Thanks a lot Hasintha. I tried with the above approach and still got an NPE. Created a PR with a possible fix.
https://github.com/wso2-extensions/identity-extension-utils/pull/13 Do let me know if there is a better approach that works out of the box. Best Regards, On Thu, Oct 11, 2018 at 12:29 PM Hasintha Indrajee <[email protected]> wrote: > I am using the below script to re-attempt on failures from step1; > > > var rolesToStepUp = ['admin', 'Manager']; > > var errorPageParameters = { > > 'status': 'Unauthorized', > > 'statusMsg': 'You are not authorized to access this application' > > }; > > var errorPage = ''; > > function onLoginRequest(context) { > > executeBasicAuth(context); > > } > > function executeBasicAuth(context) { > > executeStep(1,{ > > onSuccess: function (context) { > > // Extracting authenticated subject from the first step > > var user = context.currentKnownSubject; > > // Checking if the user is assigned to one of the given roles > > var hasRole = hasAnyOfTheRoles(user, rolesToStepUp); > > if (hasRole) { > > Log.info(user.username + ' Has one of Roles: ' + > rolesToStepUp.toString()); > > executeStep(2); > > } else { > > sendError(errorPage, errorPageParameters); > > } > > }, > > onFail: function (context) { > > executeBasicAuth(context); > > } > > > > }); > > } > > > On Thu, Oct 11, 2018 at 2:10 PM Hasitha De Silva <[email protected]> > wrote: > >> [+ maduranga] >> >> On Wed, Oct 10, 2018 at 3:46 PM Hasitha De Silva <[email protected]> >> wrote: >> >>> Hi, >>> >>> I'm having some trouble trying to simulate the login failure scenarios >>> with conditional auth scripts. What is the ideal way to enforce the script >>> to retry login attempts ? >>> >>> Right now my script is as below; >>> >>> function onLoginRequest(context) { >>> executeStep(1, { >>> onSuccess: function(context) { >>> if (!checkIP(context)) { >>> if (!checkIPInSubnet(context)) { >>> if (step2CheckEmail(context)) { >>> executeStep(2, { >>> onFail: function(context) { >>> executeStep(2); >>> } >>> }); >>> } >>> } >>> } >>> }, >>> onFail: function(context) { >>> executeStep(1); >>> } >>> }); >>> } >>> >>> The expected flow is that the user is taken to the email otp page after >>> basic login, and then, if he/she enters the wrong OTP code, the user should >>> be allowed to retry another OTP code. However, what actually happens is >>> that the user is taken to a default IS error page with following error >>> trace : >>> >>> [2018-10-10 15:26:01,298] ERROR >>> {org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler} >>> - Code mismatch >>> org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException: >>> Code mismatch >>> at >>> org.wso2.carbon.identity.authenticator.emailotp.EmailOTPAuthenticator.processAuthenticationResponse(EmailOTPAuthenticator.java:242) >>> at >>> org.wso2.carbon.identity.application.authentication.framework.AbstractApplicationAuthenticator.process(AbstractApplicationAuthenticator.java:77) >>> at >>> org.wso2.carbon.identity.authenticator.emailotp.EmailOTPAuthenticator.process(EmailOTPAuthenticator.java:125) >>> at >>> org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.doAuthentication(DefaultStepHandler.java:490) >>> >>> [2018-10-10 15:26:01,362] ERROR >>> {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} >>> - Exception in Authentication Framework >>> java.lang.NullPointerException >>> at >>> org.wso2.carbon.extension.identity.helper.FederatedAuthenticatorUtil.setUsernameFromFirstStep(FederatedAuthenticatorUtil.java:399) >>> at >>> org.wso2.carbon.identity.authenticator.emailotp.EmailOTPAuthenticator.initiateAuthenticationRequest(EmailOTPAuthenticator.java:160) >>> at >>> org.wso2.carbon.identity.application.authentication.framework.AbstractApplicationAuthenticator.process(AbstractApplicationAuthenticator.java:71) >>> at >>> org.wso2.carbon.identity.authenticator.emailotp.EmailOTPAuthenticator.process(EmailOTPAuthenticator.java:125) >>> >>> >>> Appreciate any help :) >>> >>> >>> Best Regards, >>> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> > > > -- > Hasintha Indrajee > WSO2, Inc. > Mobile:+94 771892453 > >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
