* Handle inconsistent OneDrive Personal driveId casing across multiple Microsoft Graph API Endpoints by ensuring that where ever there is a use of a driveId for a comparison, ensure the value to compare has been transformed to 'lowercase' to avoid the situation where Microsoft Graph API sends the driveId as 'lowercase' in one API response and 'UPPERCASE' in other responses.
* Revert back to v2.5.5 performSessionFileUpload() and apply minimal change for upload session offset handling to prevent desynchronisation on large files
* Add specific 403 handler for when the upload session URL itself expires
* Add 'file_fragment_size'
* Clean up debug logging output
* Add 'tempauth' to spelling words
* Update documentation URL's
* Ensure that on each fragment upload, whilst the application is using the 'tempauth' for session upload, the global OAuth2 token needs to be checked for validity and refreshed if required
* Add limit check for 'file_fragment_size' option
* Add to default 'config' file
* Update documentation for 'file_fragment_size'
* Add 'file_fragment_size' to --display-config output
* Add --file-fragment-size option to enable use via Docker option
* Add to manpage
* Update Docker entrypoint
* Update Docker | Podman documentation
* Update logging output to include connection method to URL
* Update Upload Session URL expiry update to include UTC and LocalTime values
* Update comment which was dropped / missed
* Clarify that this is the OAuth2 Access Token
* Clarify that the expiry timestamp is localTime
* Update PR with dynamic use of fragment size if fileSize > 100MiB
* Enforce multiple 320KiB for fragment size to align to Microsoft documentation
* Fix Docker entrypoint and confirm working for ONEDRIVE_FILE_FRAGMENT_SIZE
* Change 'defaultMaxFileFragmentSize' to 60
* Revise fragmentSize calculation to be as close to 60 MiB as possible without breaching Microsoft documented threshold
* Fix that when searching for a parent object online, if the object cannot be found, handle the 404 error response.
* If a 404 response is generated, we have no response JSON to process
* When a file fails to download, perform an additional test to ensure that the failed download does not exist on the local path, and if this does not exist, ensure that that identifiers used to download the file do not exist in the database.
* When attempting to create a folder online, generally if the folder is not online, this will generate a 404 error, indicating to this client that the folder must be created. However, if the client then attempts to create it, and this folder now exists, a 409 response is generated. Handle the 409 response better by then performing a re-query of the API for the previously failed attempt and save those details to the database.
* Update process by which selfBuiltPath is calculated, when using 'sync_list' in a --resync scenario against Shared Folders to avoid double adding the Shared Folder Name to the path
* When an online folder is deleted, then re-created with the same name, the folder 'id' changes. In normal circumstances this is not an issue, but when running the client at the same time, on two separate systems, despite the path being removed and re-created, the 2nd (and subsequent systems) fail to correctly handle this online change correctly as expected, thus, upload|download of data into this changed folder fails to occur. This PR changes the upsert() function to check for this corner case and correct the DB entry for the now updated item id online. This then avoids creating orphan DB records that breaks other functions that rely on correct DB record traversal.
* Catch unhandled OneDriveError exception when there is a SSL or disk space issue
* Add setDisableSSLVerifyPeer() and setEnableSSLVerifyPeer() functions, but ensure they are not used
* Correct warning messages from PR 3320
* Update allow.txt - add verifypeer
Adds support for Microsoft’s OAuth2 Device Authorisation Flow, enabling the client to authenticate using device and user codes on a second device. This is particularly useful for headless or limited-input environments where interactive browser login is not possible.
Includes:
- Initiating device code requests and displaying user instructions
- Polling token endpoint until user authorises the device or the code expires
- Error handling for pending, declined, and expired authorisation states
- Countdown display showing remaining authorisation window
This feature is enabled via the `use_device_auth` config option
Some filesystems (e.g. GCS FUSE, Samba, NFS) may fail or behave unpredictably when attempting to rename an open file. This update explicitly closes the file before calling rename(), ensuring cross-platform and cloud storage compatibility. The original scope(exit) remains as a fallback to guarantee cleanup.
* Adds support for calling `acquireTokenInteractively` and `acquireTokenSilently` via D-Bus
* Parses and handles the full `brokerTokenResponse` object returned by the Intune broker
* Stores and reuses `account` data to enable silent token refresh without repeated interactive authentication
* Ensures the access token and its expiry time are properly calculated and stored for consistent token management
* Fallback to interactive authentication is triggered if silent authentication fails
* Fix documentation around missing 'check_nosync' needing a --resync when enabling / disabling
* Fix documentation around missing 'skip_size' needing a --resync when enabling / disabling
* Validate 'check_nosync' and 'skip_size' when used as part of a config file to trigger --resync
* Validate 'check_nosync' and 'skip_size' when used as part of CLI to trigger --resync
* We can only set xattr values when not performing a --dry-run operation, as if we are doing --download-only --dry-run .. there is no file locally to set attributes on
* Dont blindly run safeBackup() if the online timestamp is newer. Only execute this if the local file hash is different. If the timestamp is different, correct the local timestamp
* Be consistent with logging output
* Update computeSha1Hash() , computeQuickXorHash() and computeSHA256Hash() to ensure that the file, if opened, is closed post read, on failure and on exit
