OXDEV-9078 Invalidate the challenge after the login

Author: Sieg

src/Authentication/TwoFactorAuth/Service/TwoFAUserService.php

@@ -49,6 +49,7 @@ public function loginUser(string $userId): void
         $this->session->remove(self::USER_SESSION_KEY);
 
         $this->loginAdapter->loginUser($userId);
+        $this->twoFAService->invalidateChallenge($userId);
 
         $this->utils->redirect($this->redirectService->getRedirectUrl(), false);
     }

tests/Unit/Authentication/TwoFactorAuth/Service/TwoFAUserServiceTest.php

@@ -83,10 +83,17 @@ public function isChallengeVerifiedProxiesToTwoFAService(): void
     #[Test]
     public function loginUserLoadsUserLoginsClearsSessionAndRedirects(): void
     {
+        $userId = uniqid();
+
         $loginAdapterSpy = $this->createMock(UserLoginAdapterInterface::class);
         $loginAdapterSpy->expects($this->once())
             ->method('loginUser')
-            ->with($userId = uniqid());
+            ->with($userId);
+
+        $twoFAServiceSpy = $this->createMock(TwoFAServiceInterface::class);
+        $twoFAServiceSpy->expects($this->once())
+            ->method('invalidateChallenge')
+            ->with($userId);
 
         $sessionSpy = $this->createMock(SessionInterface::class);
         $sessionSpy->expects($this->once())
@@ -100,6 +107,7 @@ public function loginUserLoadsUserLoginsClearsSessionAndRedirects(): void
         $utilsSpy->expects($this->once())->method('redirect')->with($redirectUrl, false);
 
         $sut = $this->getSut(
+            twoFAService: $twoFAServiceSpy,
             loginAdapter: $loginAdapterSpy,
             session: $sessionSpy,
             redirectService: $redirectServiceStub,