fix: update request token on two-factor pagesbackport/53564/stable31

Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>

[skip ci]

11 files changed, 75 insertions, 4 deletions

diff --git a/core/Controller/TwoFactorChallengeController.php b/core/Controller/TwoFactorChallengeController.php
index ef0f420fc82..4791139bb12 100644
--- a/core/Controller/TwoFactorChallengeController.php
+++ b/core/Controller/TwoFactorChallengeController.php
@@ -25,6 +25,7 @@ use OCP\IRequest;
 use OCP\ISession;
 use OCP\IURLGenerator;
 use OCP\IUserSession;
+use OCP\Util;
 use Psr\Log\LoggerInterface;
 
 #[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)]
@@ -89,6 +90,7 @@ class TwoFactorChallengeController extends Controller {
 			'logout_url' => $this->getLogoutUrl(),
 			'hasSetupProviders' => !empty($setupProviders),
 		];
+		Util::addScript('core', 'twofactor-request-token');
 		return new StandaloneTemplateResponse($this->appName, 'twofactorselectchallenge', $data, 'guest');
 	}
 
@@ -141,6 +143,7 @@ class TwoFactorChallengeController extends Controller {
 		if ($provider instanceof IProvidesCustomCSP) {
 			$response->setContentSecurityPolicy($provider->getCSP());
 		}
+		Util::addScript('core', 'twofactor-request-token');
 		return $response;
 	}
 
@@ -204,6 +207,7 @@ class TwoFactorChallengeController extends Controller {
 			'redirect_url' => $redirect_url,
 		];
 
+		Util::addScript('core', 'twofactor-request-token');
 		return new StandaloneTemplateResponse($this->appName, 'twofactorsetupselection', $data, 'guest');
 	}
 
@@ -235,6 +239,7 @@ class TwoFactorChallengeController extends Controller {
 			'template' => $tmpl->fetchPage(),
 		];
 		$response = new StandaloneTemplateResponse($this->appName, 'twofactorsetupchallenge', $data, 'guest');
+		Util::addScript('core', 'twofactor-request-token');
 		return $response;
 	}
 
diff --git a/core/src/twofactor-request-token.ts b/core/src/twofactor-request-token.ts
new file mode 100644
index 00000000000..868ceec01e9
--- /dev/null
+++ b/core/src/twofactor-request-token.ts
@@ -0,0 +1,25 @@
+/**
+ * SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+import { onRequestTokenUpdate } from '@nextcloud/auth'
+import { getBaseUrl } from '@nextcloud/router'
+
+document.addEventListener('DOMContentLoaded', () => {
+	onRequestTokenUpdate((token) => {
+		const cancelLink = window.document.getElementById('cancel-login')
+		if (!cancelLink) {
+			return
+		}
+
+		const href = cancelLink.getAttribute('href')
+		if (!href) {
+			return
+		}
+
+		const parsedHref = new URL(href, getBaseUrl())
+		parsedHref.searchParams.set('requesttoken', token)
+		cancelLink.setAttribute('href', parsedHref.pathname + parsedHref.search)
+	})
+})
diff --git a/core/templates/twofactorselectchallenge.php b/core/templates/twofactorselectchallenge.php
index 582f45d70e8..e783e2dd0fa 100644
--- a/core/templates/twofactorselectchallenge.php
+++ b/core/templates/twofactorselectchallenge.php
