fix(auth): Allow 2FA challenges for Ephemeral sessions

Signed-off-by: Joas Schilling <[email protected]>

Author: nickvergessen

lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php

@@ -9,6 +9,7 @@
 
 use OC\AppFramework\Utility\ControllerMethodReflector;
 use OC\Core\Controller\ClientFlowLoginV2Controller;
+use OC\Core\Controller\TwoFactorChallengeController;
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http\Attribute\PublicPage;
 use OCP\AppFramework\Middleware;
@@ -32,8 +33,9 @@ public function beforeController(Controller $controller, string $methodName) {
 		}
 
 		if (
-			$controller instanceof ClientFlowLoginV2Controller &&
-			($methodName === 'grantPage' || $methodName === 'generateAppPassword')
+			$controller instanceof TwoFactorChallengeController
+			|| ($controller instanceof ClientFlowLoginV2Controller
+				&& ($methodName === 'grantPage' || $methodName === 'generateAppPassword'))
 		) {
 			return;
 		}