diff --git a/core/Controller/TwoFactorChallengeController.php b/core/Controller/TwoFactorChallengeController.php index 499898de3b..edaf3378cd 100644 --- a/core/Controller/TwoFactorChallengeController.php +++ b/core/Controller/TwoFactorChallengeController.php @@ -61,6 +61,13 @@ class TwoFactorChallengeController extends Controller { $this->urlGenerator = $urlGenerator; } + /** + * @return string + */ + protected function getLogoutAttribute() { + return \OC_User::getLogoutAttribute(); + } + /** * @NoAdminRequired * @NoCSRFRequired @@ -75,6 +82,7 @@ class TwoFactorChallengeController extends Controller { $data = [ 'providers' => $providers, 'redirect_url' => $redirect_url, + 'logout_attribute' => $this->getLogoutAttribute(), ]; return new TemplateResponse($this->appName, 'twofactorselectchallenge', $data, 'guest'); } @@ -106,6 +114,7 @@ class TwoFactorChallengeController extends Controller { $data = [ 'error' => $error, 'provider' => $provider, + 'logout_attribute' => $this->getLogoutAttribute(), 'template' => $tmpl->fetchPage(), ]; return new TemplateResponse($this->appName, 'twofactorshowchallenge', $data, 'guest'); diff --git a/core/Middleware/TwoFactorMiddleware.php b/core/Middleware/TwoFactorMiddleware.php index aa82897ad4..0bad8a2c40 100644 --- a/core/Middleware/TwoFactorMiddleware.php +++ b/core/Middleware/TwoFactorMiddleware.php @@ -82,6 +82,11 @@ class TwoFactorMiddleware extends Middleware { return; } + if ($controller instanceof \OC\Core\Controller\LoginController && $methodName === 'logout') { + // Don't block the logout page, to allow canceling the 2FA + return; + } + if ($this->userSession->isLoggedIn()) { $user = $this->userSession->getUser(); diff --git a/core/css/styles.css b/core/css/styles.css index df9509baa1..475c4fa3fb 100644 --- a/core/css/styles.css +++ b/core/css/styles.css @@ -38,6 +38,10 @@ body { display: inline-block; } +a.two-factor-cancel { + color: #fff; +} + .float-spinner { height: 32px; display: none; diff --git a/core/templates/twofactorselectchallenge.php b/core/templates/twofactorselectchallenge.php index 14d599aab3..4209beac4e 100644 --- a/core/templates/twofactorselectchallenge.php +++ b/core/templates/twofactorselectchallenge.php @@ -18,4 +18,5 @@ - \ No newline at end of file + +>t('Cancel login')) ?> diff --git a/core/templates/twofactorshowchallenge.php b/core/templates/twofactorshowchallenge.php index 66f5ed312e..c5ee9aca4b 100644 --- a/core/templates/twofactorshowchallenge.php +++ b/core/templates/twofactorshowchallenge.php @@ -17,3 +17,4 @@ $template = $_['template']; t('An error occured while verifying the token')); ?> +>t('Cancel login')) ?> diff --git a/tests/Core/Controller/TwoFactorChallengeControllerTest.php b/tests/Core/Controller/TwoFactorChallengeControllerTest.php index 2da6dcd52a..08d8dd1452 100644 --- a/tests/Core/Controller/TwoFactorChallengeControllerTest.php +++ b/tests/Core/Controller/TwoFactorChallengeControllerTest.php @@ -33,7 +33,7 @@ class TwoFactorChallengeControllerTest extends TestCase { private $session; private $urlGenerator; - /** TwoFactorChallengeController */ + /** @var TwoFactorChallengeController|\PHPUnit_Framework_MockObject_MockObject */ private $controller; protected function setUp() { @@ -47,9 +47,20 @@ class TwoFactorChallengeControllerTest extends TestCase { $this->session = $this->getMock('\OCP\ISession'); $this->urlGenerator = $this->getMock('\OCP\IURLGenerator'); - $this->controller = new TwoFactorChallengeController( - 'core', $this->request, $this->twoFactorManager, $this->userSession, $this->session, $this->urlGenerator - ); + $this->controller = $this->getMockBuilder('OC\Core\Controller\TwoFactorChallengeController') + ->setConstructorArgs([ + 'core', + $this->request, + $this->twoFactorManager, + $this->userSession, + $this->session, + $this->urlGenerator, + ]) + ->setMethods(['getLogoutAttribute']) + ->getMock(); + $this->controller->expects($this->any()) + ->method('getLogoutAttribute') + ->willReturn('logoutAttribute'); } public function testSelectChallenge() { @@ -70,6 +81,7 @@ class TwoFactorChallengeControllerTest extends TestCase { $expected = new \OCP\AppFramework\Http\TemplateResponse('core', 'twofactorselectchallenge', [ 'providers' => $providers, 'redirect_url' => '/some/url', + 'logout_attribute' => 'logoutAttribute', ], 'guest'); $this->assertEquals($expected, $this->controller->selectChallenge('/some/url')); @@ -110,6 +122,7 @@ class TwoFactorChallengeControllerTest extends TestCase { $expected = new \OCP\AppFramework\Http\TemplateResponse('core', 'twofactorshowchallenge', [ 'error' => true, 'provider' => $provider, + 'logout_attribute' => 'logoutAttribute', 'template' => '', ], 'guest');