opencloud

mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-06-22 23:09:38 -04:00

Author	SHA1	Message	Date
André Duffeck	1ea634e6e3	Do not try to create personal spaces for lightweight or service users This fixes error logs like RR error when calling Createhome error="gateway: grpc failed with code CODE_INVALID_ARGUMENT" line=github.com/opencloud-eu/opencloud/services/proxy/pkg/middleware/create_home.go:87 service=proxy e.g. during internal requests to the data provider.	2026-06-19 11:05:44 +02:00
Jörn Friedrich Dreyer	81fd00043e	Merge pull request #2063 from opencloud-eu/nats-tls-options add tls support for all nats connections	2026-06-16 13:21:22 +02:00
Florian Schade	f1208cfa32	enhancement: make collaboration mention functionality public	2026-06-11 09:28:37 +02:00
Florian Schade	159785a3b5	enhancement: make collaboration font management functionality public	2026-06-11 09:28:37 +02:00
Jörn Friedrich Dreyer	77fd4fca69	add tls support for all nats connections Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>	2026-06-10 17:04:18 +02:00
Florian Schade	457284885b	fix: remove unnecessary error log it the oidc access token verify method is set to none	2026-05-20 15:11:03 +02:00
Jörn Friedrich Dreyer	5d7bfc9033	delete unused constants Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>	2026-05-13 10:54:00 +02:00
Jörn Friedrich Dreyer	fb4112dc68	update generated code Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>	2026-05-13 10:52:44 +02:00
Florian Schade	d0e3f14539	chore: remove loop var references	2026-04-23 17:11:55 +02:00
Florian Schade	288e67cc39	chore: replace interface with any	2026-04-23 09:31:11 +02:00
Viktor Scharf	f8b28b12e9	combine version placeholder check steps [🎉 release]. set 6.1.0. version for upcoming release (#2626 ) * 🎉 release: combine version placeholder check steps * set 6.1.0 version	2026-04-20 10:43:22 +02:00
Ralf Haferkamp	d9f39773e7	proxy: add memory cache for tenant id mapping This is to reduce the number of "proxy->gateway->users->ldap" roundtrips for the tenant id mapping. The cache currently has a non-configurable ttl of 10 min. Related: #2310	2026-04-09 17:46:50 +02:00
Ralf Haferkamp	a931e53c26	proxy: Allow mapping from an external tenant id to the internal id When the tenant id coming in via the OIDC claims doesn't match the tenant id on the provisioned user, a mapping can be configured and resolved via the reva TenantAPI service (now started as part of the "users" service). Closes: #2310	2026-04-09 17:46:50 +02:00
Ralf Haferkamp	33f45fa965	feat(multi-tenancy): verify tenant via OIDC claim When multi-tenancy is enable we now allow to specify an OIDC claim against which the tenantid of the user resolved via CS3 apis is matched. Partial: #2310	2026-04-02 16:10:53 +02:00
Michael Barz	f0836c54fb	feat: add userid to spans (#2536 )	2026-03-30 10:32:24 +02:00
Florian Schade	c7fd33c919	fix: send the backchannel logout event only if a session exists	2026-02-27 11:16:53 +01:00
Florian Schade	b69b9cd569	fix: simplify subject.session key parsing	2026-02-25 14:02:09 +01:00
Florian Schade	e8ecbd7af1	refactor: make the logout mode private	2026-02-25 14:02:09 +01:00
Florian Schade	fd614eacf1	fix: use base64 record keys to prevent separator clashes with subjects or sessionIds that contain a dot	2026-02-25 14:02:09 +01:00
Florian Schade	910298aa05	chore: change naming	2026-02-25 14:02:09 +01:00
Florian Schade	7350050a05	test: add more backchannellogout tests	2026-02-25 14:02:09 +01:00
Florian Schade	f72e3f1e32	chore: cleanup backchannel logout pr for review	2026-02-25 14:02:09 +01:00
Florian Schade	0c62c45494	enhancement: document idp side-effects	2026-02-25 14:02:09 +01:00
Florian Schade	f6553498f6	enhancement: finalize backchannel logout	2026-02-25 14:02:09 +01:00
Christian Richter	6a0fd89475	refactor deletion Co-authored-by: Jörn Dreyer <j.dreyer@opencloud.eu> Co-authored-by: Michael Barz <m.barz@opencloud.eu> Signed-off-by: Christian Richter <c.richter@opencloud.eu>	2026-02-25 14:02:09 +01:00
