diff options
author | Joas Schilling <coding@schilljs.com> | 2016-08-26 16:03:05 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2016-08-26 16:03:05 +0200 |
commit | 89c78bbce48ccd75e42245bf1d92910c50e2648f (patch) | |
tree | 7362a768fc265e36cc5f97e2459622d399962595 /apps/dav | |
parent | c20aef87956ce0cc442d809f417f40d61bcd1485 (diff) | |
parent | 6af2efb67931863b27d96c74cdff1d2ca2615e52 (diff) | |
download | nextcloud-server-89c78bbce48ccd75e42245bf1d92910c50e2648f.tar.gz nextcloud-server-89c78bbce48ccd75e42245bf1d92910c50e2648f.zip |
Merge pull request #1031 from nextcloud/2fa-infinite-redirect-loop
prevent infinite redirect loops if the there is no 2fa provider to pass
Diffstat (limited to 'apps/dav')
-rw-r--r-- | apps/dav/lib/Connector/Sabre/Auth.php | 2 | ||||
-rw-r--r-- | apps/dav/tests/unit/Connector/Sabre/AuthTest.php | 3 |
2 files changed, 3 insertions, 2 deletions
diff --git a/apps/dav/lib/Connector/Sabre/Auth.php b/apps/dav/lib/Connector/Sabre/Auth.php index bd80b17b640..a35eed88073 100644 --- a/apps/dav/lib/Connector/Sabre/Auth.php +++ b/apps/dav/lib/Connector/Sabre/Auth.php @@ -224,7 +224,7 @@ class Auth extends AbstractBasic { if($forcedLogout) { $this->userSession->logout(); } else { - if ($this->twoFactorManager->needsSecondFactor()) { + if($this->twoFactorManager->needsSecondFactor($this->userSession->getUser())) { throw new \Sabre\DAV\Exception\NotAuthenticated('2FA challenge not passed.'); } if (\OC_User::handleApacheAuth() || diff --git a/apps/dav/tests/unit/Connector/Sabre/AuthTest.php b/apps/dav/tests/unit/Connector/Sabre/AuthTest.php index 6262407eb95..8d77fc03a8d 100644 --- a/apps/dav/tests/unit/Connector/Sabre/AuthTest.php +++ b/apps/dav/tests/unit/Connector/Sabre/AuthTest.php @@ -374,6 +374,7 @@ class AuthTest extends TestCase { ->willReturn(true); $this->twoFactorManager->expects($this->once()) ->method('needsSecondFactor') + ->with($user) ->will($this->returnValue(true)); $this->auth->check($request, $response); } @@ -658,7 +659,7 @@ class AuthTest extends TestCase { ->method('getUID') ->will($this->returnValue('MyTestUser')); $this->userSession - ->expects($this->exactly(3)) + ->expects($this->exactly(4)) ->method('getUser') ->will($this->returnValue($user)); $response = $this->auth->check($server->httpRequest, $server->httpResponse); |