Allow multiple firewalls

Controller/FormController.php

@@ -98,6 +98,8 @@ protected function getTemplateVars(Request $request, TwoFactorTokenInterface $to
         $pendingTwoFactorProviders = $token->getTwoFactorProviders();
         $displayTrustedOption = $this->trustedFeatureEnabled && (!$config->isMultiFactor() || 1 === count($pendingTwoFactorProviders));
         $authenticationException = $this->getLastAuthenticationException($request->getSession());
+        $checkPath = $config->getCheckPath();
+        $isRoute = strpos($checkPath, '/') === false;
 
         return [
             'twoFactorProvider' => $token->getCurrentTwoFactorProvider(),
@@ -110,6 +112,8 @@ protected function getTemplateVars(Request $request, TwoFactorTokenInterface $to
             'isCsrfProtectionEnabled' => $config->isCsrfProtectionEnabled(),
             'csrfParameterName' => $config->getCsrfParameterName(),
             'csrfTokenId' => $config->getCsrfTokenId(),
+            'checkPathRoute' => $isRoute ? $checkPath:null,
+            'checkPathUrl' => $isRoute ? null:$checkPath,
             'logoutPath' => $this->logoutUrlGenerator->getLogoutPath(),
         ];
     }

Resources/views/Authentication/form.html.twig

@@ -18,7 +18,7 @@ especially when you're using different route names than the ones used here.
 {# Display current two-factor provider #}
 <p class="label"><label for="_auth_code">{{ "auth_code"|trans({}, 'SchebTwoFactorBundle') }} {{ twoFactorProvider }}:</label></p>
 
-<form class="form" action="{{ path("2fa_login_check") }}" method="post">
+<form class="form" action="{{ checkPathUrl ? checkPathUrl: path(checkPathRoute) }}" method="post">
     <p class="widget">
         <input
             id="_auth_code"

Tests/Controller/FormControllerTest.php

@@ -405,6 +405,55 @@ public function form_csrfTokenGeneratorInstanceOfCsrfTokenManagerInterface_isCsr
      */
     public function form_renderForm_renderTemplateWithTemplateVars(): void
     {
+        $this->firewallConfig
+            ->expects($this->any())
+            ->method('getCheckPath')
+            ->willReturn('/2fa_check');
+
+        $this->stubTokenStorageHasTwoFactorToken();
+
+        $this->assertTemplateVars(function (array $templateVars) {
+            $this->assertArrayHasKey('twoFactorProvider', $templateVars);
+            $this->assertArrayHasKey('availableTwoFactorProviders', $templateVars);
+            $this->assertArrayHasKey('authenticationError', $templateVars);
+            $this->assertArrayHasKey('authenticationErrorData', $templateVars);
+            $this->assertArrayHasKey('displayTrustedOption', $templateVars);
+            $this->assertArrayHasKey('authCodeParameterName', $templateVars);
+            $this->assertArrayHasKey('trustedParameterName', $templateVars);
+            $this->assertArrayHasKey('isCsrfProtectionEnabled', $templateVars);
+            $this->assertArrayHasKey('csrfParameterName', $templateVars);
+            $this->assertArrayHasKey('csrfTokenId', $templateVars);
+            $this->assertArrayHasKey('checkPathRoute', $templateVars);
+            $this->assertArrayHasKey('checkPathUrl', $templateVars);
+            $this->assertArrayHasKey('logoutPath', $templateVars);
+
+            $this->assertEquals(self::CURRENT_TWO_FACTOR_PROVIDER, $templateVars['twoFactorProvider']);
+            $this->assertEquals(['provider1', 'provider2'], $templateVars['availableTwoFactorProviders']);
+            $this->assertEquals(self::AUTH_CODE_PARAM_NAME, $templateVars['authCodeParameterName']);
+            $this->assertEquals(self::TRUSTED_PARAM_NAME, $templateVars['trustedParameterName']);
+            $this->assertFalse($templateVars['isCsrfProtectionEnabled']);
+            $this->assertEquals(self::CSRF_PARAMETER, $templateVars['csrfParameterName']);
+            $this->assertEquals(self::CSRF_TOKEN_ID, $templateVars['csrfTokenId']);
+            $this->assertEquals(self::LOGOUT_PATH, $templateVars['logoutPath']);
+            $this->assertEquals('/2fa_check', $templateVars['checkPathUrl']);
+            $this->assertNull($templateVars['checkPathRoute']);
+
+            return true;
+        });
+
+        $this->controller->form($this->request);
+    }
+
+    /**
+     * @test
+     */
+    public function form_renderForm_renderTemplateWithTemplateVarsSetsRoutePath(): void
+    {
+        $this->firewallConfig
+            ->expects($this->any())
+            ->method('getCheckPath')
+            ->willReturn('admin_2fa_check');
+
         $this->stubTokenStorageHasTwoFactorToken();
 
         $this->assertTemplateVars(function (array $templateVars) {
@@ -418,6 +467,8 @@ public function form_renderForm_renderTemplateWithTemplateVars(): void
             $this->assertArrayHasKey('isCsrfProtectionEnabled', $templateVars);
             $this->assertArrayHasKey('csrfParameterName', $templateVars);
             $this->assertArrayHasKey('csrfTokenId', $templateVars);
+            $this->assertArrayHasKey('checkPathRoute', $templateVars);
+            $this->assertArrayHasKey('checkPathUrl', $templateVars);
             $this->assertArrayHasKey('logoutPath', $templateVars);
 
             $this->assertEquals(self::CURRENT_TWO_FACTOR_PROVIDER, $templateVars['twoFactorProvider']);
@@ -428,6 +479,8 @@ public function form_renderForm_renderTemplateWithTemplateVars(): void
             $this->assertEquals(self::CSRF_PARAMETER, $templateVars['csrfParameterName']);
             $this->assertEquals(self::CSRF_TOKEN_ID, $templateVars['csrfTokenId']);
             $this->assertEquals(self::LOGOUT_PATH, $templateVars['logoutPath']);
+            $this->assertEquals('admin_2fa_check', $templateVars['checkPathRoute']);
+            $this->assertNull($templateVars['checkPathUrl']);
 
             return true;
         });