Fix AppPassword 2FA auth

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This commit is contained in:
Roeland Jago Douma 2017-09-12 22:28:43 +02:00
parent 83508d7be3
commit 9163cf9241
No known key found for this signature in database
GPG key ID: F941078878347C0C
2 changed files with 21 additions and 2 deletions

View file

@ -269,6 +269,11 @@ class Manager {
return false;
}
// If we are authenticated using an app password skip all this
if ($this->session->exists('app_password')) {
return false;
}
// First check if the session tells us we should do 2FA (99% case)
if (!$this->session->exists(self::SESSION_UID_KEY)) {
@ -296,7 +301,6 @@ class Manager {
}
}
if (!$this->isTwoFactorAuthenticated($user)) {
// There is no second factor any more -> let the user pass
// This prevents infinite redirect loops when a user is about

View file

@ -387,10 +387,14 @@ class ManagerTest extends TestCase {
public function testNeedsSecondFactor() {
$user = $this->createMock(IUser::class);
$this->session->expects($this->at(0))
->method('exists')
->with('app_password')
->willReturn(false);
$this->session->expects($this->at(1))
->method('exists')
->with('two_factor_auth_uid')
->will($this->returnValue(false));
$this->session->expects($this->at(1))
$this->session->expects($this->at(2))
->method('exists')
->with(Manager::SESSION_UID_DONE)
->willReturn(false);
@ -523,6 +527,8 @@ class ManagerTest extends TestCase {
->will($this->returnCallback(function($var) {
if ($var === Manager::SESSION_UID_KEY) {
return false;
} else if ($var === 'app_password') {
return false;
}
return true;
}));
@ -585,4 +591,13 @@ class ManagerTest extends TestCase {
$this->assertFalse($this->manager->needsSecondFactor($user));
}
public function testNeedsSecondFactorAppPassword() {
$user = $this->createMock(IUser::class);
$this->session->method('exists')
->with('app_password')
->willReturn(true);
$this->assertFalse($this->manager->needsSecondFactor($user));
}
}