.5RC1
v12.0.9
v13.0.4
v12.0.8
v13.0.3
v13.0.3RC2
v13.0.3RC1
v12.0.8RC1
v12.0.7
v13.0.2
v12.0.7RC1
v13.0.2RC1
v11.0.8
v12.0.6
v13.0.1
v13.0.1RC1
v12.0.6RC1
v11.0.8RC1
v13.0.0
v13.0.0RC4
v13.0.0RC3
v11.0.7
v12.0.5
v12.0.5RC3
v11.0.7RC3
v13.0.0RC2
v12.0.5RC2
v11.0.7RC2
v13.0.0RC1
v11.0.7RC1
v12.0.5RC1
v13.0.0beta4
v13.0.0beta3
v13.0.0beta2
v11.0.6
v12.0.4
v12.0.4RC3
v11.0.6RC1
v12.0.4RC2
v12.0.4RC1
v13.0.0beta1
v12.0.3
v11.0.5
v12.0.3RC2
v11.0.5RC1
v12.0.3RC1
v12.0.2
v10.0.6
v11.0.4
v12.0.1
v12.0.1RC5
v12.0.1RC4
v12.0.1RC3
v12.0.1RC2
v10.0.6RC1
v11.0.4RC1
v12.0.1RC1
v12.0.0
v12.0.0RC3
v12.0.0RC2
v12.0.0RC1
v12.0.0beta4
v12.0.0beta3
v12.0.0beta2
v12.0.0beta1
v9.0.58
v10.0.5
v11.0.3
v10.0.5RC2
v11.0.3RC2
v11.0.3RC1
v10.0.5RC1
v9.0.58RC1
v9.0.57
v10.0.4
v11.0.2
v9.0.57RC1
v10.0.4RC1
v11.0.2RC1
v11.0.1
v10.0.3
v9.0.56
v9.0.56RC1
v10.0.3RC1
v11.0.1RC1
v11.0.0
v9.0.7
v9.1.3
v11.0RC2
v9.0.55
v10.0.2
v9.1.3RC1
v9.0.7RC1
v9.1.2
v9.0.6
v8.2.9
v8.1.11
v8.0.16
v9.1.2RC2
v9.0.6RC2
v8.2.9RC2
v8.1.11RC2
v8.0.16RC2
v9.1.2RC1
v9.0.6RC1
v8.2.9RC1
v8.1.11RC1
v8.0.16RC1
v9.1.1
v9.0.5
v8.2.8
v8.1.10
v8.0.15
v9.0.54RC1
v9.1.1RC3
v9.1.1RC2
v9.0.5RC2
v8.2.8RC2
v10.0.0
v10.0RC1
v9.1.1RC1
v9.0.5RC1
v8.2.8RC1
v8.1.10RC1
v8.0.15RC1
v9.0.53
v9.1.0RC4
v9.0.4
v8.2.7
v8.1.9
v8.0.14
v9.1.0RC3
v9.1.0RC2
v9.0.4RC1
v8.2.7RC1
v8.1.9RC2
v8.0.14RC2
v9.0.52
v9.0.52RC1
v8.1.9RC1
v9.1.0RC1
v9.0.51
v9.0.3RC1
v9.0.50
v9.0.1beta2
v9.1.0beta2
v9.1.0beta1
v7.0.15
v8.0.13
v8.1.8
v8.2.5
v7.0.15RC2
v8.0.13RC2
v8.1.8RC2
v8.2.5RC2
v7.0.15RC1
v8.0.13RC1
v8.1.8RC1
v8.2.5RC1
v7.0.14
v8.0.12
v8.1.7
v8.2.4
v9.0.2
v7.0.14RC2
v8.0.12RC2
v8.1.7RC2
v8.2.4RC2
v9.0.2RC2
v7.0.14RC1
v8.0.12RC1
v8.1.7RC1
v8.2.4RC1
v9.0.2RC1
v9.0.1
v9.0.1RC2
v9.0.1RC1
v9.0.1beta
v7.0.13
v8.0.11
v8.1.6
v8.2.3
v9.0.0
v9.0.0RC3
v7.0.13RC2
v8.0.11RC2
v8.1.6RC2
v8.2.3RC2
v9.0.0RC2
v7.0.13RC1
v8.0.11RC1
v8.1.6RC1
v8.2.3RC1
v9.0.0RC1
v9.0.0beta2
v9.0beta1
v7.0.12
v8.0.10
v8.1.5
v8.2.2
v7.0.12RC1
v8.0.10RC1
v8.1.5RC1
v8.2.2RC1
v8.2.1
v8.2.1RC4
v8.2.1RC3
v8.2.1RC2
v8.2.1RC1
v7.0.11
v8.0.9
v8.1.4
v7.0.11RC2
v8.0.9RC2
v8.1.4RC2
v7.0.11RC1
v8.0.9RC1
v8.1.4RC1
v8.2.0
v8.2RC3
v8.2RC2
v8.2RC1
v8.2beta1
v7.0.10
v8.1.2
v8.0.7
v7.0.9
v8.1.2RC1
v8.0.7RC1
v7.0.9RC1
v8.1.1
v8.0.6
v7.0.8
v7.0.8RC1
v8.0.6RC1
v8.1.1RC1
v6.0.10beta1
v7.0.8beta1
v8.0.6beta1
v8.1.1beta1
v8.1.1beta
v6.0.9
v7.0.7
v8.0.5
v8.1.0
v8.1RC2
v6.0.9RC1
v7.0.7RC1
v8.0.5RC1
v6.0.9beta
v7.0.7beta
v8.0.5beta
v6.0.8
v7.0.6
v8.0.4
v6.0.8RC2
v7.0.6RC2
v8.0.4RC2
v8.0.4RC1
v6.0.8RC1
v7.0.6RC1
v8.1.0beta2
v8.1.0beta1
v8.0.3
v8.0.3RC4
v8.1.0alpha2
v8.0.3RC3
v8.1.0alpha1
v8.0.3RC2
v8.0.3RC1
v8.0.2
v8.0.1
v8.0.1RC1
v5.0.19
v6.0.7
v7.0.5
v8.0.0
v8.0.0RC2
v8.0.0RC1
v8.0.0beta2
v8.0.0beta1
v8.0.0alpha2
v8.0.0alpha1
v7.0.4
v7.0.4RC2
v7.0.4RC1
v6.0.6
v7.0.3
v7.0.3RC3
v7.0.3RC2
v6.0.6RC1
v7.0.3RC1
v7.0.3alpha1
v6.0.5
v7.0.2
v3.0alpha1
v3.0RC1
v2.0beta3
v1.0RC1
v1.1
v1.0.0beta1
v6.0.5RC1
v7.0.2RC1
v7.0.1
v7.0.1RC1
v7.0.0
v7.0.0RC3
v7.0.0RC2
v7.0.0RC1
v7.0.0beta1
v5.0.17
v6.0.4
v7.0.0alpha2
v6.0.4beta1
v5.0.17beta1
v5.0.16
v6.0.3
v6.0.3RC1
v5.0.16RC1
v5.0.15
v6.0.2
v5.0.15RC1
v6.0.2RC1
v6.0.1
v6.0.1RC1
v5.0.14a
v5.0.14
v6.0.0a
v6.0.0
v6.0.0RC4
v6.0.0RC3
v6.0.0RC2
v6.0.0RC1
v6.0.0beta5
v6.0.0beta4
v6.0.0beta3
v5.0.13
v6.0.0beta2
v6.0.0alpha2
v5.0.12
v5.0.11
