Fix AppPassword 2FA auth
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This commit is contained in:
parent
83508d7be3
commit
9163cf9241
2 changed files with 21 additions and 2 deletions
|
@ -269,6 +269,11 @@ class Manager {
|
|||
return false;
|
||||
}
|
||||
|
||||
// If we are authenticated using an app password skip all this
|
||||
if ($this->session->exists('app_password')) {
|
||||
return false;
|
||||
}
|
||||
|
||||
// First check if the session tells us we should do 2FA (99% case)
|
||||
if (!$this->session->exists(self::SESSION_UID_KEY)) {
|
||||
|
||||
|
@ -296,7 +301,6 @@ class Manager {
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
if (!$this->isTwoFactorAuthenticated($user)) {
|
||||
// There is no second factor any more -> let the user pass
|
||||
// This prevents infinite redirect loops when a user is about
|
||||
|
|
|
@ -387,10 +387,14 @@ class ManagerTest extends TestCase {
|
|||
public function testNeedsSecondFactor() {
|
||||
$user = $this->createMock(IUser::class);
|
||||
$this->session->expects($this->at(0))
|
||||
->method('exists')
|
||||
->with('app_password')
|
||||
->willReturn(false);
|
||||
$this->session->expects($this->at(1))
|
||||
->method('exists')
|
||||
->with('two_factor_auth_uid')
|
||||
->will($this->returnValue(false));
|
||||
$this->session->expects($this->at(1))
|
||||
$this->session->expects($this->at(2))
|
||||
->method('exists')
|
||||
->with(Manager::SESSION_UID_DONE)
|
||||
->willReturn(false);
|
||||
|
@ -523,6 +527,8 @@ class ManagerTest extends TestCase {
|
|||
->will($this->returnCallback(function($var) {
|
||||
if ($var === Manager::SESSION_UID_KEY) {
|
||||
return false;
|
||||
} else if ($var === 'app_password') {
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}));
|
||||
|
@ -585,4 +591,13 @@ class ManagerTest extends TestCase {
|
|||
|
||||
$this->assertFalse($this->manager->needsSecondFactor($user));
|
||||
}
|
||||
|
||||
public function testNeedsSecondFactorAppPassword() {
|
||||
$user = $this->createMock(IUser::class);
|
||||
$this->session->method('exists')
|
||||
->with('app_password')
|
||||
->willReturn(true);
|
||||
|
||||
$this->assertFalse($this->manager->needsSecondFactor($user));
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue