diff options
| author | Christoph Wurst <christoph@winzerhof-wurst.at> | 2018-08-10 09:26:40 +0200 |
|---|---|---|
| committer | Christoph Wurst <christoph@winzerhof-wurst.at> | 2018-08-10 09:26:40 +0200 |
| commit | 1124b87bc0e7606e27c309615bb65d3d73d0a121 (patch) | |
| tree | 9a3e848e941521d5887f46a12f615ef3862760ab /lib/private/Authentication | |
| parent | 103a2c30fb29b0d0f026d56eaa58d50cb68323ed (diff) | |
| download | nextcloud-server-1124b87bc0e7606e27c309615bb65d3d73d0a121.tar.gz nextcloud-server-1124b87bc0e7606e27c309615bb65d3d73d0a121.zip | |
Fix 2FA being enforced if only backup codes provider is active
Fixes https://github.com/nextcloud/server/issues/10634.
Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
Diffstat (limited to 'lib/private/Authentication')
| -rw-r--r-- | lib/private/Authentication/TwoFactorAuth/Manager.php | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/lib/private/Authentication/TwoFactorAuth/Manager.php b/lib/private/Authentication/TwoFactorAuth/Manager.php index 0ee10ac0eff..6fa41897e1e 100644 --- a/lib/private/Authentication/TwoFactorAuth/Manager.php +++ b/lib/private/Authentication/TwoFactorAuth/Manager.php @@ -27,6 +27,8 @@ declare(strict_types = 1); namespace OC\Authentication\TwoFactorAuth; +use function array_diff; +use function array_filter; use BadMethodCallException; use Exception; use OC\Authentication\Exceptions\InvalidTokenException; @@ -47,6 +49,7 @@ class Manager { const SESSION_UID_KEY = 'two_factor_auth_uid'; const SESSION_UID_DONE = 'two_factor_auth_passed'; const REMEMBER_LOGIN = 'two_factor_remember_login'; + const BACKUP_CODES_PROVIDER_ID = 'backup_codes'; /** @var ProviderLoader */ private $providerLoader; @@ -76,9 +79,9 @@ class Manager { private $dispatcher; public function __construct(ProviderLoader $providerLoader, - IRegistry $providerRegistry, ISession $session, IConfig $config, - IManager $activityManager, ILogger $logger, TokenProvider $tokenProvider, - ITimeFactory $timeFactory, EventDispatcherInterface $eventDispatcher) { + IRegistry $providerRegistry, ISession $session, IConfig $config, + IManager $activityManager, ILogger $logger, TokenProvider $tokenProvider, + ITimeFactory $timeFactory, EventDispatcherInterface $eventDispatcher) { $this->providerLoader = $providerLoader; $this->session = $session; $this->config = $config; @@ -107,8 +110,10 @@ class Manager { $providers = $this->providerLoader->getProviders($user); $fixedStates = $this->fixMissingProviderStates($providerStates, $providers, $user); $enabled = array_filter($fixedStates); + $providerIds = array_keys($enabled); + $providerIdsWithoutBackupCodes = array_diff($providerIds, [self::BACKUP_CODES_PROVIDER_ID]); - return $twoFactorEnabled && !empty($enabled); + return $twoFactorEnabled && !empty($providerIdsWithoutBackupCodes); } /** |