I believe this is specific to the federated authenticator use within conditional auth retry flow.
Best regards, On Thu, Oct 11, 2018 at 1:58 PM Hasitha De Silva <hastef....@gmail.com> wrote: > I did try this with 5.7.0 as well .. however the NPE was still there. > > Best Regards, > > On Thu, Oct 11, 2018 at 1:54 PM Ruwan Abeykoon <ruw...@wso2.com> wrote: > >> Hi Hasitha, >> Will you able to try this on IS 5.7.0 ? >> Adaptive authentication was in dev state as at IS 5.6.0. >> Cheers, >> Ruwan >> >> On Thu, Oct 11, 2018 at 5:01 PM Hasitha De Silva <hastef....@gmail.com> >> wrote: >> >>> Thanks a lot Hasintha. >>> >>> I tried with the above approach and still got an NPE. Created a PR with >>> a possible fix. >>> >>> https://github.com/wso2-extensions/identity-extension-utils/pull/13 >>> >>> Do let me know if there is a better approach that works out of the box. >>> >>> Best Regards, >>> >>> On Thu, Oct 11, 2018 at 12:29 PM Hasintha Indrajee <hasin...@wso2.com> >>> wrote: >>> >>>> I am using the below script to re-attempt on failures from step1; >>>> >>>> >>>> var rolesToStepUp = ['admin', 'Manager']; >>>> >>>> var errorPageParameters = { >>>> >>>> 'status': 'Unauthorized', >>>> >>>> 'statusMsg': 'You are not authorized to access this application' >>>> >>>> }; >>>> >>>> var errorPage = ''; >>>> >>>> function onLoginRequest(context) { >>>> >>>> executeBasicAuth(context); >>>> >>>> } >>>> >>>> function executeBasicAuth(context) { >>>> >>>> executeStep(1,{ >>>> >>>> onSuccess: function (context) { >>>> >>>> // Extracting authenticated subject from the first step >>>> >>>> var user = context.currentKnownSubject; >>>> >>>> // Checking if the user is assigned to one of the given roles >>>> >>>> var hasRole = hasAnyOfTheRoles(user, rolesToStepUp); >>>> >>>> if (hasRole) { >>>> >>>> Log.info(user.username + ' Has one of Roles: ' + >>>> rolesToStepUp.toString()); >>>> >>>> executeStep(2); >>>> >>>> } else { >>>> >>>> sendError(errorPage, errorPageParameters); >>>> >>>> } >>>> >>>> }, >>>> >>>> onFail: function (context) { >>>> >>>> executeBasicAuth(context); >>>> >>>> } >>>> >>>> >>>> >>>> }); >>>> >>>> } >>>> >>>> >>>> On Thu, Oct 11, 2018 at 2:10 PM Hasitha De Silva <hastef....@gmail.com> >>>> wrote: >>>> >>>>> [+ maduranga] >>>>> >>>>> On Wed, Oct 10, 2018 at 3:46 PM Hasitha De Silva <hastef....@gmail.com> >>>>> wrote: >>>>> >>>>>> Hi, >>>>>> >>>>>> I'm having some trouble trying to simulate the login failure >>>>>> scenarios with conditional auth scripts. What is the ideal way to enforce >>>>>> the script to retry login attempts ? >>>>>> >>>>>> Right now my script is as below; >>>>>> >>>>>> function onLoginRequest(context) { >>>>>> executeStep(1, { >>>>>> onSuccess: function(context) { >>>>>> if (!checkIP(context)) { >>>>>> if (!checkIPInSubnet(context)) { >>>>>> if (step2CheckEmail(context)) { >>>>>> executeStep(2, { >>>>>> onFail: function(context) { >>>>>> executeStep(2); >>>>>> } >>>>>> }); >>>>>> } >>>>>> } >>>>>> } >>>>>> }, >>>>>> onFail: function(context) { >>>>>> executeStep(1); >>>>>> } >>>>>> }); >>>>>> } >>>>>> >>>>>> The expected flow is that the user is taken to the email otp page >>>>>> after basic login, and then, if he/she enters the wrong OTP code, the >>>>>> user >>>>>> should be allowed to retry another OTP code. However, what actually >>>>>> happens >>>>>> is that the user is taken to a default IS error page with following error >>>>>> trace : >>>>>> >>>>>> [2018-10-10 15:26:01,298] ERROR >>>>>> {org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler} >>>>>> - Code mismatch >>>>>> org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException: >>>>>> Code mismatch >>>>>> at >>>>>> org.wso2.carbon.identity.authenticator.emailotp.EmailOTPAuthenticator.processAuthenticationResponse(EmailOTPAuthenticator.java:242) >>>>>> at >>>>>> org.wso2.carbon.identity.application.authentication.framework.AbstractApplicationAuthenticator.process(AbstractApplicationAuthenticator.java:77) >>>>>> at >>>>>> org.wso2.carbon.identity.authenticator.emailotp.EmailOTPAuthenticator.process(EmailOTPAuthenticator.java:125) >>>>>> at >>>>>> org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.doAuthentication(DefaultStepHandler.java:490) >>>>>> >>>>>> [2018-10-10 15:26:01,362] ERROR >>>>>> {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} >>>>>> - Exception in Authentication Framework >>>>>> java.lang.NullPointerException >>>>>> at >>>>>> org.wso2.carbon.extension.identity.helper.FederatedAuthenticatorUtil.setUsernameFromFirstStep(FederatedAuthenticatorUtil.java:399) >>>>>> at >>>>>> org.wso2.carbon.identity.authenticator.emailotp.EmailOTPAuthenticator.initiateAuthenticationRequest(EmailOTPAuthenticator.java:160) >>>>>> at >>>>>> org.wso2.carbon.identity.application.authentication.framework.AbstractApplicationAuthenticator.process(AbstractApplicationAuthenticator.java:71) >>>>>> at >>>>>> org.wso2.carbon.identity.authenticator.emailotp.EmailOTPAuthenticator.process(EmailOTPAuthenticator.java:125) >>>>>> >>>>>> >>>>>> Appreciate any help :) >>>>>> >>>>>> >>>>>> Best Regards, >>>>>> >>>>> _______________________________________________ >>>>> Dev mailing list >>>>> Dev@wso2.org >>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>> >>>> >>>> >>>> -- >>>> Hasintha Indrajee >>>> WSO2, Inc. >>>> Mobile:+94 771892453 >>>> >>>> _______________________________________________ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >> >> >> -- >> >> *Ruwan Abeykoon* >> *Associate Director/Architect**,* >> *WSO2, Inc. http://wso2.com <https://wso2.com/signature> * >> *lean.enterprise.middleware.* >> >>
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
