owncloud
[FEATURE REQUEST] User feedback for link passwords according to password policy rules (exposed via ocs/v1.php/cloud/capabilities)
oCIS + Web
ownCloud Infinite Scale now exposes the passwords policy for links via ocs/v1.php/cloud/capabilities:
- https://github.com/owncloud/ocis/issues?q=password+policy+in%3Atitle
ownCloud web provides user feedback, when a password characters get entered:
- https://github.com/owncloud/web/issues?q=password+policy+in%3Atitle
It will be enabled by default soon:
- https://github.com/owncloud/ocis/issues/7682
And it's nicely documented here:
- https://owncloud.dev/services/frontend/#the-password-policy
oC10
This was previously implemented in ownCloud 10 server, also exposed via ocs/v1.php/cloud/capabilities, but with a slightly different structure:
- Issue: https://github.com/owncloud/password_policy/issues/76
- PR: https://github.com/owncloud/password_policy/pull/335
It's documented here:
- https://doc.owncloud.com/server/admin_manual/configuration/server/security/password_policy.html
We could discuss to implement it oCIS-only, or also for oC10 instances…
Deployed on our example instances:
curl 'https://ocis.ocis-traefik.latest.owncloud.works/ocs/v1.php/cloud/capabilities?format=json' \
-X 'GET' \
-H 'Authorization: Bearer eyJhbGciOiJQUzI1NiIsImtpZCI6InByaXZhdGUta2V5IiwidHlwIjoiSldUIn0.eyJhdWQiOiJ3ZWIiLCJleHAiOjE2OTk5NzEyMjEsImlhdCI6MTY5OTk3MDkyMSwiaXNzIjoiaHR0cHM6Ly9vY2lzLm9jaXMtdHJhZWZpay5sYXRlc3Qub3duY2xvdWQud29ya3MiLCJqdGkiOiJXYktPWGNIS2h1LV93elJPaXZtbExEb1YteXpzNzJwRCIsImxnLmkiOnsiZG4iOiJLYXRoZXJpbmUgSm9obnNvbiIsImlkIjoib3duQ2xvdWRVVUlEPTUzNGJiMDM4LTZmOWQtNDA5My05NDZmLTEzM2JlNjFmYTRlNyIsInVuIjoia2F0aGVyaW5lIn0sImxnLnAiOiJpZGVudGlmaWVyLWxkYXAiLCJsZy50IjoiMSIsInNjcCI6Im9wZW5pZCBwcm9maWxlIGVtYWlsIiwic3ViIjoiZXB2RHBQaDdrbk5fTHlJNkBtTEs1c1NxVWFlX1YwM21TT2tGQktTZG1LNkRMekxyWnFTRElaSFl0am9GaXRCTnE1dGkzbTdfWE1MSHpIVWxqVzVMeGd3In0.BssvcnZrac_4_Y9_-rUnBzqtZ_280DuRUZShJbNiJfi-nBjc9KUZLBL9q3SPjssX4NC3inH9bSs-00su_Fshq5NED1ABqP4Uk8PgQ_CHZZ_UMWPdpJLg046D3oZbkGsAkfwKTDyOG9s03b-X3A5qq1pE0ntZhGtdIKLNWFHT8u9lkvohsMR2hTSku3FrVYQUh34BdU56igBcPyurzupL74SvK6eq_TA0aXAAb6iP9ZqAOvkGfVgxThJmB8qwtVTVr34r7Nv3NSskWE8xBJjRLmLKslsiW2MHJijtNESDBbvIa5FtQQWZ7mc9eQjyKGXYpF7C11Lo77YvGMt4NX1KgbtsaukPh9dchNxz72khandaTjiBsM0yW8wtL1V4u3Hf5JuLezWrcjgprcibfhxlJvA9jVClkL5spaMNCFi1TkI4-lT5i-jEv3HGiSx7uY6eEJboD5rdMsEe6hyTctKG2_ja-DCEifiubZ2QKolq1IeSrpdkpp7prSgNL8v8QC_mXSyncKGnXp2f33wel3bLRzGWJ5fsP6UjGP6izG7QjBqG4W7dH-e_gbKPWV8L48VrbaQm9SbvruEBHTUq7kJrLV0D5vBCcXNmnte9eUARscpMzN8oaqoyg5yMddYehe311WfKjXNHKSL1aohDz78U8rLUet-IwufPmLW0WG-aV2Q' \
-s | jq '.ocs.data.capabilities.password_policy'
{
"min_characters": 8,
"max_characters": 72,
"min_lowercase_characters": 1,
"min_uppercase_characters": 1,
"min_digits": 1,
"min_special_characters": 1
}
Note:
banned-password-list.txtnot deployed yet, see https://github.com/owncloud/ocis/pull/7315 , tracked in https://github.com/owncloud/ocis/issues/7724
@felix-schwarz I'd like to qualify with you next sprint… /cc @jesmrec
Now deployed on ocis.ocis-traefik.latest.owncloud.works âś…
- https://github.com/owncloud/ocis/pull/7784
(use password
ownCloud-1)
Request:
curl 'https://ocis.ocis-traefik.latest.owncloud.works/ocs/v1.php/apps/files_sharing/api/v1/shares' \
-X 'POST' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'Authorization: Bearer REDACTED' \
--data 'shareType=3
&path=%2Fds1117.pdf
&space_ref=cacb76de-3a4f-4423-83f4-5cf48c15a374%24de7457a8-b700-4632-9100-a2c9a3be0ae6!0723b3f9-d605-4ea4-9c27-cb92a05e8341
&permissions=1
&password=ownCloud-1
&name=Link'
Response:
<?xml version="1.0" encoding="UTF-8"?>
<ocs>
<meta>
<status>error</status>
<statuscode>400</statuscode>
<message>Unfortunately, your password is commonly used. please pick a harder-to-guess password for your safety</message>
</meta>
</ocs>