diff options
| author | Joas Schilling <coding@schilljs.com> | 2025-03-18 09:49:27 +0100 |
|---|---|---|
| committer | backportbot[bot] <backportbot[bot]@users.noreply.github.com> | 2025-03-18 09:16:33 +0000 |
| commit | 1b7b66e3af47d3cb490f0cd71392924ee1038648 (patch) | |
| tree | 70bbd7ef3afd52b805fdc1310b2ae5e849cb3370 | |
| parent | 3fb8933128b266ed3effb17d28b663f7988d27a6 (diff) | |
| download | nextcloud-server-1b7b66e3af47d3cb490f0cd71392924ee1038648.tar.gz nextcloud-server-1b7b66e3af47d3cb490f0cd71392924ee1038648.zip | |
fix(auth): Allow 2FA challenges for Ephemeral sessionsbackport/51544/stable29
Signed-off-by: Joas Schilling <coding@schilljs.com>
| -rw-r--r-- | lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php b/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php index d5c73b1f598..c30855a0e98 100644 --- a/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php +++ b/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php @@ -9,6 +9,7 @@ namespace OC\AppFramework\Middleware; use OC\AppFramework\Utility\ControllerMethodReflector; use OC\Core\Controller\ClientFlowLoginV2Controller; +use OC\Core\Controller\TwoFactorChallengeController; use OCP\AppFramework\Controller; use OCP\AppFramework\Http\Attribute\PublicPage; use OCP\AppFramework\Middleware; @@ -38,6 +39,10 @@ class FlowV2EphemeralSessionsMiddleware extends Middleware { return; } + if ($controller instanceof TwoFactorChallengeController) { + return; + } + $reflectionMethod = new ReflectionMethod($controller, $methodName); if (!empty($reflectionMethod->getAttributes(PublicPage::class))) { return; |