Skip to content

Commit

Permalink
Fix an issue with Duo not live-updating properly on login gates
Browse files Browse the repository at this point in the history 
Summary:
See <https://discourse.phabricator-community.org/t/duo-broken-in-2019-week-12/2580/>.

The "live update Duo status" endpoint currently requires full sessions, and doesn't work from the session upgrade gate on login.

Don't require a full session to check the status of an MFA challenge.

Test Plan: Went through Duo gate in a new session, got a live update.

Reviewers: amckinley

Reviewed By: amckinley

Differential Revision: https://secure.phabricator.com/D20347
  • Loading branch information
@Roguelazer
epriestley authored and Roguelazer committed Mar 29, 2019
1 parent 482af4c commit d950533
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions src/applications/auth/controller/mfa/PhabricatorAuthChallengeStatusController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,12 @@
final class PhabricatorAuthChallengeStatusController
extends PhabricatorAuthController {

public function shouldAllowPartialSessions() {
// We expect that users may request the status of an MFA challenge when
// they hit the session upgrade gate on login.
return true;
}

public function handleRequest(AphrontRequest $request) {
$viewer = $this->getViewer();
$id = $request->getURIData('id');
Expand Down

0 comments on commit d950533

Please sign in to comment.