Jitheesh
commented
3 years ago - Disable new admin token generate end point functionality for 2fa
- allow merchants to use existing token generate service without enabling 2fa
Closed Jitheesh closed 3 years ago
Jitheesh
commented
3 years ago 
markshust
commented
3 years ago Thank you @Jitheesh. Can you please list out steps that I can take to test this?
Jitheesh
commented
3 years ago Hi @markshust
In 2.4.1, Magento changed api end point for admin token generate.
`Two-Factor Authentication is implemented for Magento Web APIs with the following changes:
AdminTokenServiceInterface::createAdminAccessToken() throws an exception when the Admin user doesn’t have personal 2FA configured, and also indicates that the confirmationh email has been sent. AdminTokenServiceInterface::createAdminAccessToken() throws an exception that indicates which provider is configured for the user and suggests a provider-specific login endpoint. 2FA provider-specific endpoints allow each Admin user to configure a personal 2FA and provides tokens for username, password, and OTP (2FA code).`
So to disable 2fa from token generate api, I've re-enabled our previous token generate end point. ie, if you disable 2fa for token generate, you can continue to use existing end point. Otherwise you should configure 2fa and integrate new end point.
Test steps
alexbejan-mavfarm
commented
3 years ago I can confirm that this fix works, can we merge it?
markshust
commented
3 years ago I'm taking the updates, will be pushed momentarily
Jitheesh
commented
3 years ago Thanks @markshust for your code styling suggestions, It is really helpful.
cmacdonald-au
commented
3 years ago Sorry to be "that guy who's late to the party with a problem" but these changes fail to parse with PHP7.3
Typed props only appeared in 7.4 - and I wouldn't mention it at all, except composer specifies php>=7.3
markshust
commented
3 years ago Thanks @cmacdonald-au and @Rud5G -- definitely a mistake on my part. Fixed that in https://github.com/markshust/magento2-module-disabletwofactorauth/issues/6