From 5abefb689bc17dc26e747164f9251926faade358 Mon Sep 17 00:00:00 2001
From: Dylan William Hardison <dylan@hardison.net>
Date: Tue, 19 Sep 2017 11:46:25 -0400
Subject: Bug 1400419 - Direct GitHub-auth'd users that are required to use 2FA
 to issue a password reset

---
 Bugzilla.pm | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'Bugzilla.pm')

diff --git a/Bugzilla.pm b/Bugzilla.pm
index 96eff5df2..9234243f7 100644
--- a/Bugzilla.pm
+++ b/Bugzilla.pm
@@ -407,13 +407,14 @@ sub login {
         my $grace_period = Bugzilla->params->{mfa_group_grace_period};
         my $expired      = defined $date && $date < DateTime->now;
         my $on_mfa_page  = $cgi->script_name eq '/userprefs.cgi' && $cgi->param('tab') eq 'mfa';
+        my $on_token_page = $cgi->script_name eq '/token.cgi';
 
         Bugzilla->request_cache->{mfa_warning} = 1;
         Bugzilla->request_cache->{mfa_grace_period_expired} = $expired;
         Bugzilla->request_cache->{on_mfa_page} = $on_mfa_page;
 
         if ( $grace_period == 0 || $expired) {
-            if (!$on_mfa_page) {
+            if ( !( $on_mfa_page || $on_token_page ) ) {
                 print Bugzilla->cgi->redirect("userprefs.cgi?tab=mfa");
                 exit;
             }
-- 
cgit v1.2.3-24-g4f1b