mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-05-21 04:18:36 -05:00
Code Issues Packages Projects Releases Wiki Activity
10,819 Commits 57 Branches 58 Tags
5e166193ad69450dcd8e404b6920c8eb964ea2b4
Commit Graph

163 Commits

Author SHA1 Message Date
Willy Kloucek dbcd78e6ef Merge pull request #4403 from wkloucek/storage-users-uploads-category 
restructure storage-users upload command
 2022-08-18 10:56:47 +02:00
Willy Kloucek ef8c600cf7 Merge pull request #4376 from wkloucek/open-with-web-endpoitn 
[full-ci] add open-with-web endpoint
 2022-08-18 10:21:01 +02:00
Willy Kloucek 70bce6b3f0 remove leading slash 2022-08-18 09:35:48 +02:00
Willy Kloucek 08c7743df9 add header to clean up and rename purge to clean in leftover places 2022-08-18 09:20:58 +02:00
Willy Kloucek 12204e4d91 remove category from uploads section 2022-08-17 15:05:26 +02:00
Willy Kloucek 7d76650e5f further improve descriptions 2022-08-17 14:58:31 +02:00
Willy Kloucek ea1484250f improve usage text 
Co-authored-by: Martin <github@diemattels.at>
 2022-08-17 14:29:42 +02:00
jkoberg 152ce60d87 fix audit service 
Signed-off-by: jkoberg <jkoberg@owncloud.com>
 2022-08-17 14:20:05 +02:00
jkoberg 66ff20442f use .golangci.yml 
Signed-off-by: jkoberg <jkoberg@owncloud.com>
 2022-08-17 14:20:05 +02:00
Willy Kloucek 82acd83c61 remove fmt.Sprintf 2022-08-17 12:56:12 +02:00
Willy Kloucek c0f0b0efb4 move the uploads command into a category 2022-08-17 12:40:02 +02:00
Willy Kloucek 067e614713 implement review feedback 2022-08-17 12:25:55 +02:00
Willy Kloucek 5730ad6d5b add documentation, wire configuration 2022-08-17 12:13:47 +02:00
Willy Kloucek 0a9790105d introduce staticurlparams 2022-08-17 12:13:47 +02:00
Willy Kloucek f9a25c0625 add open-with-web endpoint, needs cs3org/reva#3143 2022-08-17 12:13:47 +02:00
Willy Kloucek 19e3169800 let idp init private key also if the file already exists and is empty 2022-08-15 11:15:38 +02:00
Michael Barz 47e52fc357 Merge pull request #4365 from rhafer/issue/4276 
Add `ocis idm resetpassword` subcommand
 2022-08-12 15:45:09 +02:00
Michael Barz 77ade496a7 update web to v5.7.0-rc9 2022-08-10 19:11:34 +02:00
root eb5e9675d6 Add ocis idm resetpassword subcommand 
This allows resetting the ocis admin user's password (when ocis is
not running) when running with the builtin LDAP server.

Fixes #4084
 2022-08-09 12:34:36 +02:00
Michael Barz a503e808c0 Merge pull request #4256 from aduffeck/cleanup-uploads 
Add a cli for listing and cleaning up expired uploads
 2022-08-09 12:09:17 +02:00
Michael Barz 0f4597da92 Merge pull request #4363 from owncloud/fix-quota-unrestricted 
fix unrestricted quota
 2022-08-08 20:57:44 +02:00
Michael Barz bb9903515f fix unrestricted quota 2022-08-08 19:25:22 +02:00
Benedikt Kulmann 84daa63380 Merge pull request #4359 from owncloud/update-web-5.7.0-rc.8 
[full-ci] bump web to v5.7.0-rc.8
 2022-08-08 18:01:51 +02:00
Michael Barz df8e64665b Merge pull request #4358 from owncloud/update-graph-api 
add expand query for personal drive
 2022-08-08 17:45:12 +02:00
Benedikt Kulmann 974469346c chore: bump web to v5.7.0-rc.8 2022-08-08 17:25:13 +02:00
Michael Barz 67b52bbd55 add expand query for personal drive 2022-08-08 16:43:59 +02:00
Michael Barz 51fe4a8560 Merge pull request #4356 from owncloud/code-improvements 
add storageID to the special items, improve code
 2022-08-08 16:43:14 +02:00
Michael Barz bde5d69839 add storageID to the special items, improve code 2022-08-08 16:07:19 +02:00
Michael Barz 03c63380da Merge pull request #4346 from wkloucek/rewrite-oidc-well-known 
add middleware to rewrite the /.well-known/openid-configuration endpoint for external idps
 2022-08-08 15:36:34 +02:00
Ralf Haferkamp 23b9437c08 Avoid panics when LDAP users miss required attributes 2022-08-05 16:46:45 +02:00
Ralf Haferkamp c7359a849f Avoid unneeded extra LDAP query per group 
When expanding members of an LDAP group we did two group lookup per
Group. This can be avoided by expanding the members right from the
Group entry of the first query.

