OXDEV-9078 OTP is not responsible for the redirect - remove redirect

Sieg · Sieg · commit 415807957ebb · 2026-04-02T16:47:29.000+03:00
diff --git a/src/Authentication/TwoFactorAuth/OTP/OtpFacade.php b/src/Authentication/TwoFactorAuth/OTP/OtpFacade.php
@@ -9,12 +9,10 @@
 
 namespace OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP;
 
-use OxidEsales\Eshop\Core\Utils;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\Notifier\Factory\OtpNotifierFactoryInterface;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\Service\OtpChallengeStateServiceInterface;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\Service\OtpCodeGeneratorServiceInterface;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\Service\OtpCodeValidatorServiceInterface;
-use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Settings\TwoFASettingsInterface;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Service\TwoFAServiceInterface;
 
 class OtpFacade implements TwoFAServiceInterface
@@ -24,8 +22,6 @@ public function __construct(
         private OtpCodeValidatorServiceInterface $codeValidator,
         private OtpCodeGeneratorServiceInterface $codeGenerator,
         private OtpNotifierFactoryInterface $notifierFactory,
-        private TwoFASettingsInterface $settings,
-        private Utils $utils,
     ) {
     }
 
@@ -48,8 +44,6 @@ public function triggerChallenge(string $userId): void
 
         $this->stateService->createChallengeState($userId, $code);
         $this->notifierFactory->create($userId)->notify($userId, $code);
-
-        $this->utils->redirect($this->settings->getVerificationUrl());
     }
 
     public function invalidateChallenge(string $userId): void
diff --git a/src/Authentication/TwoFactorAuth/OTP/services.yaml b/src/Authentication/TwoFactorAuth/OTP/services.yaml
@@ -7,7 +7,5 @@ services:
   _defaults:
     autowire: true
     public: false
-    bind:
-      OxidEsales\Eshop\Core\Utils: '@=service("OxidEsales\\SecurityModule\\Core\\Registry").getUtils()'
 
   OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\OtpFacade: ~
diff --git a/tests/Unit/Authentication/TwoFactorAuth/OTP/OtpFacadeTest.php b/tests/Unit/Authentication/TwoFactorAuth/OTP/OtpFacadeTest.php
@@ -10,16 +10,14 @@
 namespace OxidEsales\SecurityModule\Tests\Unit\Authentication\TwoFactorAuth\OTP;
 
 use DateTimeImmutable;
-use OxidEsales\Eshop\Core\Utils;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\Notifier\Factory\OtpNotifierFactoryInterface;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\Notifier\OtpNotifierInterface;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\OtpFacade;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\Service\OtpChallengeStateServiceInterface;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\Service\OtpCodeGeneratorServiceInterface;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\Service\OtpCodeValidatorServiceInterface;
-use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Settings\TwoFASettingsInterface;
 use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\OTP\DTO\OtpChallengeStateInterface;
-use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Service\TwoFAServiceInterface;
+use OxidEsales\SecurityModule\Authentication\TwoFactorAuth\Exception\InvalidCodeException;
 use PHPUnit\Framework\Attributes\Test;
 use PHPUnit\Framework\TestCase;
 
@@ -170,20 +168,10 @@ public function triggerChallengeGeneratesCodeCreatesStateAndNotifies(): void
         $notifierFactoryStub = $this->createStub(OtpNotifierFactoryInterface::class);
         $notifierFactoryStub->method('create')->willReturn($notifierSpy);
 
-        $settingsStub = $this->createStub(TwoFASettingsInterface::class);
-        $settingsStub->method('getVerificationUrl')->willReturn($verificationUrl = uniqid());
-
-        $utilsSpy = $this->createMock(Utils::class);
-        $utilsSpy->expects($this->once())
-            ->method('redirect')
-            ->with($verificationUrl);
-
         $sut = $this->getSut(
             stateService: $stateServiceSpy,
             codeGenerator: $codeGeneratorStub,
             notifierFactory: $notifierFactoryStub,
-            settings: $settingsStub,
-            utils: $utilsSpy,
         );
 
         $sut->triggerChallenge(userId: $userId);
@@ -194,16 +182,12 @@ private function getSut(
         OtpCodeValidatorServiceInterface $codeValidator = null,
         OtpCodeGeneratorServiceInterface $codeGenerator = null,
         OtpNotifierFactoryInterface $notifierFactory = null,
-        TwoFASettingsInterface $settings = null,
-        Utils $utils = null,
     ): OtpFacade {
         return new OtpFacade(
             stateService: $stateService ?? $this->createStub(OtpChallengeStateServiceInterface::class),
             codeValidator: $codeValidator ?? $this->createStub(OtpCodeValidatorServiceInterface::class),
             codeGenerator: $codeGenerator ?? $this->createStub(OtpCodeGeneratorServiceInterface::class),
             notifierFactory: $notifierFactory ?? $this->createStub(OtpNotifierFactoryInterface::class),
-            settings: $settings ?? $this->createStub(TwoFASettingsInterface::class),
-            utils: $utils ?? $this->createStub(Utils::class),
         );
     }
 }
