OTP form issues #7
Conversation
pom.xml
Outdated
| @@ -13,9 +13,9 @@ | |||
| <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> | |||
| <maven.compiler.source>${java.version}</maven.compiler.source> | |||
| <maven.compiler.target>${java.version}</maven.compiler.target> | |||
| <keycloak.version>22.0.5</keycloak.version> | |||
| <keycloak.version>24.0.3</keycloak.version> | |||
There was a problem hiding this comment.
I'm pretty sure this is going to introduce a backwards compatibility breaking change. We still need to target Keycloak 22.
There was a problem hiding this comment.
Due to java.version? Changed back to 22.0.5.
|
When is this PR targeted to merge @kotnikd3 ? anything blocking this? |
@pratibha3011, it is up to @jspizziri to approve and merge it. |
|
@pratibha3011 @kotnikd3 I need to have time to test it prior to merging it. It's on my radar and I'll get to it asap. |
|
@kotnikd3 i have some issues with it
|
@mohitcse22 I can not reproduce the issue you are describing. Can you provide Keycloak version and a screenshot of |
|
@kotnikd3 The remaining attempt logic was correct originally, but maybe the wording is confusing. The configuration form says, "Max Retries", not attempts. So if it's configured with "1", and you enter a wrong code once, you have 1 chance to retry and you can get it on the 2nd attempt. If it's 0, then it immediately fails. The "Resend email" (or "Back to Login") seems to be acting like a back button, so it does neither of those things with the auth flow and user I just tried. I have it set up as an alternative, and the first thing I see is a password form, so if I hit "Resend email", it actually just goes back to the password form. I feel like that should just be removed, or at least left as is. In the base theme, it looks like there already is another button to "Restart login". If you need to resend the code, you can always just restart the login. If that button does work for you though, you can just override that file in your theme and add those messages, instead of in here. It would just go in |
@Ken-Michalak |
| remainingAttempts--; | ||
| authSession.setAuthNote(AUTH_NOTE_REMAINING_RETRIES, Integer.toString(remainingAttempts)); |
There was a problem hiding this comment.
Move this inside the the condition.
There was a problem hiding this comment.
Revert these changes. (The button probably should just be removed, but that could be a breaking change for some.)
We could add a resend button, but to get that working properly for everyone, it would still be removing the "back to login", and adding a new button with some logic in src/main/java/com/weare5stones/keycloak/authenticators/emailotp/EmailOTPAuthenticator.java
| .setError("emailTOTPCodeInvalid", Integer.toString(remainingAttempts)).createForm(TOTP_FORM)); | ||
| } else { | ||
| // Reset login | ||
| context.resetFlow(); |
There was a problem hiding this comment.
Add an error here if you can. If you can't, I may take a look at that later.
| @@ -15,7 +15,7 @@ | |||
| <maven.compiler.target>${java.version}</maven.compiler.target> | |||
| <keycloak.version>22.0.5</keycloak.version> | |||
| <maven-shade.version>3.2.4</maven-shade.version> | |||
| <package.version>2.0.0</package.version> | |||
| <package.version>2.1.0</package.version> | |||
There was a problem hiding this comment.
This can just be 2.0.1, since it's just fixing the attempt logic when it's set as required.
Hi @jspizziri @Ken-Michalak, If you would be willing to continue with what I have started, I would be grateful. |
Fix #6
Tested on Keycloak version 22.0.5 and 24.0.3. Screenshot of the new form: