mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-01-08 13:19:58 -06:00
Code Issues Packages Projects Releases Wiki Activity
10,703 Commits 49 Branches 39 Tags
8dde4e5b941d41397ffd5d31c2eac34f682e124a
Commit Graph

130 Commits

Author SHA1 Message Date
Ralf Haferkamp
8dde4e5b94 Add LDAP query details to debug log 2022-08-05 16:46:45 +02:00
Ralf Haferkamp
d867a8bc7c Don't panic on missing group attributes 
Closes #4274
 2022-08-05 16:46:45 +02:00
Willy Kloucek
58ccdaca08 improve PROXY_USER_CS3_CLAIM description 2022-08-05 10:47:51 +02:00
Ralf Haferkamp
03a8db45c1 Switch default for user and group substring search 
We now default LDAP_GROUP_SUBSTRING_FILTER_TYPE and LDAP_USER_SUBSTRING_FILTER_TYPE
to "any", which means full substring search. The previous default was just using prefix
matching.

Closes #4282
 2022-08-04 11:23:17 +02:00
Michael Barz
1808fa0bdf Merge pull request #4323 from owncloud/fix-user-drives-quota 
fix listing of drives and quota
 2022-08-03 14:40:41 +02:00
Michael Barz
cb7d024d89 fix listing of drives and quota 2022-08-03 12:50:00 +02:00
Jannik Stehle
492ac5ced4 Set the alias link capability to false 2022-08-03 12:17:27 +02:00
Ralf Haferkamp
6e848c7254 Use mutex for lazy init function 
To avoid possible threading issues
 2022-08-03 12:00:31 +02:00
Ralf Haferkamp
74d9d0f3e0 Apply suggestions from code review 
Co-authored-by: Martin <github@diemattels.at>
 2022-08-03 12:00:31 +02:00
Ralf Haferkamp
8229567213 Allow to configure the JWKS refresh settings 
This exposes a couple for knobs for the jwks keyfunc module to adjust
timeout and refresh intervals.
 2022-08-03 12:00:31 +02:00
Ralf Haferkamp
eb94530433 Add option to configure access token verification 
Allow to switch jwt access token verification and off. Many (most?) IDP
provide JWT encoded access tokens. If ocis is configure to assume jwt
access tokens (access_token_verify_method==jwt) we now properly verify
the tokens signature and a set of standard claims ("exp", "iat" and nbf"
by way of the jwt module's standard verification and "iss" explicitliy).

This change also allows for introduction of other access token verification
mechanism in the future (e.g. through introspection (RFC7662).
 2022-08-03 12:00:31 +02:00
Ralf Haferkamp
454cea8a1c Try to verify access_token as JWT and extract expiry 
We try to parse the access token as a JWT now. Verifying the signature
using the keys downloaded from the jwks_uri of the IDP. Currently we
only use it to extract the expiry information from the JWT. This could
be reworked to extract other claims from the token for authorization
purposes.

Fixes: #3841
 2022-08-03 12:00:31 +02:00
Ralf Haferkamp
0b055ca621 Remove obsolete comment 
Token/Userinfo caching is already present since a while
 2022-08-03 12:00:31 +02:00
Benedikt Kulmann
ca3c6ff570 chore: bump web to v5.7.0-rc.7 2022-08-02 18:19:55 +02:00
Ralf Haferkamp
53751339a6 Use existing mockery mock instead of manual ldap.Client mock 2022-08-02 16:14:39 +02:00
Ralf Haferkamp
fa36a73c54 Add missing new methods to fulfill ldap.Client interface 2022-08-02 15:34:59 +02:00
Andre Duffeck
9fc485c95f Merge pull request #4308 from aduffeck/fix-search-in-received-shares 
Fix search in received shares
 2022-08-02 09:11:32 +02:00
André Duffeck
814342a101 Fix search in received shares 
It apparently broke as a fallout of the shareid refactoring.
 2022-08-01 13:55:52 +02:00
Michael Barz
cce04f94ff set virtual owner on non-personal spaces 2022-08-01 12:53:24 +02:00
Christian Richter
a030459c70 incorporate requested changes 
Signed-off-by: Christian Richter <crichter@owncloud.com>
 2022-07-29 14:39:19 +02:00
Christian Richter
1e21e23056 add drives output 
Signed-off-by: Christian Richter <crichter@owncloud.com>
 2022-07-29 14:39:19 +02:00
ownClouders
1da7c12ee7 [tx] updated from transifex 2022-07-29 00:06:21 +00:00
Jörn Friedrich Dreyer
9b99a61cdb Merge pull request #4266 from wkloucek/update-go-micro 
update go-micro
 2022-07-26 06:51:25 +00:00
Willy Kloucek
7365d6cb13 short error return syntax 2022-07-25 16:38:02 +02:00
Willy Kloucek
26d50b5623 switch to different mail lib to add insecure flag 2022-07-25 16:22:27 +02:00
Willy Kloucek
bee33638ef remove Body from endpoint, see 3381a9f3db 2022-07-25 12:16:37 +02:00
Ralf Haferkamp
b4a90b132b Demote demo user "moss" from admin to space-admin 
Fixes: #3625
 2022-07-22 16:47:04 +02:00
jkoberg
e6ef03fb43 add Makefile 
Signed-off-by: jkoberg <jkoberg@owncloud.com>
 2022-07-22 11:25:04 +02:00
jkoberg
fdaa55865c add search unit test to ci 
Signed-off-by: jkoberg <jkoberg@owncloud.com>
 2022-07-22 11:16:53 +02:00
jkoberg
e56632681b update description for event structs 
Signed-off-by: jkoberg <jkoberg@owncloud.com>
 2022-07-21 10:27:43 +02:00
Pascal Wengerter
cdadd5d00f Merge pull request #4214 from owncloud/dependabot/npm_and_yarn/services/settings/eslint-plugin-n-15.2.4 
Bump eslint-plugin-n from 15.2.3 to 15.2.4 in /services/settings
 2022-07-20 13:44:28 +02:00
Pascal Wengerter
18d758fef7 Merge pull request #4236 from owncloud/dependabot/npm_and_yarn/services/settings/terser-5.14.2 
Bump terser from 5.7.2 to 5.14.2 in /services/settings
 2022-07-20 13:44:08 +02:00
Ralf Haferkamp
288b76d955 Add config for setting search_min_length capability 
This adds the "search_min_length" setting to the frontend service which
allows to set the search_min_length capabilty which is e.g. used by
web.