This also add some more unit test coverage, especially to the expand/select
group member test cases.
 2022-08-05 16:46:45 +02:00
Ralf Haferkamp 8dde4e5b94 Add LDAP query details to debug log 2022-08-05 16:46:45 +02:00
Ralf Haferkamp d867a8bc7c Don't panic on missing group attributes 
Closes #4274
 2022-08-05 16:46:45 +02:00
Willy Kloucek 94646c8060 add middleware to rewrite the /.well-known/openid-configuration endpoint for external idps 2022-08-05 14:12:01 +02:00
Willy Kloucek 58ccdaca08 improve PROXY_USER_CS3_CLAIM description 2022-08-05 10:47:51 +02:00
Ralf Haferkamp 03a8db45c1 Switch default for user and group substring search 
We now default LDAP_GROUP_SUBSTRING_FILTER_TYPE and LDAP_USER_SUBSTRING_FILTER_TYPE
to "any", which means full substring search. The previous default was just using prefix
matching.

Closes #4282
 2022-08-04 11:23:17 +02:00
André Duffeck e35327cdf2 Add a cli for listing and cleaning up expired uploads 
Fixes #2622
 2022-08-04 09:41:55 +02:00
Michael Barz 1808fa0bdf Merge pull request #4323 from owncloud/fix-user-drives-quota 
fix listing of drives and quota
 2022-08-03 14:40:41 +02:00
Michael Barz cb7d024d89 fix listing of drives and quota 2022-08-03 12:50:00 +02:00
Jannik Stehle 492ac5ced4 Set the alias link capability to false 2022-08-03 12:17:27 +02:00
Ralf Haferkamp 6e848c7254 Use mutex for lazy init function 
To avoid possible threading issues
 2022-08-03 12:00:31 +02:00
Ralf Haferkamp 74d9d0f3e0 Apply suggestions from code review 
Co-authored-by: Martin <github@diemattels.at>
 2022-08-03 12:00:31 +02:00
Ralf Haferkamp 8229567213 Allow to configure the JWKS refresh settings 
This exposes a couple for knobs for the jwks keyfunc module to adjust
timeout and refresh intervals.
 2022-08-03 12:00:31 +02:00
Ralf Haferkamp eb94530433 Add option to configure access token verification 
Allow to switch jwt access token verification and off. Many (most?) IDP
provide JWT encoded access tokens. If ocis is configure to assume jwt
access tokens (access_token_verify_method==jwt) we now properly verify
the tokens signature and a set of standard claims ("exp", "iat" and nbf"
by way of the jwt module's standard verification and "iss" explicitliy).

This change also allows for introduction of other access token verification
mechanism in the future (e.g. through introspection (RFC7662).
 2022-08-03 12:00:31 +02:00
Ralf Haferkamp 454cea8a1c Try to verify access_token as JWT and extract expiry 
We try to parse the access token as a JWT now. Verifying the signature
using the keys downloaded from the jwks_uri of the IDP. Currently we
only use it to extract the expiry information from the JWT. This could
be reworked to extract other claims from the token for authorization
purposes.

Fixes: #3841
 2022-08-03 12:00:31 +02:00
Ralf Haferkamp 0b055ca621 Remove obsolete comment 
Token/Userinfo caching is already present since a while
 2022-08-03 12:00:31 +02:00
Benedikt Kulmann ca3c6ff570 chore: bump web to v5.7.0-rc.7 2022-08-02 18:19:55 +02:00
Ralf Haferkamp 53751339a6 Use existing mockery mock instead of manual ldap.Client mock 2022-08-02 16:14:39 +02:00
Ralf Haferkamp fa36a73c54 Add missing new methods to fulfill ldap.Client interface 2022-08-02 15:34:59 +02:00
Andre Duffeck 9fc485c95f Merge pull request #4308 from aduffeck/fix-search-in-received-shares 
Fix search in received shares
 2022-08-02 09:11:32 +02:00