Giter VIP home page Giter VIP logo

identity-outbound-auth-email-otp's Issues

EmailOTP not working when having multiple authenticator options in MFA

Description:
When configuring both SMSOTP and EmailOTP as authenticator options in MFA (EmailOTP is the second option) and trying EmailOTP option, Email goes as expected and UI appears to enter the code. But after entering the code and submitting the below error occurs.

org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException: Error while sending the HTTP request. 
	at org.wso2.carbon.identity.authenticator.smsotp.SMSOTPAuthenticator.proceedWithOTP(SMSOTPAuthenticator.java:475)
	at org.wso2.carbon.identity.authenticator.smsotp.SMSOTPAuthenticator.initiateAuthenticationRequest(SMSOTPAuthenticator.java:155)
	at org.wso2.carbon.identity.authenticator.smsotp.SMSOTPAuthenticator.process(SMSOTPAuthenticator.java:98)
	at org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.doAuthentication(DefaultStepHandler.java:467)
	at org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.handleResponse(DefaultStepHandler.java:441)
	at org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.handle(DefaultStepHandler.java:145)
	at org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler.handle(DefaultStepBasedSequenceHandler.java:188)
	at org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultAuthenticationRequestHandler.handle(DefaultAuthenticationRequestHandler.java:130)
	at org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator.handle(DefaultRequestCoordinator.java:142)
	at org.wso2.carbon.identity.application.authentication.framework.servlet.CommonAuthenticationServlet.doPost(CommonAuthenticationServlet.java:53).
.
#trimed content
.
Caused by: java.net.MalformedURLException: no protocol: 
	at java.net.URL.<init>(URL.java:593)
	at java.net.URL.<init>(URL.java:490)
	at java.net.URL.<init>(URL.java:439)
	at org.wso2.carbon.identity.authenticator.smsotp.SMSOTPAuthenticator.sendRESTCall(SMSOTPAuthenticator.java:884)
	at org.wso2.carbon.identity.authenticator.smsotp.SMSOTPAuthenticator.proceedWithOTP(SMSOTPAuthenticator.java:452)
	... 57 more

Suggested Labels:
Bug

Affected Product Version:
Connector versions post 2.0.5

Steps to reproduce:
Configure both SMSOTP and EmailOTP as authenticator options in MFA with EmailOTP being the second option and trying using EmailOTP option.

EmailOTP is not working as expected

  • In case of social login, if the user does not exists on Active Directory (Secondary User store DIR) the social login flows fails. In this case (user not found on Active Directory) the correct behavior should be that social login must end normally without sending and requiring any OTP code.
  • If the user does not have the email attribute value, the login flow fails. The best thing would be to configure as optional the 2 factor authentication flow.
  • Since the parameter "userAttribute" (email) must contains the social attribute, it may not be valid for all type of social authenticator. For example the attribute "email" is a valid social attribute for Facebook and Google Idp, but not for Foursquare Idp. Infact to test Fourquare social login correctly I had to configure the parameter "userAttribute" like the following
    <Parameter name="userAttribute">http://wso2.org/foursquare/claims/email</Parameter>
    So I suppose that a possible solution would be to configure more than one "userAttribute" parameters (one for each Idp type, for example as showed below) and in the connector implement a logic to read the correct one depending on Idp type.
<Parameter name="userAttributeFacebook">email</Parameter>
<Parameter name="userAttributeGoogle">email</Parameter>
<Parameter name="userAttributeFoursquare">http://wso2.org/foursquare/claims/email</Parameter>

[Improvement] Add support for HTML Templates

Description:
Currently the Email OTP Authenticator does not support HTML templates when sending emails. This improvement is to introduce the support of HTML templates in emails.

Suggested Labels:
Improvement

Affected Product Version:
IS 5.6 +

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.