Partial: #547
 2022-07-20 11:55:04 +02:00
Ralf Haferkamp
6d47ee16c9 Allow configuration of substring search for searching sharees 
This introduces new settings for the users and groups services.
"group_substring_filter_type" for the group services and
"user_substring_filter_type" for the users service. They allow to set
the type of LDAP filter that is used for substring user searches.
Possible values are: "initial", "final" and "any" to do either prefix,
suffix or full substring searches.

Fixes #547
 2022-07-20 11:55:04 +02:00
dependabot[bot]
6dc8047f32 Bump terser from 5.7.2 to 5.14.2 in /services/settings 
Bumps [terser](https://github.com/terser/terser) from 5.7.2 to 5.14.2.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/commits)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-20 09:13:54 +00:00
Willy Kloucek
8312803c16 improve error log for "could not get user by claim" error 2022-07-19 13:58:39 +02:00
dependabot[bot]
eb086128c6 Bump eslint-plugin-n from 15.2.3 to 15.2.4 in /services/settings 
Bumps [eslint-plugin-n](https://github.com/weiran-zsd/eslint-plugin-node) from 15.2.3 to 15.2.4.
- [Release notes](https://github.com/weiran-zsd/eslint-plugin-node/releases)
- [Commits](https://github.com/weiran-zsd/eslint-plugin-node/compare/15.2.3...15.2.4)

---
updated-dependencies:
- dependency-name: eslint-plugin-n
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-18 06:33:25 +00:00
Willy Kloucek
7cbd1ad357 make graph service events optional 2022-07-15 07:51:30 +02:00
Willy Kloucek
7c8a85f54c Merge pull request #4180 from owncloud/fix-search-reva-addr-config 
fix search reva addr config parsing
 2022-07-15 07:28:56 +02:00
Willy Kloucek
e0523796d9 Merge pull request #4204 from rhafer/cleanup 
Remove unused BindEnv code
 2022-07-15 07:14:06 +02:00
Ralf Haferkamp
946f3e8feb Remove unused BindEnv code 
We dropped this in favour of envdecode a while ago.
 2022-07-14 16:34:25 +02:00
Ralf Haferkamp
0f257af6e4 Align default login attribute across services 
Up to now the builtin lico was using the "username" as the login
attribute, while the proxy (and to some extend the auth-basic) service
tried to uniquely identify users by mail address. This aligns the
default configuration of the services to use the username everywhere.

Fixes: #4039
 2022-07-14 14:21:34 +02:00
André Duffeck
cfceb854b1 Fix rebase errors 2022-07-13 11:34:24 +02:00
André Duffeck
b9919aa69b Return the range and number of total matches in a Content-Range header 2022-07-13 10:42:52 +02:00
André Duffeck
a4ba79dc3e Compile one sorted list of matches and apply the limit if needed 2022-07-13 10:42:52 +02:00
André Duffeck
0fb8721da6 Return the number of total matches 2022-07-13 10:42:50 +02:00
Michael Barz
2a5eb63e03 Merge pull request #4148 from owncloud/space-id 
[full-ci] use spaceID
 2022-07-12 15:25:24 +02:00
Jörn Friedrich Dreyer
52f11cfd80 fix search reva addr config parsing 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2022-07-12 11:46:31 +00:00
Jörn Friedrich Dreyer
761a09247c log owner when machine auth fails 
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
 2022-07-12 08:58:55 +00:00
Pascal Wengerter
2f339ce5ee [full-ci] Bump web to v5.7.0-rc.5 (#4166) 
* Bump web to v5.7.0-rc.5

* Update expected failures
 2022-07-11 16:17:52 +02:00