prevent infinite redirect loops if the there is no 2fa provider to pass
This fixes infinite loops that are caused whenever a user is about to solve a 2FA challenge, but the provider app is disabled at the same time. Since the session value usually indicates that the challenge needs to be solved before we grant access we have to remove that value instead in this special case.
Showing
- apps/dav/lib/Connector/Sabre/Auth.php 1 addition, 1 deletionapps/dav/lib/Connector/Sabre/Auth.php
- apps/dav/tests/unit/Connector/Sabre/AuthTest.php 2 additions, 1 deletionapps/dav/tests/unit/Connector/Sabre/AuthTest.php
- core/Middleware/TwoFactorMiddleware.php 6 additions, 4 deletionscore/Middleware/TwoFactorMiddleware.php
- lib/private/Authentication/TwoFactorAuth/Manager.php 16 additions, 2 deletionslib/private/Authentication/TwoFactorAuth/Manager.php
- lib/private/legacy/api.php 1 addition, 1 deletionlib/private/legacy/api.php
- lib/private/legacy/json.php 1 addition, 1 deletionlib/private/legacy/json.php
- lib/private/legacy/util.php 1 addition, 1 deletionlib/private/legacy/util.php
- tests/Core/Middleware/TwoFactorMiddlewareTest.php 2 additions, 0 deletionstests/Core/Middleware/TwoFactorMiddlewareTest.php
- tests/lib/Authentication/TwoFactorAuth/ManagerTest.php 41 additions, 4 deletionstests/lib/Authentication/TwoFactorAuth/ManagerTest.php
Loading
Please register or sign in to comment