From ab629da2d4b7f5a7e509d3e30271a689bf59f193 Mon Sep 17 00:00:00 2001
From: Arthur Schiwon <blizzz@arthur-schiwon.de>
Date: Thu, 18 Nov 2021 13:13:00 +0100
Subject: [PATCH] Revert "Explicitly allow some routes without 2FA"

This reverts commit bcfd4ed5910d29423bfa86214a3b595fe8e92c9c.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
---
 core/Controller/OCJSController.php      | 1 -
 core/Middleware/TwoFactorMiddleware.php | 6 ------
 2 files changed, 7 deletions(-)

diff --git a/core/Controller/OCJSController.php b/core/Controller/OCJSController.php
index 379b08bf22ea9..71f0941b46ce1 100644
--- a/core/Controller/OCJSController.php
+++ b/core/Controller/OCJSController.php
@@ -98,7 +98,6 @@ public function __construct($appName,
 
 	/**
 	 * @NoCSRFRequired
-	 * @NoTwoFactorRequired
 	 * @PublicPage
 	 *
 	 * @return DataDisplayResponse
diff --git a/core/Middleware/TwoFactorMiddleware.php b/core/Middleware/TwoFactorMiddleware.php
index 4c13a99a1aabb..fbdb106b7bb59 100644
--- a/core/Middleware/TwoFactorMiddleware.php
+++ b/core/Middleware/TwoFactorMiddleware.php
@@ -83,12 +83,6 @@ public function __construct(Manager $twoFactorManager, Session $userSession, ISe
 	 * @param string $methodName
 	 */
 	public function beforeController($controller, $methodName) {
-		if ($this->reflector->hasAnnotation('NoTwoFactorRequired')) {
-			// Route handler explicitly marked to work without finished 2FA are
-			// not blocked
-			return;
-		}
-
 		if ($controller instanceof APIController && $methodName === 'poll') {
 			// Allow polling the twofactor nextcloud notifications state
 			return;