@@ -76,7 +76,7 @@ $noProviders = empty($_['providers']);
 		</a>
 	</p>
 	<?php endif; ?>
-	<p><a class="two-factor-secondary" href="<?php print_unescaped($_['logout_url']); ?>">
+	<p><a id="cancel-login" class="two-factor-secondary" href="<?php print_unescaped($_['logout_url']); ?>">
 		<?php p($l->t('Cancel login')) ?>
 	</a></p>
 </div>
diff --git a/core/templates/twofactorsetupchallenge.php b/core/templates/twofactorsetupchallenge.php
index 09a143f1100..c575ca21343 100644
--- a/core/templates/twofactorsetupchallenge.php
+++ b/core/templates/twofactorsetupchallenge.php
@@ -14,7 +14,7 @@ $template = $_['template'];
 <div class="body-login-container update">
 	<h2 class="two-factor-header"><?php p($provider->getDisplayName()); ?></h2>
 	<?php print_unescaped($template); ?>
-	<p><a class="two-factor-secondary" href="<?php print_unescaped($_['logout_url']); ?>">
+	<p><a id="cancel-login" class="two-factor-secondary" href="<?php print_unescaped($_['logout_url']); ?>">
 			<?php p($l->t('Cancel login')) ?>
 	</a></p>
 </div>
diff --git a/core/templates/twofactorsetupselection.php b/core/templates/twofactorsetupselection.php
index 9633e1faacb..2f817cea7b9 100644
--- a/core/templates/twofactorsetupselection.php
+++ b/core/templates/twofactorsetupselection.php
@@ -35,7 +35,7 @@ declare(strict_types=1);
 		</li>
 	<?php endforeach; ?>
 	</ul>
-	<p><a class="two-factor-secondary" href="<?php print_unescaped($_['logout_url']); ?>">
+	<p><a id="cancel-login" class="two-factor-secondary" href="<?php print_unescaped($_['logout_url']); ?>">
 		<?php p($l->t('Cancel login')) ?>
 	</a></p>
 </div>
diff --git a/core/templates/twofactorshowchallenge.php b/core/templates/twofactorshowchallenge.php
index 16f4390f177..de6719aaaae 100644
--- a/core/templates/twofactorshowchallenge.php
+++ b/core/templates/twofactorshowchallenge.php
@@ -38,7 +38,7 @@ $template = $_['template'];
 		</a>
 	</p>
 	<?php endif; ?>
-	<p><a class="two-factor-secondary" href="<?php print_unescaped($_['logout_url']); ?>">
+	<p><a id="cancel-login" class="two-factor-secondary" href="<?php print_unescaped($_['logout_url']); ?>">
 		<?php p($l->t('Cancel login')) ?>
 	</a></p>
 </div>
diff --git a/dist/core-twofactor-request-token.js b/dist/core-twofactor-request-token.js
new file mode 100644
index 00000000000..dfbbb7a5975
--- /dev/null
+++ b/dist/core-twofactor-request-token.js
@@ -0,0 +1,2 @@
+(()=>{"use strict";var e,r={28798:(e,r,t)=>{var o=t(21777),n=t(63814);document.addEventListener("DOMContentLoaded",(()=>{(0,o.zo)((e=>{const r=window.document.getElementById("cancel-login");if(!r)return;const t=r.getAttribute("href");if(!t)return;const o=new URL(t,(0,n.$_)());o.searchParams.set("requesttoken",e),r.setAttribute("href",o.pathname+o.search)}))}))}},t={};function o(e){var n=t[e];if(void 0!==n)return n.exports;var i=t[e]={id:e,loaded:!1,exports:{}};return r[e].call(i.exports,i,i.exports,o),i.loaded=!0,i.exports}o.m=r,e=[],o.O=(r,t,n,i)=>{if(!t){var a=1/0;for(u=0;u<e.length;u++){t=e[u][0],n=e[u][1],i=e[u][2];for(var l=!0,d=0;d<t.length;d++)(!1&i||a>=i)&&Object.keys(o.O).every((e=>o.O[e](t[d])))?t.splice(d--,1):(l=!1,i<a&&(a=i));if(l){e.splice(u--,1);var s=n();void 0!