Hi Team, I tried SMS OTP authenticator latest version (2.0.16) in both IS 5.3.0/ 5.4.1. However it does not redirect to correct authenticator URL for below authorize request
https://localhost:9443/oauth2/authorize?response_type=code&client_id=pfDJ_gLyviwF7pCg1lbwtGb6UX8a&redirect_uri=http://localhost:8080/playground2/oauth2client If I send the above request, flow will be ended with below URL https://localhost:9443/*oauth2* /smsotpauthenticationendpoint/smsotp.jsp?client_id=Mp9YoeDmOEOxONYal6pBM9qiYUwa&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fplayground2%2Foauth2client&response_type=code&tenantDomain=carbon.super&sessionDataKey=f1bee7de-1889-4b69-aee0-628fd231fd2e&relyingParty=Mp9YoeDmOEOxONYal6pBM9qiYUwa&type=oauth2&sp=sss&isSaaSApp=false&authenticators=SMSOTP As you can see context path *oauth2* is the unnecessary part. It works fine if I send authorize request with scope=openid https://localhost:9443/oauth2/authorize?response_type=code&client_id=pfDJ_gLyviwF7pCg1lbwtGb6UX8a&redirect_uri=http://localhost:8080/playground2/oauth2client&; *scope=openid* https://localhost:9443/smsotpauthenticationendpoint/smsotp.jsp?client_id=Mp9YoeDmOEOxONYal6pBM9qiYUwa&commonAuthCallerPath=%2Foauth2%2Fauthorize&forceAuth=false&passiveAuth=false&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fplayground2%2Foauth2client&response_type=code&scope=openid&tenantDomain=carbon.super&sessionDataKey=3064f03d-31ce-48f7-9720-a7b83e9d69d3&relyingParty=Mp9YoeDmOEOxONYal6pBM9qiYUwa&type=oidc&sp=sss&isSaaSApp=false&authenticators=SMSOTP Any justification for above behavior ? Please note I have configured application-authentication.xml as below <AuthenticatorConfig name="SMSOTP" enabled="true"> <Parameter name="SMSOTPAuthenticationEndpointURL">smsotpauthenticationendpoint/smsotp.jsp</Parameter> <Parameter name="SMSOTPAuthenticationEndpointErrorPage">smsotpauthenticationendpoint/smsotpError.jsp</Parameter> <Parameter name="MobileNumberRegPage">smsotpauthenticationendpoint/mobile.jsp</Parameter> <Parameter name="RetryEnable">true</Parameter> <Parameter name="ResendEnable">true</Parameter> <Parameter name="BackupCode">true</Parameter> <Parameter name="SMSOTPEnableByUserClaim">true</Parameter> <Parameter name="SMSOTPMandatory">false</Parameter> <Parameter name="CaptureAndUpdateMobileNumber">true</Parameter> <Parameter name="SendOTPDirectlyToMobile">false</Parameter> <Parameter name="redirectToMultiOptionPageOnFailure">false</Parameter> </AuthenticatorConfig> -- Gayan
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
