61510220f3
fix generated authorization url when the one from the discovery contains GET params
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2022-10-22 16:29:02 +02:00
10dfb13515
Merge pull request #511 from nextcloud/bump-vue-and-vue-template-compiler
...
Bump @nextcloud/vue, vue and vue-template-compiler
2022-10-21 15:53:43 +02:00
6d57c34761
use postgres 14 in CI
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2022-10-21 15:22:24 +02:00
9830ca8cd5
bump @nextcloud/vue to 7.0.0, adjust components and style
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2022-10-21 15:22:24 +02:00
faeb303385
bump vue and vue-template-compiler
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2022-10-21 15:22:24 +02:00
2175e5d10f
Merge pull request #517 from nextcloud/release/1.2.1
...
Prepare 1.2.1 release
2022-10-21 13:32:53 +02:00
f4de183d2b
Prepare 1.2.1 release
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2022-10-21 13:28:24 +02:00
fea385ba04
Merge pull request #516 from nextcloud/fix/noid/sanitize-authorization_endpoint
...
Sanitize the authorization_endpoint to avoid XSS in Safari
2022-10-21 13:28:01 +02:00
5392ee71a9
sanitize the authorization_endpoint instead of performing a (too) simple check
...
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
2022-10-19 14:40:10 +02:00
91467ae15d
Merge pull request #504 from nextcloud/update-master-version
...
Add Nextcloud 26 support
2022-10-06 09:36:35 +02:00
0d7c31e03f
Merge pull request #506 from nextcloud/dependabot/npm_and_yarn/nextcloud/axios-2.1.0
2022-10-03 01:52:57 +00:00
9c94af6cc6
Bump @nextcloud/axios from 2.0.0 to 2.1.0
...
Bumps [@nextcloud/axios](https://github.com/nextcloud/nextcloud-axios ) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/nextcloud/nextcloud-axios/releases )
- [Changelog](https://github.com/nextcloud/nextcloud-axios/blob/master/CHANGELOG.md )
- [Commits](https://github.com/nextcloud/nextcloud-axios/compare/v2.0.0...v2.1.0 )
---
updated-dependencies:
- dependency-name: "@nextcloud/axios"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-03 01:36:48 +00:00
58cb4f85f3
Merge pull request #503 from nextcloud/update-master-target-versions
...
Adjust testing matrix for Nextcloud 25 on master
2022-09-30 14:36:59 +02:00
c31c77c08b
Merge pull request #505 from nextcloud/dependabot/composer/phpunit/phpunit-9.5.25
2022-09-26 02:21:17 +00:00
42c83c38da
Bump phpunit/phpunit from 9.5.24 to 9.5.25
...
Bumps [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit ) from 9.5.24 to 9.5.25.
- [Release notes](https://github.com/sebastianbergmann/phpunit/releases )
- [Changelog](https://github.com/sebastianbergmann/phpunit/blob/main/ChangeLog-9.5.md )
- [Commits](https://github.com/sebastianbergmann/phpunit/compare/9.5.24...9.5.25 )
---
updated-dependencies:
- dependency-name: phpunit/phpunit
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-09-26 01:36:24 +00:00
105fcb5398
Add Nextcloud 25 support
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2022-09-22 13:45:57 +02:00
02c7f3774f
Adjust testing matrix for Nextcloud 25 on master
...
Signed-off-by: Joas Schilling <coding@schilljs.com>
2022-09-22 13:02:39 +02:00
da540ddc16
Merge pull request #498 from nextcloud/fix/noid/user-backend-check-first-login
...
Fix mistake in user backend
2022-09-06 12:47:59 +02:00
437f3fa908
fix mistake in user backend leading to crash on bearer token validation
...
Signed-off-by: Julien Veyssier <eneiluj@posteo.net>
2022-09-06 12:22:07 +02:00
4a61b57326
Merge pull request #496 from nextcloud/fix/noid/check-authorization_endpoint
2022-09-02 17:03:45 +02:00
08356ecae7
Merge pull request #497 from nextcloud/enh/noid/modernize-settings-ui
2022-09-02 16:23:21 +02:00
21ad1e9750
use material icons, @nextcloud/vue components, bump all js libs, add warning about HTTP provider
...
Signed-off-by: Julien Veyssier <eneiluj@posteo.net>
2022-09-02 15:13:31 +02:00
89ef9514cd
check authorization_endpoint is valid before redirecting to it (or inserting it in <meta> for safari)
...
Signed-off-by: Julien Veyssier <eneiluj@posteo.net>
2022-09-02 13:45:03 +02:00
893bc693cd
Merge pull request #493 from ubipo/master
...
Add client_id and id_token_hint to IdP logout
2022-09-02 12:54:21 +02:00
4a9b9a095f
Add client_id and id_token_hint to IdP logout
...