==s&&(r=s)}}return r}i=i||0;for(var u=e.length;u>0&&e[u-1][2]>i;u--)e[u]=e[u-1];e[u]=[t,n,i]},o.n=e=>{var r=e&&e.__esModule?()=>e.default:()=>e;return o.d(r,{a:r}),r},o.d=(e,r)=>{for(var t in r)o.o(r,t)&&!o.o(e,t)&&Object.defineProperty(e,t,{enumerable:!0,get:r[t]})},o.e=()=>Promise.resolve(),o.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}(),o.o=(e,r)=>Object.prototype.hasOwnProperty.call(e,r),o.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},o.nmd=e=>(e.paths=[],e.children||(e.children=[]),e),o.j=2138,(()=>{o.b=document.baseURI||self.location.href;var e={2138:0};o.O.j=r=>0===e[r];var r=(r,t)=>{var n,i,a=t[0],l=t[1],d=t[2],s=0;if(a.some((r=>0!==e[r]))){for(n in l)o.o(l,n)&&(o.m[n]=l[n]);if(d)var u=d(o)}for(r&&r(t);s<a.length;s++)i=a[s],o.o(e,i)&&e[i]&&e[i][0](),e[i]=0;return o.O(u)},t=self.webpackChunknextcloud=self.webpackChunknextcloud||[];t.forEach(r.bind(null,0)),t.push=r.bind(null,t.push.bind(t))})(),o.nc=void 0;var n=o.O(void 0,[4208],(()=>o(28798)));n=o.O(n)})();
+//# sourceMappingURL=core-twofactor-request-token.js.map?v=4553367a21c16997c57f
\ No newline at end of file
diff --git a/dist/core-twofactor-request-token.js.license b/dist/core-twofactor-request-token.js.license
new file mode 100644
index 00000000000..f177814e8de
--- /dev/null
+++ b/dist/core-twofactor-request-token.js.license
@@ -0,0 +1,36 @@
+SPDX-License-Identifier: MIT
+SPDX-License-Identifier: ISC
+SPDX-License-Identifier: GPL-3.0-or-later
+SPDX-License-Identifier: AGPL-3.0-or-later
+SPDX-FileCopyrightText: Tobias Koppers @sokra
+SPDX-FileCopyrightText: Roman Shtylman <shtylman@gmail.com>
+SPDX-FileCopyrightText: Nextcloud GmbH and Nextcloud contributors
+SPDX-FileCopyrightText: GitHub Inc.
+SPDX-FileCopyrightText: Christoph Wurst
+
+
+This file is generated from multiple sources. Included packages:
+- @nextcloud/auth
+	- version: 2.5.1
+	- license: GPL-3.0-or-later
+- @nextcloud/browser-storage
+	- version: 0.4.0
+	- license: GPL-3.0-or-later
+- semver
+	- version: 7.6.3
+	- license: ISC
+- @nextcloud/event-bus
+	- version: 3.3.2
+	- license: GPL-3.0-or-later
+- @nextcloud/router
+	- version: 3.0.1
+	- license: GPL-3.0-or-later
+- process
+	- version: 0.11.10
+	- license: MIT
+- webpack
+	- version: 5.99.9
+	- license: MIT
+- nextcloud
+	- version: 1.0.0
+	- license: AGPL-3.0-or-later
diff --git a/dist/core-twofactor-request-token.js.map b/dist/core-twofactor-request-token.js.map
new file mode 100644
index 00000000000..ed7fbc52287
--- /dev/null
+++ b/dist/core-twofactor-request-token.js.map
@@ -0,0 +1 @@
