From e33b001b3925f6e69fd8162eefadbfec32204771 Mon Sep 17 00:00:00 2001
From: Joas Schilling <coding@schilljs.com>
Date: Tue, 18 Mar 2025 09:49:27 +0100
Subject: fix(auth): Allow 2FA challenges for Ephemeral sessions

Signed-off-by: Joas Schilling <coding@schilljs.com>
---
 .../AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php    | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php b/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php
index 1cd250d103d..2404285b2d4 100644
--- a/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php
+++ b/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php
@@ -9,6 +9,7 @@ namespace OC\AppFramework\Middleware;
 
 use OC\AppFramework\Utility\ControllerMethodReflector;
 use OC\Core\Controller\ClientFlowLoginV2Controller;
+use OC\Core\Controller\TwoFactorChallengeController;
 use OCP\AppFramework\Middleware;
 use OCP\ISession;
 use OCP\IUserSession;
@@ -35,6 +36,10 @@ class FlowV2EphemeralSessionsMiddleware extends Middleware {
 			return;
 		}
 
+		if ($controller instanceof TwoFactorChallengeController) {
+			return;
+		}
+
 		if ($this->reflector->hasAnnotation('PublicPage')) {
 			return;
 		}
-- 
cgit v1.2.3