Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[stable28] AppAPI: allow to bypass Two-Factor #42519

Merged
merged 1 commit into from Dec 29, 2023
Merged

[stable28] AppAPI: allow to bypass Two-Factor #42519

merged 1 commit into from Dec 29, 2023

Conversation

backportbot-nextcloud[bot]
Copy link

Backport of #42479

@bigcat88 @backportbot-nextcloud
AppAPI: allowed to bypass Two-Factor
1d0b10b 
Signed-off-by: Alexander Piskun <bigcat88@icloud.com>
@backportbot-nextcloud backportbot-nextcloud bot added this to the Nextcloud 28.0.2 milestone Dec 29, 2023
github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 29, 2023
View reviewed changes
core/Middleware/TwoFactorMiddleware.php
if ($this->session->exists('app_password') || $this->twoFactorManager->isTwoFactorAuthenticated($user)) {
if ($this->session->exists('app_password') // authenticated using an app password
|| $this->session->exists('app_api') // authenticated using an AppAPI Auth
|| $this->twoFactorManager->isTwoFactorAuthenticated($user)) {

Check notice

Code scanning / Psalm

PossiblyNullArgument Note

Argument 1 of OC\Authentication\TwoFactorAuth\Manager::isTwoFactorAuthenticated cannot be null, possibly null value provided
@bigcat88 bigcat88 merged commit 30f23a6 into stable28 Dec 29, 2023
50 checks passed
@bigcat88 bigcat88 deleted the backport/42479/stable28 branch December 29, 2023 11:28
@blizzz blizzz mentioned this pull request Jan 15, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bigcat88 bigcat88 bigcat88 approved these changes

@andrey18106 andrey18106 andrey18106 approved these changes

@ChristophWurst ChristophWurst Awaiting requested review from ChristophWurst ChristophWurst is a code owner

@miaulalala miaulalala Awaiting requested review from miaulalala miaulalala is a code owner

@nickvergessen nickvergessen Awaiting requested review from nickvergessen nickvergessen is a code owner

@st3iny st3iny Awaiting requested review from st3iny st3iny is a code owner

Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
Nextcloud 28.0.2
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@bigcat88 @andrey18106