+{"version":3,"file":"core-twofactor-request-token.js?v=4553367a21c16997c57f","mappings":"uBAAIA,E,6CCMJC,SAASC,iBAAiB,oBAAoB,MAC1CC,EAAAA,EAAAA,KAAsBC,IAClB,MAAMC,EAAaC,OAAOL,SAASM,eAAe,gBAClD,IAAKF,EACD,OAEJ,MAAMG,EAAOH,EAAWI,aAAa,QACrC,IAAKD,EACD,OAEJ,MAAME,EAAa,IAAIC,IAAIH,GAAMI,EAAAA,EAAAA,OACjCF,EAAWG,aAAaC,IAAI,eAAgBV,GAC5CC,EAAWU,aAAa,OAAQL,EAAWM,SAAWN,EAAWO,OAAO,GAC1E,G,GClBFC,EAA2B,CAAC,EAGhC,SAASC,EAAoBC,GAE5B,IAAIC,EAAeH,EAAyBE,GAC5C,QAAqBE,IAAjBD,EACH,OAAOA,EAAaE,QAGrB,IAAIC,EAASN,EAAyBE,GAAY,CACjDK,GAAIL,EACJM,QAAQ,EACRH,QAAS,CAAC,GAUX,OANAI,EAAoBP,GAAUQ,KAAKJ,EAAOD,QAASC,EAAQA,EAAOD,QAASJ,GAG3EK,EAAOE,QAAS,EAGTF,EAAOD,OACf,CAGAJ,EAAoBU,EAAIF,EF5BpB3B,EAAW,GACfmB,EAAoBW,EAAI,CAACC,EAAQC,EAAUC,EAAIC,KAC9C,IAAGF,EAAH,CAMA,IAAIG,EAAeC,IACnB,IAASC,EAAI,EAAGA,EAAIrC,EAASsC,OAAQD,IAAK,CACrCL,EAAWhC,EAASqC,GAAG,GACvBJ,EAAKjC,EAASqC,GAAG,GACjBH,EAAWlC,EAASqC,GAAG,GAE3B,IAJA,IAGIE,GAAY,EACPC,EAAI,EAAGA,EAAIR,EAASM,OAAQE,MACpB,EAAXN,GAAsBC,GAAgBD,IAAaO,OAAOC,KAAKvB,EAAoBW,GAAGa,OAAOC,GAASzB,EAAoBW,EAAEc,GAAKZ,EAASQ,MAC9IR,EAASa,OAAOL,IAAK,IAErBD,GAAY,EACTL,EAAWC,IAAcA,EAAeD,IAG7C,GAAGK,EAAW,CACbvC,EAAS6C,OAAOR,IAAK,GACrB,IAAIS,EAAIb,SACEX,IAANwB,IAAiBf,EAASe,EAC/B,CACD,CACA,OAAOf,CArBP,CAJCG,EAAWA,GAAY,EACvB,IAAI,IAAIG,EAAIrC,EAASsC,OAAQD,EAAI,GAAKrC,EAASqC,EAAI,GAAG,GAAKH,EAAUG,IAAKrC,EAASqC,GAAKrC,EAASqC,EAAI,GACrGrC,EAASqC,GAAK,CAACL,EAAUC,EAAIC,EAuBjB,EG3Bdf,EAAoB4B,EAAKvB,IACxB,IAAIwB,EAASxB,GAAUA,EAAOyB,WAC7B,IAAOzB,EAAiB,QACxB,IAAM,EAEP,OADAL,EAAoB+B,EAAEF,EAAQ,CAAEG,EAAGH,IAC5BA,CAAM,ECLd7B,EAAoB+B,EAAI,CAAC3B,EAAS6B,KACjC,IAAI,IAAIR,KAAOQ,EACXjC,EAAoBkC,EAAED,EAAYR,KAASzB,EAAoBkC,EAAE9B,EAASqB,IAC5EH,OAAOa,eAAe/B,EAASqB,EAAK,CAAEW,YAAY,EAAMC,IAAKJ,EAAWR,IAE1E,ECHDzB,EAAoBsC,EAAI,IAAOC,QAAQC,UCHvCxC,EAAoByC,EAAI,WACvB,GAA0B,iBAAfC,WAAyB,OAAOA,WAC3C,IACC,OAAOC,MAAQ,IAAIC,SAAS,cAAb,EAChB,CAAE,MAAON,GACR,GAAsB,iBAAXnD,OAAqB,OAAOA,MACxC,CACA,CAPuB,GCAxBa,EAAoBkC,EAAI,CAACW,EAAKC,IAAUxB,OAAOyB,UAAUC,eAAevC,KAAKoC,EAAKC,GCClF9C,EAAoB2B,EAAKvB,IACH,oBAAX6C,QAA0BA,OAAOC,aAC1C5B,OAAOa,eAAe/B,EAAS6C,OAAOC,YAAa,CAAEC,MAAO,WAE7D7B,OAAOa,eAAe/B,EAAS,aAAc,CAAE+C,OAAO,GAAO,ECL9DnD,EAAoBoD,IAAO/C,IAC1BA,EAAOgD,MAAQ,GACVhD,EAAOiD,WAAUjD,EAAOiD,SAAW,IACjCjD,GCHRL,EAAoBqB,EAAI,K,MCAxBrB,EAAoBuD,EAAIzE,SAAS0E,SAAWC,KAAKC,SAASrE,KAK1D,IAAIsE,EAAkB,CACrB,KAAM,GAaP3D,EAAoBW,EAAEU,EAAKuC,GAA0C,IAA7BD,EAAgBC,GAGxD,IAAIC,EAAuB,CAACC,EAA4BC,KACvD,IAKI9D,EAAU2D,EALV/C,EAAWkD,EAAK,GAChBC,EAAcD,EAAK,GACnBE,EAAUF,EAAK,GAGI7C,EAAI,EAC3B,GAAGL,EAASqD,MAAM5D,GAAgC,IAAxBqD,EAAgBrD,KAAa,CACtD,IAAIL,KAAY+D,EACZhE,EAAoBkC,EAAE8B,EAAa/D,KACrCD,EAAoBU,EAAET,GAAY+D,EAAY/D,IAGhD,GAAGgE,EAAS,IAAIrD,EAASqD,EAAQjE,EAClC,CAEA,IADG8D,GAA4BA,EAA2BC,GACrD7C,EAAIL,EAASM,OAAQD,IACzB0C,EAAU/C,EAASK,GAChBlB,EAAoBkC,EAAEyB,EAAiBC,IAAYD,EAAgBC,IACrED,EAAgBC,GAAS,KAE1BD,EAAgBC,GAAW,EAE5B,OAAO5D,EAAoBW,EAAEC,EAAO,EAGjCuD,EAAqBV,KAA4B,sBAAIA,KAA4B,uBAAK,GAC1FU,EAAmBC,QAAQP,EAAqBQ,KAAK,KAAM,IAC3DF,EAAmBG,KAAOT,EAAqBQ,KAAK,KAAMF,EAAmBG,KAAKD,KAAKF,G,KClDvFnE,EAAoBuE,QAAKpE,ECGzB,IAAIqE,EAAsBxE,EAAoBW,OAAER,EAAW,CAAC,OAAO,IAAOH,EAAoB,SAC9FwE,EAAsBxE,EAAoBW,EAAE6D,E","sources":["webpack:///nextcloud/webpack/runtime/chunk loaded","webpack:///nextcloud/core/src/twofactor-request-token.ts","webpack:///nextcloud/webpack/bootstrap","webpack:///nextcloud/webpack/runtime/compat