if ($this->userSession->isLoggedIn()) {
$user = $this->userSession->getUser();
- if ($this->session->exists('app_password') || $this->twoFactorManager->isTwoFactorAuthenticated($user)) {
+ if ($this->session->exists('app_password') // authenticated using an app password
+ || $this->session->exists('app_api') // authenticated using an AppAPI Auth
+ || $this->twoFactorManager->isTwoFactorAuthenticated($user)) {
+
$this->checkTwoFactor($controller, $methodName, $user);
} elseif ($controller instanceof TwoFactorChallengeController) {
// Allow access to the two-factor controllers only if two-factor authentication
return false;
}
- // If we are authenticated using an app password skip all this
- if ($this->session->exists('app_password')) {
+ // If we are authenticated using an app password or AppAPI Auth, skip all this
+ if ($this->session->exists('app_password') || $this->session->get('app_api') === true) {
return false;
}
return false;
} elseif ($var === 'app_password') {
return false;
+ } elseif ($var === 'app_api') {
+ return false;
}
return true;
});
+ $this->session->method('get')
+ ->willReturnCallback(function ($var) {
+ if ($var === Manager::SESSION_UID_KEY) {
+ return 'user';
+ } elseif ($var === 'app_api') {
+ return true;
+ }
+ return null;
+ });
$this->session->expects($this->once())
->method('get')
- ->with(Manager::SESSION_UID_DONE)
- ->willReturn('user');
+ ->willReturnMap([
+ [Manager::SESSION_UID_DONE, 'user'],
+ ['app_api', true]
+ ]);
$this->assertFalse($this->manager->needsSecondFactor($user));
}
public function testNeedsSecondFactorAppPassword() {
$user = $this->createMock(IUser::class);
$this->session->method('exists')
- ->with('app_password')
- ->willReturn(true);
+ ->willReturnMap([
+ ['app_password', true],
+ ['app_api', true]
+ ]);
$this->assertFalse($this->manager->needsSecondFactor($user));
}