summaryrefslogtreecommitdiffstats
path: root/apps/dav
diff options
context:
space:
mode:
authorJoas Schilling <coding@schilljs.com>2016-08-26 16:03:05 +0200
committerGitHub <noreply@github.com>2016-08-26 16:03:05 +0200
commit89c78bbce48ccd75e42245bf1d92910c50e2648f (patch)
tree7362a768fc265e36cc5f97e2459622d399962595 /apps/dav
parentc20aef87956ce0cc442d809f417f40d61bcd1485 (diff)
parent6af2efb67931863b27d96c74cdff1d2ca2615e52 (diff)
downloadnextcloud-server-89c78bbce48ccd75e42245bf1d92910c50e2648f.tar.gz
nextcloud-server-89c78bbce48ccd75e42245bf1d92910c50e2648f.zip
Merge pull request #1031 from nextcloud/2fa-infinite-redirect-loop
prevent infinite redirect loops if the there is no 2fa provider to pass
Diffstat (limited to 'apps/dav')
-rw-r--r--apps/dav/lib/Connector/Sabre/Auth.php2
-rw-r--r--apps/dav/tests/unit/Connector/Sabre/AuthTest.php3
2 files changed, 3 insertions, 2 deletions
diff --git a/apps/dav/lib/Connector/Sabre/Auth.php b/apps/dav/lib/Connector/Sabre/Auth.php
index bd80b17b640..a35eed88073 100644
--- a/apps/dav/lib/Connector/Sabre/Auth.php
+++ b/apps/dav/lib/Connector/Sabre/Auth.php
@@ -224,7 +224,7 @@ class Auth extends AbstractBasic {
if($forcedLogout) {
$this->userSession->logout();
} else {
- if ($this->twoFactorManager->needsSecondFactor()) {
+ if($this->twoFactorManager->needsSecondFactor($this->userSession->getUser())) {
throw new \Sabre\DAV\Exception\NotAuthenticated('2FA challenge not passed.');
}
if (\OC_User::handleApacheAuth() ||
diff --git a/apps/dav/tests/unit/Connector/Sabre/AuthTest.php b/apps/dav/tests/unit/Connector/Sabre/AuthTest.php
index 6262407eb95..8d77fc03a8d 100644
--- a/apps/dav/tests/unit/Connector/Sabre/AuthTest.php
+++ b/apps/dav/tests/unit/Connector/Sabre/AuthTest.php
@@ -374,6 +374,7 @@ class AuthTest extends TestCase {
->willReturn(true);
$this->twoFactorManager->expects($this->once())
->method('needsSecondFactor')
+ ->with($user)
->will($this->returnValue(true));
$this->auth->check($request, $response);
}
@@ -658,7 +659,7 @@ class AuthTest extends TestCase {
->method('getUID')
->will($this->returnValue('MyTestUser'));
$this->userSession
- ->expects($this->exactly(3))
+ ->expects($this->exactly(4))
->method('getUser')
->will($this->returnValue($user));
$response = $this->auth->check($server->httpRequest, $server->httpResponse);