[caissedepargne] for transfers, avoid EMV auth if present, choose SMS
Within a session, caissedepargne requires 2FA authentication for transfers or adding recipients. Most often, it's an SMS. But for creditcooperatif users, it might be EMV auth OTP by default. In this case, on the website, the user can reject EMV auth and switch to SMS. Reproduce here the fallback behavior. If it's SMS directly, it's ok. But if it's EMV, switch to SMS. In case of fallback, the SMS is sent after request_sms is queried, so it must be queried _before_ raising TransferStep, not _after_ as it was done it previous code. Thus, we save validation keys in browser state.
parent
64a464dd
Please register or sign in to comment