Browse Source
fix(auth): Allow 2FA challenges for Ephemeral sessions
Signed-off-by: Joas Schilling <coding@schilljs.com>
pull/51544/head
Joas Schilling
9 months ago
No known key found for this signature in database
GPG Key ID: F72FA5B49FFA96B0
1 changed files with
5 additions and
0 deletions
-
lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php
|
|
|
@ -9,6 +9,7 @@ namespace OC\AppFramework\Middleware; |
|
|
|
|
|
|
|
use OC\AppFramework\Utility\ControllerMethodReflector; |
|
|
|
use OC\Core\Controller\ClientFlowLoginV2Controller; |
|
|
|
use OC\Core\Controller\TwoFactorChallengeController; |
|
|
|
use OCP\AppFramework\Controller; |
|
|
|
use OCP\AppFramework\Http\Attribute\PublicPage; |
|
|
|
use OCP\AppFramework\Middleware; |
|
|
|
@ -38,6 +39,10 @@ class FlowV2EphemeralSessionsMiddleware extends Middleware { |
|
|
|
return; |
|
|
|
} |
|
|
|
|
|
|
|
if ($controller instanceof TwoFactorChallengeController) { |
|
|
|
return; |
|
|
|
} |
|
|
|
|
|
|
|
$reflectionMethod = new ReflectionMethod($controller, $methodName); |
|
|
|
if (!empty($reflectionMethod->getAttributes(PublicPage::class))) { |
|
|
|
return; |
|
|
|
|
