From ab57ce0e451e995f64e16372fb3512ee7a131ccd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Martin=20Poirier=20Th=C3=A9or=C3=AAt?= <mpoiriert@gmail.com>
Date: Tue, 21 Nov 2023 16:46:14 -0500
Subject: [PATCH] [SonataIntegrationBundle] Handle 2FA totp secret empty
 submission

---
 .../TwoFactorAuthenticationController.php     | 31 ++++++++++++-------
 1 file changed, 20 insertions(+), 11 deletions(-)

diff --git a/packages/sonata-integration-bundle/User/Controller/TwoFactorAuthenticationController.php b/packages/sonata-integration-bundle/User/Controller/TwoFactorAuthenticationController.php
index b459b1738..d9182ee30 100644
--- a/packages/sonata-integration-bundle/User/Controller/TwoFactorAuthenticationController.php
+++ b/packages/sonata-integration-bundle/User/Controller/TwoFactorAuthenticationController.php
@@ -48,17 +48,19 @@ public function enable2faAction(
                 return new RedirectResponse($this->admin->generateObjectUrl('disable-2fa', $user));
             }
 
-            $user->setTotpSecret($enable2fa->totpSecret);
-            if ($totpAuthenticator->checkCode($user, $enable2fa->code)) {
-                $user->enableTwoFActorAuthenticationProvider('totp');
-                $this->admin->getModelManager()->update($user);
-
-                $this->addFlash(
-                    'sonata_flash_success',
-                    $this->trans('admin.flash.2fa_enabled', [], 'DrawUserBundle')
-                );
-
-                return $this->redirectTo($request, $user);
+            if ($enable2fa->totpSecret) {
+                $user->setTotpSecret($enable2fa->totpSecret);
+                if ($totpAuthenticator->checkCode($user, $enable2fa->code)) {
+                    $user->enableTwoFActorAuthenticationProvider('totp');
+                    $this->admin->getModelManager()->update($user);
+
+                    $this->addFlash(
+                        'sonata_flash_success',
+                        $this->trans('admin.flash.2fa_enabled', [], 'DrawUserBundle')
+                    );
+
+                    return $this->redirectTo($request, $user);
+                }
             }
 
             $this->addFlash(
@@ -74,6 +76,13 @@ public function enable2faAction(
             $totpSecret = $user->getTotpSecret();
             $enable2fa->totpSecret = $totpSecret;
             $form->setData($enable2fa);
+        } elseif (!$user->getTotpSecret()) {
+            $this->addFlash(
+                'sonata_flash_error',
+                $this->trans('admin.flash.2fa_invalid_code_refreshed', [], 'DrawUserBundle')
+            );
+
+            return new RedirectResponse($this->admin->generateObjectUrl('enable-2fa', $user));
         }
 
         $qrCode = $qrCodeGenerator->getTotpQrCode($user);