Christian Richter	cb38aaab16	create mapping in cache for subject => sessionid Signed-off-by: Christian Richter <c.richter@opencloud.eu>	2026-02-25 14:02:09 +01:00
Christian Richter	762062bfa3	add mapping to backchannel logout for subject => sessionid Signed-off-by: Christian Richter <c.richter@opencloud.eu>	2026-02-25 14:02:09 +01:00
Christian Richter	291265afb0	add additional validation to logout token Signed-off-by: Christian Richter <c.richter@opencloud.eu> Co-authored-by: Michael Barz <m.barz@opencloud.eu>	2026-02-25 14:02:09 +01:00
Ralf Haferkamp	6dde2839df	fix(oidc_auth): Fix userinfo cache expiration logic When the userinfo claims store in the usercache is found to be expired, do not return an error but ignore the cached entry and force a re-verification of the access token (either via parsing the JWT again or via a UserInfo lookup). This is required for setups with non-JWT access tokes where the expiry date set in the cached claims does not reflect the actual token expiry, but just the CacheTTL. Fixes: #1493	2026-02-19 13:17:17 +01:00
Ralf Haferkamp	0639304e96	docs(proxy): Clarify PROXY_OIDC_USERINFO_CACHE_TTL value Try to make it more precise when that value is actually relevant. Closes: #2252	2026-02-03 15:36:37 +01:00
Christian Richter	b51c4af8d9	remove logger from proxytest Signed-off-by: Christian Richter <c.richter@opencloud.eu>	2026-01-08 14:50:44 +01:00
Christian Richter	21975d75eb	consolidate log config in proxy Signed-off-by: Christian Richter <c.richter@opencloud.eu>	2026-01-08 13:16:55 +01:00
Jörn Friedrich Dreyer	84dce9a236	correctly handle paths ending in / Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>	2026-01-07 15:04:34 +01:00
Jörn Friedrich Dreyer	38eb7fb21b	use clean urls for routing Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>	2026-01-07 15:04:34 +01:00
Jörn Friedrich Dreyer	c99342318f	merge ocdav into frontend Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>	2026-01-07 15:04:34 +01:00
Christian Richter	0372869b8b	refactor remaining code from urfave/cli Signed-off-by: Christian Richter <c.richter@opencloud.eu>	2025-12-15 16:40:27 +01:00
Christian Richter	7be33b0607	refactor interims DefaultAppCobra to DefaultApp Signed-off-by: Christian Richter <c.richter@opencloud.eu>	2025-12-15 16:40:26 +01:00
Christian Richter	882dede6d3	migrate proxy from urfave/cli to spf13/cobra Signed-off-by: Christian Richter <c.richter@opencloud.eu>	2025-12-15 16:40:26 +01:00
Anja Barz	4dcecbf5c0	fix typo (#2024 )	2025-12-15 15:01:50 +01:00
Jörn Friedrich Dreyer	56817b7de7	introduce OC_EVENTS_TLS_INSECURE Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>	2025-11-28 11:17:39 +01:00
Jörn Friedrich Dreyer	10913ca00a	Merge pull request #1918 from opencloud-eu/otlp-tracing update otlp tracing	2025-11-27 12:57:26 +01:00
Christian Richter	444af91cce	Merge pull request #1714 from MahdiBaghbani/feature-ocm-wayf feat(ocm): add WAYF configuration for reva OCM service	2025-11-27 12:55:59 +01:00
Jörn Friedrich Dreyer	a3ef7f6d79	update otlp tracing Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>	2025-11-27 12:28:15 +01:00
fschade	60501659c5	chore: bump %%NEXT%%	2025-11-27 10:53:59 +01:00
Benedikt Kulmann	487a2a0aa6	fix: add update server to default csp rules (#1875 ) * fix: add update server to default csp rules * adapt tests --------- Co-authored-by: Viktor Scharf <v.scharf@opencloud.eu>	2025-11-21 17:13:22 +01:00
Christian Richter	97ee9b36a5	incorporate requested changes Signed-off-by: Christian Richter <c.richter@opencloud.eu>	2025-11-19 09:38:16 +01:00
Christian Richter	f9807f9f3a	actually load overrideyaml Signed-off-by: Christian Richter <c.richter@opencloud.eu>	2025-11-19 09:38:16 +01:00
Christian Richter	8007e8a269	add ability to completely override csp config Signed-off-by: Christian Richter <c.richter@opencloud.eu>	2025-11-19 09:38:16 +01:00
Christian Richter	63603679a5	remove obsolete comment Signed-off-by: Christian Richter <c.richter@opencloud.eu>	2025-11-19 09:38:16 +01:00
Christian Richter	16f9667fe8	adapt tests & deepmerge Signed-off-by: Christian Richter <c.richter@opencloud.eu>	2025-11-19 09:38:16 +01:00

1 2 3 4 5 ...

411 Commits