get default export","webpack:///nextcloud/webpack/runtime/define property getters","webpack:///nextcloud/webpack/runtime/ensure chunk","webpack:///nextcloud/webpack/runtime/global","webpack:///nextcloud/webpack/runtime/hasOwnProperty shorthand","webpack:///nextcloud/webpack/runtime/make namespace object","webpack:///nextcloud/webpack/runtime/node module decorator","webpack:///nextcloud/webpack/runtime/runtimeId","webpack:///nextcloud/webpack/runtime/jsonp chunk loading","webpack:///nextcloud/webpack/runtime/nonce","webpack:///nextcloud/webpack/startup"],"sourcesContent":["var deferred = [];\n__webpack_require__.O = (result, chunkIds, fn, priority) => {\n\tif(chunkIds) {\n\t\tpriority = priority || 0;\n\t\tfor(var i = deferred.length; i > 0 && deferred[i - 1][2] > priority; i--) deferred[i] = deferred[i - 1];\n\t\tdeferred[i] = [chunkIds, fn, priority];\n\t\treturn;\n\t}\n\tvar notFulfilled = Infinity;\n\tfor (var i = 0; i < deferred.length; i++) {\n\t\tvar chunkIds = deferred[i][0];\n\t\tvar fn = deferred[i][1];\n\t\tvar priority = deferred[i][2];\n\t\tvar fulfilled = true;\n\t\tfor (var j = 0; j < chunkIds.length; j++) {\n\t\t\tif ((priority & 1 === 0 || notFulfilled >= priority) && Object.keys(__webpack_require__.O).every((key) => (__webpack_require__.O[key](chunkIds[j])))) {\n\t\t\t\tchunkIds.splice(j--, 1);\n\t\t\t} else {\n\t\t\t\tfulfilled = false;\n\t\t\t\tif(priority < notFulfilled) notFulfilled = priority;\n\t\t\t}\n\t\t}\n\t\tif(fulfilled) {\n\t\t\tdeferred.splice(i--, 1)\n\t\t\tvar r = fn();\n\t\t\tif (r !== undefined) result = r;\n\t\t}\n\t}\n\treturn result;\n};","/**\n * SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors\n * SPDX-License-Identifier: AGPL-3.0-or-later\n */\nimport { onRequestTokenUpdate } from '@nextcloud/auth';\nimport { getBaseUrl } from '@nextcloud/router';\ndocument.addEventListener('DOMContentLoaded', () => {\n    onRequestTokenUpdate((token) => {\n        const cancelLink = window.document.getElementById('cancel-login');\n        if (!cancelLink) {\n            return;\n        }\n        const href = cancelLink.getAttribute('href');\n        if (!href) {\n            return;\n        }\n        const parsedHref = new URL(href, getBaseUrl());\n        parsedHref.searchParams.set('requesttoken', token);\n        cancelLink.setAttribute('href', parsedHref.pathname + parsedHref.search);\n    });\n});\n","// The module cache\nvar __webpack_module_cache__ = {};\n\n// The require function\nfunction __webpack_require__(moduleId) {\n\t// Check if module is in cache\n\tvar cachedModule = __webpack_module_cache__[moduleId];\n\tif (cachedModule !