v5.0.10
v5.0.9
v5.0.8
v4.5.13
v5.0.7
v4.0.16
v4.5.12
v5.0.6
v4.5.11
v4.0.15
v4.5.10
v5.0.5
v5.0.5RC1
v4.5.10RC1
v4.0.14
v4.5.9
v5.0.4
v5.0.4RC1
v5.0.3
v5.0.2
v5.0.1
v4.0.13
v4.5.8
v5.0.0
v5.0.0RC3
v5.0.0RC2
v5.0.0RC1
v5.0.0beta2
v5.0.0beta1
v4.0.12
v4.5.7
v5.0.0alpha1
v4.0.11
v4.5.6
v4.5.5
v4.0.10
v4.5.4
v4.5.3
v4.0.9
v4.5.2
v4.5.1a
v4.5.1
v4.0.8
v4.5.0
v4.5.0RC3
v4.5.0RC2
v4.5.0RC1
v4.5.0beta4
v4.5.0beta3
v4.5.0beta2
v4.5.0beta1
v4.0.7
v4.0.6
v4.0.5
v4.0.4
v4.0.3
v4.0.2
v4.0.1
v4.0.0
v4.0.0RC2
v4.0.0RC
v4.0.0beta
v3.0.1
v3.0
list
theming-1.4.5
v10.0.1
v10.0.1RC1
v16.0.2RC1
v8.0.8
v8.1.3
v8.2.6
v8.2.6RC1
v9.0.3
v9.0.54
v9.1.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '2c51933b6b'
${ noResults }
nextcloud/core/Controller/AppPasswordController.php

210 lines
6.6 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
/**
* @copyright Copyright (c) 2018, Roeland Jago Douma <roeland@famdouma.nl>
*
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
* @author Daniel Kesselberg <mail@danielkesselberg.de>
* @author Roeland Jago Douma <roeland@famdouma.nl>
* @author Kate Döen <kate.doeen@nextcloud.com>
*
* @license GNU AGPL version 3 or any later version
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OC\Core\Controller;
use OC\Authentication\Events\AppPasswordCreatedEvent;
use OC\Authentication\Token\IProvider;
use OC\Authentication\Token\IToken;
use OC\User\Session;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\Attribute\ApiRoute;
use OCP\AppFramework\Http\Attribute\UseSession;
use OCP\AppFramework\Http\DataResponse;
use OCP\AppFramework\OCS\OCSForbiddenException;
use OCP\Authentication\Exceptions\CredentialsUnavailableException;
use OCP\Authentication\Exceptions\InvalidTokenException;
use OCP\Authentication\Exceptions\PasswordUnavailableException;
use OCP\Authentication\LoginCredentials\IStore;
use OCP\EventDispatcher\IEventDispatcher;
use OCP\IRequest;
use OCP\ISession;
use OCP\IUserManager;
use OCP\Security\Bruteforce\IThrottler;
use OCP\Security\ISecureRandom;
class AppPasswordController extends \OCP\AppFramework\OCSController {
public function __construct(
string $appName,
IRequest $request,
private ISession $session,
private ISecureRandom $random,
private IProvider $tokenProvider,
private IStore $credentialStore,
private IEventDispatcher $eventDispatcher,
private Session $userSession,
private IUserManager $userManager,
private IThrottler $throttler,
) {
parent::__construct($appName, $request);
}
/**
* @NoAdminRequired
* @PasswordConfirmationRequired
*
* Create app password
*
* @return DataResponse<Http::STATUS_OK, array{apppassword: string}, array{}>
* @throws OCSForbiddenException Creating app password is not allowed
*
* 200: App password returned
*/
#[ApiRoute(verb: 'GET', url: '/getapppassword', root: '/core')]
public function getAppPassword(): DataResponse {
// We do not allow the creation of new tokens if this is an app password
if ($this->session->exists('app_password')) {
throw new OCSForbiddenException('You cannot request an new apppassword with an apppassword');
}
try {
$credentials = $this->credentialStore->getLoginCredentials();
} catch (CredentialsUnavailableException $e) {
throw new OCSForbiddenException();
}
try {
$password = $credentials->getPassword();
