sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix(auth): Allow 2FA challenges for Ephemeral sessions 

Signed-off-by: Joas Schilling <coding@schilljs.com>
pull/51548/head
Joas Schilling 2025-03-18 09:49:27 +07:00 committed by backportbot[bot]
parent 0446b1b64a
commit 4c2877da2f
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php
Unescape Escape View File

@ -9,6 +9,7 @@ namespace OC\AppFramework\Middleware;
use OC\AppFramework\Utility\ControllerMethodReflector;
use OC\Core\Controller\ClientFlowLoginV2Controller;
use OC\Core\Controller\TwoFactorChallengeController;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http\Attribute\PublicPage;
use OCP\AppFramework\Middleware;
@ -38,6 +39,10 @@ class FlowV2EphemeralSessionsMiddleware extends Middleware {
return;
}
if ($controller instanceof TwoFactorChallengeController) {
return;
}
$reflectionMethod = new ReflectionMethod($controller, $methodName);
if (!empty($reflectionMethod->getAttributes(PublicPage::class))) {
return;