This adds two parameters to the end_session_endpoint IdP URL which the
user gets redirected to when singleLogout is triggered.
These paramters are:
- client_id: the client ID of the current session's provider. 'OPTIONAL'
as per the relevant OpenID specification.
- id_token_hint: the raw id_token that was obtained during the code
callback of this session's login flow (set in session variable `oidc.id_token`). 'RECOMMENDED' by the relevant OpenID specification [1].
Some providers (e.g. node-oidc-provider[2] and Keycloak[3]) require this when using the code OAuth flow.
Because passing id_token_hint reveals the id_token to the user agent, a
app setting was also added to optionally turn this behaviour off (default is
turned on).
Builds upon PR #373 / issue #336
Fixes issue #449
[1]: https://openid.net/specs/openid-connect-rpinitiated-1_0.html#RPLogout
[2]: c243bf6b66/lib/actions/end_session.js (L32)https://www.keycloak.org/docs/latest/release_notes/index.html#oidc-logout-changes
Signed-off-by: Pieter Fiers <pieter@pfiers.net>
2022-09-01 17:51:59 +02:00
95daf74c20
Merge pull request #495 from nextcloud/fix/noid/enforce-https
...
Enforce https
2022-08-31 18:34:21 +02:00
8dd6baf7a7
enforce https, cleanup login controller
...
Signed-off-by: Julien Veyssier <eneiluj@posteo.net>
2022-08-31 18:18:34 +02:00
1e8c32e03e
Merge pull request #494 from nextcloud/dependabot/composer/phpunit/phpunit-9.5.24
2022-08-31 01:34:05 +00:00
6f13e69c19
Bump phpunit/phpunit from 9.5.23 to 9.5.24
...
Bumps [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit ) from 9.5.23 to 9.5.24.
- [Release notes](https://github.com/sebastianbergmann/phpunit/releases )
- [Changelog](https://github.com/sebastianbergmann/phpunit/blob/main/ChangeLog-9.5.md )
- [Commits](https://github.com/sebastianbergmann/phpunit/compare/9.5.23...9.5.24 )
---
updated-dependencies:
- dependency-name: phpunit/phpunit
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-08-31 01:27:45 +00:00
048bb97f63
Merge pull request #492 from nextcloud/dependabot/npm_and_yarn/nextcloud/logger-2.3.0
2022-08-26 01:17:19 +00:00
56de03d980
Bump @nextcloud/logger from 2.2.1 to 2.3.0
...
Bumps [@nextcloud/logger](https://github.com/nextcloud/nextcloud-logger ) from 2.2.1 to 2.3.0.
- [Release notes](https://github.com/nextcloud/nextcloud-logger/releases )
- [Changelog](https://github.com/nextcloud/nextcloud-logger/blob/master/CHANGELOG.md )
- [Commits](https://github.com/nextcloud/nextcloud-logger/compare/v2.2.1...v2.3.0 )
---
updated-dependencies:
- dependency-name: "@nextcloud/logger"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-08-26 01:07:47 +00:00
b4f3a1a60e
Merge pull request #489 from nextcloud/dependabot/composer/phpunit/phpunit-9.5.23
2022-08-23 01:25:10 +00:00
4d054098cf
Bump phpunit/phpunit from 9.5.22 to 9.5.23
...
Bumps [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit ) from 9.5.22 to 9.5.23.
- [Release notes](https://github.com/sebastianbergmann/phpunit/releases )
- [Changelog](https://github.com/sebastianbergmann/phpunit/blob/main/ChangeLog-9.5.md )
- [Commits](https://github.com/sebastianbergmann/phpunit/compare/9.5.22...9.5.23 )
---
updated-dependencies:
- dependency-name: phpunit/phpunit
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-08-23 01:10:17 +00:00
ccb3983544
Merge pull request #486 from nextcloud/enh/noid/use-node-16
2022-08-22 13:41:42 +02:00
3f5b01582e
use node 16, bump js libs, adjust to new eslint config
...
Signed-off-by: Julien Veyssier <eneiluj@posteo.net>
2022-08-22 12:04:52 +02:00
c6e5cb04d8
Merge pull request #485 from nextcloud/dependabot/composer/phpunit/phpunit-9.5.22
2022-08-22 02:05:22 +00:00
c1e6c46842
Bump phpunit/phpunit from 9.5.21 to 9.5.22
...
Bumps [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit ) from 9.5.21 to 9.5.22.
- [Release notes](https://github.com/sebastianbergmann/phpunit/releases )
- [Changelog](https://github.com/sebastianbergmann/phpunit/blob/main/ChangeLog-9.5.md )
- [Commits](https://github.com/sebastianbergmann/phpunit/compare/9.5.21...9.5.22 )
---
updated-dependencies:
- dependency-name: phpunit/phpunit
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-08-22 01:33:13 +00:00
db24e2d561
Merge pull request #482 from nextcloud/dependabot/npm_and_yarn/nextcloud/stylelint-config-2.2.0
2022-08-12 01:39:47 +00:00
833a4de587
Bump @nextcloud/stylelint-config from 2.1.2 to 2.2.0
...
