Does not patch rest api #1

Plugin/BypassWebApiTwoFactorAuth.php

@@ -0,0 +1,67 @@
+<?php
+
+/**
+ * This file is part of the MarkShust DisableTwoFactorAuth package
+ *
+ * @author Jitheesh V O <jitheeshvo@gmail.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code
+ */
+declare(strict_types=1);
+
+namespace MarkShust\DisableTwoFactorAuth\Plugin;
+
+use Magento\Framework\App\Config\ScopeConfigInterface;
+use Magento\Integration\Api\AdminTokenServiceInterface;
+use Magento\TwoFactorAuth\Model\AdminAccessTokenService;
+
+/**
+ * Class BypassWebApiTwoFactorAuth
+ *
+ * @package MarkShust\DisableTwoFactorAuth\Plugin
+ */
+class BypassWebApiTwoFactorAuth
+{
+    const XML_PATH_CONFIG_API_ENABLE = 'twofactorauth/general/enable_api';
+
+    /** @var ScopeConfigInterface */
+    private $scopeConfig;
+    /**
+     * @var AdminTokenServiceInterface
+     */
+    private AdminTokenServiceInterface $adminTokenService;
+
+    public function __construct(
+        AdminTokenServiceInterface $adminTokenService,
+        ScopeConfigInterface $scopeConfig
+    ) {
+        $this->scopeConfig = $scopeConfig;
+        $this->adminTokenService = $adminTokenService;
+    }
+
+    /**
+     * This will bypass 2fa and allow us to use existing token generate end-point
+     * Recommended to use this until third-party service is ready to configure 2fa
+     *
+     * @param AdminAccessTokenService $subject
+     * @param \Closure                $proceed
+     * @param                         $username
+     * @param                         $password
+     *
+     * @return string
+     * @throws \Magento\Framework\Exception\AuthenticationException
+     * @throws \Magento\Framework\Exception\InputException
+     * @throws \Magento\Framework\Exception\LocalizedException
+     */
+    public function aroundCreateAdminAccessToken(
+        AdminAccessTokenService $subject,
+        \Closure $proceed,
+        $username,
+        $password
+    ): string {
+        return !$this->scopeConfig->isSetFlag(self::XML_PATH_CONFIG_API_ENABLE)
+            ? $this->adminTokenService->createAdminAccessToken($username, $password)
+            : $proceed($username, $password);
+    }
+}

etc/adminhtml/system.xml

@@ -9,6 +9,10 @@
                     <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
                     <comment>Warning: Enabling 2FA will immediately prompt admin user for OTP code.</comment>
                 </field>
+                <field id="enable_api" translate="label" type="select" sortOrder="100" showInDefault="1" canRestore="1">
+                    <label>Enable 2FA for token service</label>
+                    <source_model>Magento\Config\Model\Config\Source\Yesno</source_model>
+                </field>
                 <field id="force_providers">
                     <depends>
                         <field id="enable">1</field>

etc/config.xml

@@ -5,6 +5,7 @@
         <twofactorauth>
             <general>
                 <enable>1</enable>
+                <enable_api>1</enable_api>
             </general>
         </twofactorauth>
     </default>

etc/di.xml

@@ -3,4 +3,7 @@
     <type name="Magento\TwoFactorAuth\Model\TfaSession">
         <plugin name="bypassTwoFactorAuth" type="MarkShust\DisableTwoFactorAuth\Plugin\BypassTwoFactorAuth"/>
     </type>
+    <type name="Magento\TwoFactorAuth\Model\AdminAccessTokenService">
+        <plugin name="bypassWebApiTwoFactorAuth" type="MarkShust\DisableTwoFactorAuth\Plugin\BypassWebApiTwoFactorAuth"/>
+    </type>
 </config>