From ff3038386c78726d925508f535f6618318339c48 Mon Sep 17 00:00:00 2001
From: Marco <marco@delight.im>
Date: Fri, 16 Aug 2024 07:08:14 +0200
Subject: [PATCH] Additionally pass masked recipients to
 'SecondFactorRequiredException'

---
 src/Auth.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/Auth.php b/src/Auth.php
index b7ef68d..7167ca3 100644
--- a/src/Auth.php
+++ b/src/Auth.php
@@ -1321,10 +1321,10 @@ final class Auth extends UserManager {
 						$otpValue = $this->generateAndStoreRandomOneTimePassword($userId, $twoFactorMethod['mechanism']);
 
 						if (((int) $twoFactorMethod['mechanism']) === self::TWO_FACTOR_MECHANISM_SMS) {
-							$secondFactorRequiredException->addSmsOption($otpValue, $twoFactorMethod['seed']);
+							$secondFactorRequiredException->addSmsOption($otpValue, $twoFactorMethod['seed'], \Delight\Auth\PhoneNumber::mask($twoFactorMethod['seed']));
 						}
 						elseif (((int) $twoFactorMethod['mechanism']) === self::TWO_FACTOR_MECHANISM_EMAIL) {
-							$secondFactorRequiredException->addEmailOption($otpValue, $twoFactorMethod['seed']);
+							$secondFactorRequiredException->addEmailOption($otpValue, $twoFactorMethod['seed'], \Delight\Auth\EmailAddress::mask($twoFactorMethod['seed']));
 						}
 						else {
 							throw new InvalidStateError();