...

• Add in a "whitelist' rule of "Path containing" git/info/lfs . This will exclude the LFS operations from participating in the LFS operations.
• For the Repositories that have LFS enabled, don't enable the "Secured in browser through 2FA".

Manual testing steps 

Pre-requisites

1. Clone dw-lfs-handler branch.
2. Open server.soy file inside and add 1 min as an option (<option value="1">1 minute</option>) and save the file.
3. Execute atlas-debug -Dmaven.test.skip=true --jvmargs "-Xmx4028m -Xms2048m" --version 5.0.1 --data-version 5.0.1 -u 6.3.0-fef7990 from the terminal.
4. After Bitbucket is up and running, open the browser and enter in the license info. if needed.
5. When configuring 2FA:
   1. 2FA Timeout value = 1 min
   2. Restrict GIT repository activities = Yes
   3. Select Yes for the rest of the setting as well (Image Added).
6. Set your up 2fa session and have an active session.

Running the test

1. Copy the attached GITLFSTest in two-factor-authentication/testing/src/test/java folder.
2. Open the terminal and navigate to two-factor-authentication/testing folder.
3. Run mvn -Dtest=GITLFSTest test (make sure you are on an active session. If you are on a fast machine and your test is getting executed before 1min., run the test after 30 seconds are elapsed since you last entered the 2fa token.)