Bumps [@nextcloud/stylelint-config](https://github.com/nextcloud/stylelint-config ) from 2.1.2 to 2.2.0.
- [Release notes](https://github.com/nextcloud/stylelint-config/releases )
- [Changelog](https://github.com/nextcloud/stylelint-config/blob/master/CHANGELOG.md )
- [Commits](https://github.com/nextcloud/stylelint-config/compare/v2.1.2...v2.2.0 )
---
updated-dependencies:
- dependency-name: "@nextcloud/stylelint-config"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-08-12 01:05:36 +00:00
196a6b23d2
Merge pull request #480 from nextcloud/dependabot/npm_and_yarn/nextcloud/axios-1.11.0
2022-08-11 02:26:04 +00:00
9f494a86e0
Bump @nextcloud/axios from 1.10.0 to 1.11.0
...
Bumps [@nextcloud/axios](https://github.com/nextcloud/nextcloud-axios ) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/nextcloud/nextcloud-axios/releases )
- [Changelog](https://github.com/nextcloud/nextcloud-axios/blob/master/CHANGELOG.md )
- [Commits](https://github.com/nextcloud/nextcloud-axios/compare/v1.10.0...v1.11.0 )
---
updated-dependencies:
- dependency-name: "@nextcloud/axios"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-08-11 02:00:19 +00:00
9135dbfb65
Merge pull request #478 from nextcloud/dependabot/npm_and_yarn/nextcloud/dialogs-3.2.0
2022-08-11 01:59:05 +00:00
61da3897cf
Bump @nextcloud/dialogs from 3.1.4 to 3.2.0
...
Bumps [@nextcloud/dialogs](https://github.com/nextcloud/nextcloud-dialogs ) from 3.1.4 to 3.2.0.
- [Release notes](https://github.com/nextcloud/nextcloud-dialogs/releases )
- [Changelog](https://github.com/nextcloud/nextcloud-dialogs/blob/master/CHANGELOG.md )
- [Commits](https://github.com/nextcloud/nextcloud-dialogs/compare/v3.1.4...v3.2.0 )
---
updated-dependencies:
- dependency-name: "@nextcloud/dialogs"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-08-11 01:39:20 +00:00
5a007e703e
Merge pull request #467 from nextcloud/dependabot/npm_and_yarn/vue-2.7.8
2022-08-08 04:34:06 +00:00
1871e9822b
Bump vue from 2.6.14 to 2.7.8
...
Bumps [vue](https://github.com/vuejs/core ) from 2.6.14 to 2.7.8.
- [Release notes](https://github.com/vuejs/core/releases )
- [Changelog](https://github.com/vuejs/core/blob/main/CHANGELOG.md )
- [Commits](https://github.com/vuejs/core/commits )
---
updated-dependencies:
- dependency-name: vue
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-08-08 06:23:51 +02:00
5fbfae8105
Merge pull request #473 from nextcloud/dependabot/npm_and_yarn/nextcloud/browserslist-config-2.3.0
2022-08-08 01:53:59 +00:00
785032cf09
Bump @nextcloud/browserslist-config from 2.2.0 to 2.3.0
...
Bumps [@nextcloud/browserslist-config](https://github.com/nextcloud/browserslist-config ) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/nextcloud/browserslist-config/releases )
- [Commits](https://github.com/nextcloud/browserslist-config/compare/v2.2.0...v2.3.0 )
---
updated-dependencies:
- dependency-name: "@nextcloud/browserslist-config"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-08-08 01:31:05 +00:00
181ad6d6a4
Merge pull request #470 from nextcloud/dependabot/composer/bamarni/composer-bin-plugin-1.8.1
2022-08-04 01:39:07 +00:00
6aea3ef0a0
Bump bamarni/composer-bin-plugin from 1.8.0 to 1.8.1
...
Bumps [bamarni/composer-bin-plugin](https://github.com/bamarni/composer-bin-plugin ) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/bamarni/composer-bin-plugin/releases )
- [Commits](https://github.com/bamarni/composer-bin-plugin/compare/1.8.0...1.8.1 )
---
updated-dependencies:
- dependency-name: bamarni/composer-bin-plugin
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-08-04 01:08:32 +00:00
6f36b1ed31
Merge pull request #469 from nextcloud/feat/workflow-auto-update-dependabot-approve-merge.yml
...
Updating dependabot-approve-merge.yml workflow from template
2022-08-03 13:09:46 +02:00
Julien Veyssier
Julius Härtl
dependabot[bot]
Côme Chilliet
Joas Schilling
Julien Veyssier
Pieter Fiers
Joas Schilling