diff options
| author | Cornelius Kölbel <cornelius.koelbel@netknights.it> | 2016-11-14 15:39:19 +0100 |
|---|---|---|
| committer | Roeland Jago Douma <roeland@famdouma.nl> | 2017-01-11 11:01:52 +0100 |
| commit | e077e01bf2f2ead37c664e6e1f7339bb3a1d7f85 (patch) | |
| tree | b168d6b39ab009421fe5b69e4b895b8a18e853b3 /core/Controller | |
| parent | c4e51fd0557728a18a689d1160e00a09dfc6e789 (diff) | |
| download | nextcloud-server-e077e01bf2f2ead37c664e6e1f7339bb3a1d7f85.tar.gz nextcloud-server-e077e01bf2f2ead37c664e6e1f7339bb3a1d7f85.zip | |
Add a TwoFactorException
A Two Factor third party App may throw a TwoFactorException()
with a more detailed error message in case the authentication fails.
The 2FA Controller will then display the message of this Exception
to the user.
Working on #26593
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Diffstat (limited to 'core/Controller')
| -rw-r--r-- | core/Controller/TwoFactorChallengeController.php | 23 |
1 files changed, 19 insertions, 4 deletions
diff --git a/core/Controller/TwoFactorChallengeController.php b/core/Controller/TwoFactorChallengeController.php index 34f0092bea8..13c87b7b0ab 100644 --- a/core/Controller/TwoFactorChallengeController.php +++ b/core/Controller/TwoFactorChallengeController.php @@ -26,6 +26,7 @@ namespace OC\Core\Controller; use OC\Authentication\TwoFactorAuth\Manager; use OC_User; use OC_Util; +use OCP\Authentication\TwoFactorAuth\TwoFactorException; use OCP\AppFramework\Controller; use OCP\AppFramework\Http\RedirectResponse; use OCP\AppFramework\Http\TemplateResponse; @@ -115,9 +116,12 @@ class TwoFactorChallengeController extends Controller { $backupProvider = null; } + $error_message = ""; if ($this->session->exists('two_factor_auth_error')) { $this->session->remove('two_factor_auth_error'); $error = true; + $error_message = $this->session->get("two_factor_auth_error_message"); + $this->session->remove('two_factor_auth_error_message'); } else { $error = false; } @@ -125,6 +129,7 @@ class TwoFactorChallengeController extends Controller { $tmpl->assign('redirect_url', $redirect_url); $data = [ 'error' => $error, + 'error_message' => $error_message, 'provider' => $provider, 'backupProvider' => $backupProvider, 'logout_attribute' => $this->getLogoutAttribute(), @@ -151,11 +156,21 @@ class TwoFactorChallengeController extends Controller { return new RedirectResponse($this->urlGenerator->linkToRoute('core.TwoFactorChallenge.selectChallenge')); } - if ($this->twoFactorManager->verifyChallenge($challengeProviderId, $user, $challenge)) { - if (!is_null($redirect_url)) { - return new RedirectResponse($this->urlGenerator->getAbsoluteURL(urldecode($redirect_url))); + try { + if ($this->twoFactorManager->verifyChallenge($challengeProviderId, $user, $challenge)) { + if (!is_null($redirect_url)) { + return new RedirectResponse($this->urlGenerator->getAbsoluteURL(urldecode($redirect_url))); + } + return new RedirectResponse($this->urlGenerator->linkToRoute('files.view.index')); } - return new RedirectResponse(OC_Util::getDefaultPageUrl()); + } catch (TwoFactorException $e) { + /* + * The 2FA App threw an TwoFactorException. Now we display more + * information to the user. The exception text is stored in the + * session to be used in showChallenge() + */ + $this->session->set('two_factor_auth_error_message', + $e->getMessage()); } $this->session->set('two_factor_auth_error', true); |