I did try this with 5.7.0 as well .. however the NPE was still there. Best Regards,
On Thu, Oct 11, 2018 at 1:54 PM Ruwan Abeykoon <ruw...@wso2.com> wrote: > Hi Hasitha, > Will you able to try this on IS 5.7.0 ? > Adaptive authentication was in dev state as at IS 5.6.0. > Cheers, > Ruwan > > On Thu, Oct 11, 2018 at 5:01 PM Hasitha De Silva <hastef....@gmail.com> > wrote: > >> Thanks a lot Hasintha. >> >> I tried with the above approach and still got an NPE. Created a PR with a >> possible fix. >> >> https://github.com/wso2-extensions/identity-extension-utils/pull/13 >> >> Do let me know if there is a better approach that works out of the box. >> >> Best Regards, >> >> On Thu, Oct 11, 2018 at 12:29 PM Hasintha Indrajee <hasin...@wso2.com> >> wrote: >> >>> I am using the below script to re-attempt on failures from step1; >>> >>> >>> var rolesToStepUp = ['admin', 'Manager']; >>> >>> var errorPageParameters = { >>> >>> 'status': 'Unauthorized', >>> >>> 'statusMsg': 'You are not authorized to access this application' >>> >>> }; >>> >>> var errorPage = ''; >>> >>> function onLoginRequest(context) { >>> >>> executeBasicAuth(context); >>> >>> } >>> >>> function executeBasicAuth(context) { >>> >>> executeStep(1,{ >>> >>> onSuccess: function (context) { >>> >>> // Extracting authenticated subject from the first step >>> >>> var user = context.currentKnownSubject; >>> >>> // Checking if the user is assigned to one of the given roles >>> >>> var hasRole = hasAnyOfTheRoles(user, rolesToStepUp); >>> >>> if (hasRole) { >>> >>> Log.info(user.username + ' Has one of Roles: ' + >>> rolesToStepUp.toString()); >>> >>> executeStep(2); >>> >>> } else { >>> >>> sendError(errorPage, errorPageParameters); >>> >>> } >>> >>> }, >>> >>> onFail: function (context) { >>> >>> executeBasicAuth(context); >>> >>> } >>> >>> >>> >>> }); >>> >>> } >>> >>> >>> On Thu, Oct 11, 2018 at 2:10 PM Hasitha De Silva <hastef....@gmail.com> >>> wrote: >>> >>>> [+ maduranga] >>>> >>>> On Wed, Oct 10, 2018 at 3:46 PM Hasitha De Silva <hastef....@gmail.com> >>>> wrote: >>>> >>>>> Hi, >>>>> >>>>> I'm having some trouble trying to simulate the login failure scenarios >>>>> with conditional auth scripts. What is the ideal way to enforce the script >>>>> to retry login attempts ? >>>>> >>>>> Right now my script is as below; >>>>> >>>>> function onLoginRequest(context) { >>>>> executeStep(1, { >>>>> onSuccess: function(context) { >>>>> if (!checkIP(context)) { >>>>> if (!checkIPInSubnet(context)) { >>>>> if (step2CheckEmail(context)) { >>>>> executeStep(2, { >>>>> onFail: function(context) { >>>>> executeStep(2); >>>>> } >>>>> }); >>>>> } >>>>> } >>>>> } >>>>> }, >>>>> onFail: function(context) { >>>>> executeStep(1); >>>>> } >>>>> }); >>>>> } >>>>> >>>>> The expected flow is that the user is taken to the email otp page >>>>> after basic login, and then, if he/she enters the wrong OTP code, the user >>>>> should be allowed to retry another OTP code. However, what actually >>>>> happens >>>>> is that the user is taken to a default IS error page with following error >>>>> trace : >>>>> >>>>> [2018-10-10 15:26:01,298] ERROR >>>>> {org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler} >>>>> - Code mismatch >>>>> org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException: >>>>> Code mismatch >>>>> at >>>>> org.wso2.carbon.identity.authenticator.emailotp.EmailOTPAuthenticator.processAuthenticationResponse(EmailOTPAuthenticator.java:242) >>>>> at >>>>> org.wso2.carbon.identity.application.authentication.framework.AbstractApplicationAuthenticator.process(AbstractApplicationAuthenticator.java:77) >>>>> at >>>>> org.wso2.carbon.identity.authenticator.emailotp.EmailOTPAuthenticator.process(EmailOTPAuthenticator.java:125) >>>>> at >>>>> org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.doAuthentication(DefaultStepHandler.java:490) >>>>> >>>>> [2018-10-10 15:26:01,362] ERROR >>>>> {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} >>>>> - Exception in Authentication Framework >>>>> java.lang.NullPointerException >>>>> at >>>>> org.wso2.carbon.extension.identity.helper.FederatedAuthenticatorUtil.setUsernameFromFirstStep(FederatedAuthenticatorUtil.java:399) >>>>> at >>>>> org.wso2.carbon.identity.authenticator.emailotp.EmailOTPAuthenticator.initiateAuthenticationRequest(EmailOTPAuthenticator.java:160) >>>>> at >>>>> org.wso2.carbon.identity.application.authentication.framework.AbstractApplicationAuthenticator.process(AbstractApplicationAuthenticator.java:71) >>>>> at >>>>> org.wso2.carbon.identity.authenticator.emailotp.EmailOTPAuthenticator.process(EmailOTPAuthenticator.java:125) >>>>> >>>>> >>>>> Appreciate any help :) >>>>> >>>>> >>>>> Best Regards, >>>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> Dev@wso2.org >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>> >>> >>> -- >>> Hasintha Indrajee >>> WSO2, Inc. >>> Mobile:+94 771892453 >>> >>> _______________________________________________ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> > > > -- > > *Ruwan Abeykoon* > *Associate Director/Architect**,* > *WSO2, Inc. http://wso2.com <https://wso2.com/signature> * > *lean.enterprise.middleware.* > >
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev