From 11aa997da39d66b40c4ab86d3d401a4fc20c6f6f Mon Sep 17 00:00:00 2001
From: Joas Schilling <coding@schilljs.com>
Date: Mon, 25 Aug 2025 10:39:17 +0200
Subject: [PATCH] fix(2fa): Fix 2FA session setup when ephemeral session is
 used

Signed-off-by: Joas Schilling <coding@schilljs.com>
---
 .../Middleware/FlowV2EphemeralSessionsMiddleware.php          | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php b/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php
index b69b129f798..6c6e0fe2edb 100644
--- a/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php
+++ b/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php
@@ -13,6 +13,7 @@ use OC\Core\Controller\TwoFactorChallengeController;
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http\Attribute\PublicPage;
 use OCP\AppFramework\Middleware;
+use OCP\Authentication\TwoFactorAuth\ALoginSetupController;
 use OCP\ISession;
 use OCP\IUserSession;
 use Psr\Log\LoggerInterface;
@@ -41,7 +42,8 @@ class FlowV2EphemeralSessionsMiddleware extends Middleware {
 			return;
 		}
 
-		if ($controller instanceof TwoFactorChallengeController) {
+		if ($controller instanceof TwoFactorChallengeController
+			|| $controller instanceof ALoginSetupController) {
 			return;
 		}