From 9ca0e7905c24f18ed246e65397589f0f41b50506 Mon Sep 17 00:00:00 2001
From: zeripath <art27@cantab.net>
Date: Fri, 10 Sep 2021 17:37:57 +0100
Subject: Add setting to OAuth handlers to skip local 2FA authentication
 (#16594)

This PR adds a setting to OAuth and OpenID login sources to allow the source to
skip local 2FA authentication.

Fix #13939

Signed-off-by: Andrew Thornton <art27@cantab.net>
---
 cmd/admin.go | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'cmd')

diff --git a/cmd/admin.go b/cmd/admin.go
index 94e78186c9..cfc297c474 100644
--- a/cmd/admin.go
+++ b/cmd/admin.go
@@ -288,6 +288,10 @@ var (
 			Value: "",
 			Usage: "Custom icon URL for OAuth2 login source",
 		},
+		cli.BoolFlag{
+			Name:  "skip-local-2fa",
+			Usage: "Set to true to skip local 2fa for users authenticated by this source",
+		},
 	}
 
 	microcmdAuthUpdateOauth = cli.Command{
@@ -616,6 +620,7 @@ func parseOAuth2Config(c *cli.Context) *oauth2.Source {
 		OpenIDConnectAutoDiscoveryURL: c.String("auto-discover-url"),
 		CustomURLMapping:              customURLMapping,
 		IconURL:                       c.String("icon-url"),
+		SkipLocalTwoFA:                c.Bool("skip-local-2fa"),
 	}
 }
 
-- 
cgit v1.2.3