From 6af2efb67931863b27d96c74cdff1d2ca2615e52 Mon Sep 17 00:00:00 2001
From: Christoph Wurst <christoph@winzerhof-wurst.at>
Date: Wed, 24 Aug 2016 10:42:07 +0200
Subject: prevent infinite redirect loops if the there is no 2fa provider to
 pass

This fixes infinite loops that are caused whenever a user is about to solve a 2FA
challenge, but the provider app is disabled at the same time. Since the session
value usually indicates that the challenge needs to be solved before we grant access
we have to remove that value instead in this special case.
---
 lib/private/legacy/util.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'lib/private/legacy/util.php')

diff --git a/lib/private/legacy/util.php b/lib/private/legacy/util.php
index a975da39271..7341331518d 100644
--- a/lib/private/legacy/util.php
+++ b/lib/private/legacy/util.php
@@ -975,7 +975,7 @@ class OC_Util {
 			exit();
 		}
 		// Redirect to index page if 2FA challenge was not solved yet
-		if (\OC::$server->getTwoFactorAuthManager()->needsSecondFactor()) {
+		if (\OC::$server->getTwoFactorAuthManager()->needsSecondFactor(\OC::$server->getUserSession()->getUser())) {
 			header('Location: ' . \OCP\Util::linkToAbsolute('', 'index.php'));
 			exit();
 		}
-- 
cgit v1.2.3