} catch (PasswordUnavailableException $e) {
$password = null;
}
$userAgent = $this->request->getHeader('USER_AGENT');
$token = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
$generatedToken = $this->tokenProvider->generateToken(
$token,
$credentials->getUID(),
$credentials->getLoginName(),
$password,
$userAgent,
IToken::PERMANENT_TOKEN,
IToken::DO_NOT_REMEMBER
);
$this->eventDispatcher->dispatchTyped(
new AppPasswordCreatedEvent($generatedToken)
);
return new DataResponse([
'apppassword' => $token
]);
}
/**
* @NoAdminRequired
*
* Delete app password
*
* @return DataResponse<Http::STATUS_OK, array<empty>, array{}>
* @throws OCSForbiddenException Deleting app password is not allowed
*
* 200: App password deleted successfully
*/
#[ApiRoute(verb: 'DELETE', url: '/apppassword', root: '/core')]
public function deleteAppPassword(): DataResponse {
if (!$this->session->exists('app_password')) {
throw new OCSForbiddenException('no app password in use');
}
$appPassword = $this->session->get('app_password');
try {
$token = $this->tokenProvider->getToken($appPassword);
} catch (InvalidTokenException $e) {
throw new OCSForbiddenException('could not remove apptoken');
}
$this->tokenProvider->invalidateTokenById($token->getUID(), $token->getId());
return new DataResponse();
}
/**
* @NoAdminRequired
*
* Rotate app password
*
* @return DataResponse<Http::STATUS_OK, array{apppassword: string}, array{}>
* @throws OCSForbiddenException Rotating app password is not allowed
*
* 200: App password returned
*/
#[ApiRoute(verb: 'POST', url: '/apppassword/rotate', root: '/core')]
public function rotateAppPassword(): DataResponse {
if (!$this->session->exists('app_password')) {
throw new OCSForbiddenException('no app password in use');
}
$appPassword = $this->session->get('app_password');
try {
$token = $this->tokenProvider->getToken($appPassword);
} catch (InvalidTokenException $e) {
throw new OCSForbiddenException('could not rotate apptoken');
}
$newToken = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
$this->tokenProvider->rotate($token, $appPassword, $newToken);
return new DataResponse([
'apppassword' => $newToken,
]);
}
/**
* Confirm the user password
*
* @NoAdminRequired
* @BruteForceProtection(action=sudo)
*
* @param string $password The password of the user
*
* @return DataResponse<Http::STATUS_OK, array{lastLogin: int}, array{}>|DataResponse<Http::STATUS_FORBIDDEN, array<empty>, array{}>
*
* 200: Password confirmation succeeded
* 403: Password confirmation failed
*/
#[UseSession]
#[ApiRoute(verb: 'PUT', url: '/apppassword/confirm', root: '/core')]
public function confirmUserPassword(string $password): DataResponse {
$loginName = $this->userSession->getLoginName();
$loginResult = $this->userManager->checkPassword($loginName, $password);
if ($loginResult === false) {
$response = new DataResponse([], Http::STATUS_FORBIDDEN);
$response->throttle(['loginName' => $loginName]);
return $response;
}
$confirmTimestamp = time();
$this->session->set('last-password-confirm', $confirmTimestamp);
$this->throttler->resetDelay($this->request->getRemoteAddress(), 'sudo', ['loginName' => $loginName]);
return new DataResponse(['lastLogin' => $confirmTimestamp], Http::STATUS_OK);
}
}
Reference in New Issue View Git Blame Copy Permalink