Fix false positive in sso 2fa block

directus · Nov 12, 2019 · 557a83b · 557a83b
1 parent 0989b31
commit 557a83b
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/src/endpoints/Auth.php b/src/endpoints/Auth.php
@@ -333,7 +333,7 @@ public function ssoService(Request $request, Response $response)
                 $origin = array_shift($origin);
             }
             $session->set('sso_origin_url', $origin);
-            
+
             $response = $response->withRedirect(array_get($responseData, 'data.authorization_url'));
         }
 
@@ -388,7 +388,7 @@ public function ssoServiceCallback(Request $request, Response $response)
             if(isset($responseData['data']) && isset($responseData['data']['user'])){
                 $usersService = new UsersService($this->container);
                 $tfa_enforced = $usersService->has2FAEnforced($responseData['data']['user']['id']);
-                if($tfa_enforced || !is_null($responseData['data']['user']['2fa_secret'])){
+                if($tfa_enforced || !empty($responseData['data']['user']['2fa_secret'])){
                     throw new SsoNotAllowedException();
                 }
 
@@ -424,7 +424,7 @@ public function ssoServiceCallback(Request $request, Response $response)
                 $urlParams = array_merge($redirectQueryParams, $urlParams);
             }
 
-            $urlToRedirect = !empty($urlParams) ? $redirectUrl . '?' . http_build_query($urlParams) : $redirectUrl;	
+            $urlToRedirect = !empty($urlParams) ? $redirectUrl . '?' . http_build_query($urlParams) : $redirectUrl;
             $response = $response->withRedirect($urlToRedirect);
 
         }else{