From 29d0fee74cbf3b0b1b8e93e6908ac31ae2b9d660 Mon Sep 17 00:00:00 2001
From: Alejandro Ibarra <alejandro.ibarra@cakedc.com>
Date: Fri, 14 Mar 2025 12:58:07 +0100
Subject: [PATCH] 89 - Allow string url for verify action

---
 .../TwoFactorProcessor/OneTimePasswordProcessor.php  |  4 ++--
 .../TwoFactorProcessor/Webauthn2faProcessor.php      |  4 ++--
 src/Authentication/TwoFactorProcessorInterface.php   |  4 ++--
 src/Middleware/TwoFactorMiddleware.php               | 12 +++++++++---
 4 files changed, 15 insertions(+), 9 deletions(-)

diff --git a/src/Authentication/TwoFactorProcessor/OneTimePasswordProcessor.php b/src/Authentication/TwoFactorProcessor/OneTimePasswordProcessor.php
index 7e1c5f9..401f98f 100644
--- a/src/Authentication/TwoFactorProcessor/OneTimePasswordProcessor.php
+++ b/src/Authentication/TwoFactorProcessor/OneTimePasswordProcessor.php
@@ -92,9 +92,9 @@ public function proceed(ServerRequestInterface $request, ResultInterface $result
      * Generates 2fa url, if enable.
      *
      * @param string $type Processor type.
-     * @return array|null
+     * @return array|string|null
      */
-    public function getUrlByType(string $type): ?array
+    public function getUrlByType(string $type): array|string|null
     {
         if ($type == $this->getType()) {
             return Configure::read('OneTimePasswordAuthenticator.verifyAction');
diff --git a/src/Authentication/TwoFactorProcessor/Webauthn2faProcessor.php b/src/Authentication/TwoFactorProcessor/Webauthn2faProcessor.php
index 622ed06..b23d686 100644
--- a/src/Authentication/TwoFactorProcessor/Webauthn2faProcessor.php
+++ b/src/Authentication/TwoFactorProcessor/Webauthn2faProcessor.php
@@ -92,9 +92,9 @@ public function proceed(ServerRequestInterface $request, ResultInterface $result
      * Generates 2fa url, if enable.
      *
      * @param string $type Processor type.
-     * @return array|null
+     * @return array|string|null
      */
-    public function getUrlByType(string $type): ?array
+    public function getUrlByType(string $type): array|string|null
     {
         if ($type == $this->getType()) {
             return Configure::read('Webauthn2fa.startAction');
diff --git a/src/Authentication/TwoFactorProcessorInterface.php b/src/Authentication/TwoFactorProcessorInterface.php
index 0a1809a..ccedd22 100644
--- a/src/Authentication/TwoFactorProcessorInterface.php
+++ b/src/Authentication/TwoFactorProcessorInterface.php
@@ -47,7 +47,7 @@ public function proceed(ServerRequestInterface $request, ResultInterface $result
      * Generates 2fa url, if enable.
      *
      * @param string $type Processor type.
-     * @return array|null
+     * @return array|string|null
      */
-    public function getUrlByType(string $type): ?array;
+    public function getUrlByType(string $type): array|string|null;
 }
diff --git a/src/Middleware/TwoFactorMiddleware.php b/src/Middleware/TwoFactorMiddleware.php
index 172376d..5d95cac 100644
--- a/src/Middleware/TwoFactorMiddleware.php
+++ b/src/Middleware/TwoFactorMiddleware.php
@@ -52,9 +52,15 @@ public function process(ServerRequestInterface $request, RequestHandlerInterface
         $session->write(CookieAuthenticator::SESSION_DATA_KEY, [
             'remember_me' => $data['remember_me'] ?? null,
         ]);
-        $url = array_merge($url, [
-            '?' => $request->getQueryParams(),
-        ]);
+        $params = $request->getQueryParams();
+        if (is_array($url)) {
+            $url = array_merge($url, [
+                '?' => $params,
+            ]);
+        } else {
+            $url .= '?' . implode('&', array_map(fn ($k, $v) => "$k=$v", array_keys($params), array_values($params)));
+        }
+
         $url = Router::url($url);
 
         return (new Response())