diff --git a/src/bundle/Security/Authorization/TwoFactorAccessDecider.php b/src/bundle/Security/Authorization/TwoFactorAccessDecider.php index 02e42bd9..cc4af7e1 100644 --- a/src/bundle/Security/Authorization/TwoFactorAccessDecider.php +++ b/src/bundle/Security/Authorization/TwoFactorAccessDecider.php @@ -43,7 +43,10 @@ public function isAccessible(Request $request, TokenInterface $token): bool } // Let routes pass, e.g. if a route needs to be callable during two-factor authentication - if (null !== $attributes && $this->accessDecisionManager->decide($token, $attributes, $request)) { + // Originally compatibility for Symfony < 6.0, true flag to support multiple attributes + // Still needed for compatibility with Symfony 7 + /** @psalm-suppress TooManyArguments */ + if (null !== $attributes && $this->accessDecisionManager->decide($token, $attributes, $request, true)) { return true; }