Allow to cancel 2FA after login

This commit is contained in:
Joas Schilling 2016-06-07 17:53:00 +02:00
parent 46fe2ddf2e
commit 3e3b326c85
No known key found for this signature in database
GPG key ID: 70A0B324C41C0946
6 changed files with 38 additions and 5 deletions

View file

@ -61,6 +61,13 @@ class TwoFactorChallengeController extends Controller {
$this->urlGenerator = $urlGenerator;
}
/**
* @return string
*/
protected function getLogoutAttribute() {
return \OC_User::getLogoutAttribute();
}
/**
* @NoAdminRequired
* @NoCSRFRequired
@ -75,6 +82,7 @@ class TwoFactorChallengeController extends Controller {
$data = [
'providers' => $providers,
'redirect_url' => $redirect_url,
'logout_attribute' => $this->getLogoutAttribute(),
];
return new TemplateResponse($this->appName, 'twofactorselectchallenge', $data, 'guest');
}
@ -106,6 +114,7 @@ class TwoFactorChallengeController extends Controller {
$data = [
'error' => $error,
'provider' => $provider,
'logout_attribute' => $this->getLogoutAttribute(),
'template' => $tmpl->fetchPage(),
];
return new TemplateResponse($this->appName, 'twofactorshowchallenge', $data, 'guest');

View file

@ -82,6 +82,11 @@ class TwoFactorMiddleware extends Middleware {
return;
}
if ($controller instanceof \OC\Core\Controller\LoginController && $methodName === 'logout') {
// Don't block the logout page, to allow canceling the 2FA
return;
}
if ($this->userSession->isLoggedIn()) {
$user = $this->userSession->getUser();

View file

@ -37,6 +37,10 @@ body {
display: inline-block;
}
a.two-factor-cancel {
color: #fff;
}
.float-spinner {
height: 32px;
display: none;

View file

@ -18,4 +18,5 @@
</li>
<?php endforeach; ?>
</ul>
</fieldset>
</fieldset>
<a class="two-factor-cancel" <?php print_unescaped($_['logout_attribute']); ?>><?php p($l->t('Cancel login')) ?></a>

View file

@ -17,3 +17,4 @@ $template = $_['template'];
<span class="warning"><?php p($l->t('An error occured while verifying the token')); ?></span>
<?php endif; ?>
<?php print_unescaped($template); ?>
<a class="two-factor-cancel" <?php print_unescaped($_['logout_attribute']); ?>><?php p($l->t('Cancel login')) ?></a>

View file

@ -33,7 +33,7 @@ class TwoFactorChallengeControllerTest extends TestCase {
private $session;
private $urlGenerator;
/** TwoFactorChallengeController */
/** @var TwoFactorChallengeController|\PHPUnit_Framework_MockObject_MockObject */
private $controller;
protected function setUp() {
@ -47,9 +47,20 @@ class TwoFactorChallengeControllerTest extends TestCase {
$this->session = $this->getMock('\OCP\ISession');
$this->urlGenerator = $this->getMock('\OCP\IURLGenerator');
$this->controller = new TwoFactorChallengeController(
'core', $this->request, $this->twoFactorManager, $this->userSession, $this->session, $this->urlGenerator
);
$this->controller = $this->getMockBuilder('OC\Core\Controller\TwoFactorChallengeController')
->setConstructorArgs([
'core',
$this->request,
$this->twoFactorManager,
$this->userSession,
$this->session,
$this->urlGenerator,
])
->setMethods(['getLogoutAttribute'])
->getMock();
$this->controller->expects($this->any())
->method('getLogoutAttribute')
->willReturn('logoutAttribute');
}
public function testSelectChallenge() {
@ -70,6 +81,7 @@ class TwoFactorChallengeControllerTest extends TestCase {
$expected = new \OCP\AppFramework\Http\TemplateResponse('core', 'twofactorselectchallenge', [
'providers' => $providers,
'redirect_url' => '/some/url',
'logout_attribute' => 'logoutAttribute',
], 'guest');
$this->assertEquals($expected, $this->controller->selectChallenge('/some/url'));
@ -110,6 +122,7 @@ class TwoFactorChallengeControllerTest extends TestCase {
$expected = new \OCP\AppFramework\Http\TemplateResponse('core', 'twofactorshowchallenge', [
'error' => true,
'provider' => $provider,
'logout_attribute' => 'logoutAttribute',
'template' => '<html/>',
], 'guest');