Closed fredreichbier closed 6 years ago
Oh, I just noticed we already talked about this here: https://github.com/NetKnights-GmbH/privacyidea-owncloud-app/commit/864afd60d8cafb5c6bbcead6e44ef8e3443af426#diff-c480f9c46499fc0c13fde68a1fe206bf
... I don't remember if there was a reason why we didn't change this? :-/ @cornelinux
The thing is the backward compatibility. Originially the app was active by default without a setting piactive.
So if s.o. would update the code then the app would be deactived (since the config does not contain piactive
. This is a extremely seldom side effect, that we wanted to avoid.
Hm ... but isn't this what happens right now? Take a look at the actual handling of the piactive setting in 2.3 in the Provider: https://github.com/NetKnights-GmbH/privacyidea-owncloud-app/blob/v2.3/twofactor_privacyidea/lib/Provider/TwoFactorPrivacyIDEAProvider.php#L324
Here, we check for === "1"
. So if the piactive
setting does not exist (as it would be the case for someone who updated from an earlier version), the app would be inactive?
I'll check this.
Right after installation of the app, the
Activate two factor authentication with privacyIDEA.
checkbox is checked. The config looks like this:The relevant
piactive
setting is only set after unchecking and checking the checkbox again:I think it's a good idea to require explicit activation of 2FA. However, the checkbox should then be initially unchecked.