[Dev] [IS 560] Adaptive authentication - How to handle retry scenarios

Wed, 10 Oct 2018 06:47:22 -0700 

Hi,

I'm having some trouble trying to simulate the login failure scenarios with
conditional auth scripts. What is the ideal way to enforce the script to
retry login attempts ?

Right now my script is as below;

function onLoginRequest(context) {
    executeStep(1, {
        onSuccess: function(context) {
            if (!checkIP(context)) {
                if (!checkIPInSubnet(context)) {
                    if (step2CheckEmail(context)) {
                        executeStep(2, {
                            onFail: function(context) {
                                executeStep(2);
                            }
                        });
                    }
                }
            }
        },
        onFail: function(context) {
            executeStep(1);
        }
    });
}

The expected flow is that the user is taken to the email otp page after
basic login, and then, if he/she enters the wrong OTP code, the user should
be allowed to retry another OTP code. However, what actually happens is
that the user is taken to a default IS error page with following error
trace :

[2018-10-10 15:26:01,298] ERROR
{org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler}
-  Code mismatch
org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException:
Code mismatch
at
org.wso2.carbon.identity.authenticator.emailotp.EmailOTPAuthenticator.processAuthenticationResponse(EmailOTPAuthenticator.java:242)
at
org.wso2.carbon.identity.application.authentication.framework.AbstractApplicationAuthenticator.process(AbstractApplicationAuthenticator.java:77)
at
org.wso2.carbon.identity.authenticator.emailotp.EmailOTPAuthenticator.process(EmailOTPAuthenticator.java:125)
at
org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.doAuthentication(DefaultStepHandler.java:490)

[2018-10-10 15:26:01,362] ERROR
{org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
-  Exception in Authentication Framework
java.lang.NullPointerException
at
org.wso2.carbon.extension.identity.helper.FederatedAuthenticatorUtil.setUsernameFromFirstStep(FederatedAuthenticatorUtil.java:399)
at
org.wso2.carbon.identity.authenticator.emailotp.EmailOTPAuthenticator.initiateAuthenticationRequest(EmailOTPAuthenticator.java:160)
at
org.wso2.carbon.identity.application.authentication.framework.AbstractApplicationAuthenticator.process(AbstractApplicationAuthenticator.java:71)
at
org.wso2.carbon.identity.authenticator.emailotp.EmailOTPAuthenticator.process(EmailOTPAuthenticator.java:125)


Appreciate any help :)


Best Regards,

_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev

Reply via email to