upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-06-14 19:20:35 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 11

fix(auth): Allow 2FA challenges for Ephemeral sessions

Browse source 
Signed-off-by: Joas Schilling <coding@schilljs.com>
This commit is contained in:
Joas Schilling 2025-03-18 09:49:27 +01:00 committed by backportbot[bot]
parent 561775d2fe
commit 90fff7d6cc
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php
View file

@ -9,6 +9,7 @@ namespace OC\AppFramework\Middleware;
use OC\AppFramework\Utility\ControllerMethodReflector;
use OC\Core\Controller\ClientFlowLoginV2Controller;
use OC\Core\Controller\TwoFactorChallengeController;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http\Attribute\PublicPage;
use OCP\AppFramework\Middleware;
@ -38,6 +39,10 @@ class FlowV2EphemeralSessionsMiddleware extends Middleware {
return;
}
if ($controller instanceof TwoFactorChallengeController) {
return;
}
$reflectionMethod = new ReflectionMethod($controller, $methodName);
if (!empty($reflectionMethod->getAttributes(PublicPage::class))) {
return;