[CM-CIC] NeedInteractiveFor2fa is raised when the 2fa confirmation page could be skipped
I'm a customer of Credit Mutuel, and I've observed that after a valid 2fa, and a few days before it's invalidated (so before the 90 days), the website shows a confirmation page, proposing either to skip the confirmation, or to re-log with 2fa.
This is handled in the module's code, as far as I can tell. But it requires the browser to have the is_interactive
bit set, which is not the case when Kresus does an automatic poll. My understanding is that the CM's check_redirections
function calls into check_interactive
, raising the NeedInteractiveFor2fa
exception at this time. But skip_redo_twofa
is called before check_redirections
in init_login
, so the exception is raised before we actually see the opportunity for skipping the 2fa confirmation.