== undefined) {\n\t\treturn cachedModule.exports;\n\t}\n\t// Create a new module (and put it into the cache)\n\tvar module = __webpack_module_cache__[moduleId] = {\n\t\tid: moduleId,\n\t\tloaded: false,\n\t\texports: {}\n\t};\n\n\t// Execute the module function\n\t__webpack_modules__[moduleId].call(module.exports, module, module.exports, __webpack_require__);\n\n\t// Flag the module as loaded\n\tmodule.loaded = true;\n\n\t// Return the exports of the module\n\treturn module.exports;\n}\n\n// expose the modules object (__webpack_modules__)\n__webpack_require__.m = __webpack_modules__;\n\n","// getDefaultExport function for compatibility with non-harmony modules\n__webpack_require__.n = (module) => {\n\tvar getter = module && module.__esModule ?\n\t\t() => (module['default']) :\n\t\t() => (module);\n\t__webpack_require__.d(getter, { a: getter });\n\treturn getter;\n};","// define getter functions for harmony exports\n__webpack_require__.d = (exports, definition) => {\n\tfor(var key in definition) {\n\t\tif(__webpack_require__.o(definition, key) && !__webpack_require__.o(exports, key)) {\n\t\t\tObject.defineProperty(exports, key, { enumerable: true, get: definition[key] });\n\t\t}\n\t}\n};","// The chunk loading function for additional chunks\n// Since all referenced chunks are already included\n// in this file, this function is empty here.\n__webpack_require__.e = () => (Promise.resolve());","__webpack_require__.g = (function() {\n\tif (typeof globalThis === 'object') return globalThis;\n\ttry {\n\t\treturn this || new Function('return this')();\n\t} catch (e) {\n\t\tif (typeof window === 'object') return window;\n\t}\n})();","__webpack_require__.o = (obj, prop) => (Object.prototype.hasOwnProperty.call(obj, prop))","// define __esModule on exports\n__webpack_require__.r = (exports) => {\n\tif(typeof Symbol !== 'undefined' && Symbol.toStringTag) {\n\t\tObject.defineProperty(exports, Symbol.toStringTag, { value: 'Module' });\n\t}\n\tObject.defineProperty(exports, '__esModule', { value: true });\n};","__webpack_require__.nmd = (module) => {\n\tmodule.paths = [];\n\tif (!module.children) module.children = [];\n\treturn module;\n};","__webpack_require__.j = 2138;","__webpack_require__.b = document.baseURI || self.location.href;\n\n// object to store loaded and loading chunks\n// undefined = chunk not loaded, null = chunk preloaded/prefetched\n// [resolve, reject, Promise] = chunk loading, 0 = chunk loaded\nvar installedChunks = {\n\t2138: 0\n};\n\n// no chunk on demand loading\n\n// no prefetching\n\n// no preloaded\n\n// no HMR\n\n// no HMR manifest\n\n__webpack_require__.O.j = (chunkId) => (installedChunks[chunkId] === 0);\n\n// install a JSONP callback for chunk loading\nvar webpackJsonpCallback = (parentChunkLoadingFunction, data) => {\n\tvar chunkIds = data[0];\n\tvar moreModules = data[1];\n\tvar runtime = data[2];\n\t// add \"moreModules\" to the modules object,\n\t// then flag all \"chunkIds\" as loaded and fire callback\n\tvar moduleId, chunkId, i = 0;\n\tif(chunkIds.some((id) => (installedChunks[id] !== 0))) {\n\t\tfor(moduleId in moreModules) {\n\t\t\tif(__webpack_require__.o(moreModules, moduleId)) {\n\t\t\t\t__webpack_require__.m[moduleId] = moreModules[moduleId];\n\t\t\t}\n\t\t}\n\t\tif(runtime) var result = runtime(__webpack_require__);\n\t}\n\tif(parentChunkLoadingFunction) parentChunkLoadingFunction(data);\n\tfor(;i < chunkIds.length; i++) {\n\t\tchunkId = chunkIds[i];\n\t\tif(__webpack_require__.o(installedChunks, chunkId) && installedChunks[chunkId]) {\n\t\t\tinstalledChunks[chunkId][0]();\n\t\t}\n\t\tinstalledChunks[chunkId] = 0;\n\t}\n\treturn __webpack_require__.O(result);\n}\n\nvar chunkLoadingGlobal = self[\"webpackChunknextcloud\"] = self[\"webpackChunknextcloud\"] || [];\nchunkLoadingGlobal.forEach(webpackJsonpCallback.bind(null, 0));\nchunkLoadingGlobal.push = webpackJsonpCallback.bind(null, chunkLoadingGlobal.push.bind(chunkLoadingGlobal));","__webpack_require__.nc = undefined;","// startup\n// Load entry module and return exports\n// This entry module depends on other loaded chunks and execution need to be delayed\nvar __webpack_exports__ = __webpack_require__.O(undefined, [4208], () => (__webpack_require__(28798)))\n__webpack_exports__ = __webpack_require__.O(__webpack_exports__);\n"],"names":["deferred","document","addEventListener","onRequestTokenUpdate","token","cancelLink","window","getElementById","href","getAttribute","parsedHref","URL","getBaseUrl","searchParams","set","setAttribute","pathname","search","__webpack_module_cache__","__webpack_require__","moduleId","cachedModule","undefined","exports","module","id","loaded","__webpack_modules__","call","m","O","result","chunkIds","fn","priority","notFulfilled","Infinity","i","length","fulfilled","j","Object","keys","every","key","splice","r","n","getter","__esModule","d","a","definition","o","defineProperty","enumerable","get","e","Promise","resolve","g","globalThis","this","Function","obj","prop","prototype","hasOwnProperty","Symbol","toStringTag","value","nmd","paths","children","b","baseURI","self","location","installedChunks","chunkId","webpackJsonpCallback","parentChunkLoadingFunction","data","moreModules","runtime","some","chunkLoadingGlobal","forEach","bind","push","nc","__webpack_exports__"],"sourceRoot":""}
\ No newline at end of file
diff --git a/dist/core-twofactor-request-token.js.map.license b/dist/core-twofactor-request-token.js.map.license
new file mode 120000
index 00000000000..25a77f322b0
--- /dev/null
+++ b/dist/core-twofactor-request-token.js.map.license
@@ -0,0 +1 @@
+core-twofactor-request-token.js.license
\ No newline at end of file
diff --git a/webpack.modules.js b/webpack.modules.js
index 13ceea2b0cf..3aed96cbf72 100644
--- a/webpack.modules.js
+++ b/webpack.modules.js
@@ -26,6 +26,7 @@ module.exports = {
 		'unsupported-browser': path.join(__dirname, 'core/src', 'unsupported-browser.js'),
 		'unsupported-browser-redirect': path.join(__dirname, 'core/src', 'unsupported-browser-redirect.js'),
 		public: path.join(__dirname, 'core/src', 'public.ts'),
+		'twofactor-request-token': path.join(__dirname, 'core/src', 'twofactor-request-token.ts'),
 	},
 	dashboard: {
 		main: path.join(__dirname, 'apps/dashboard/src', 'main.js'),