Uploaded image for project: 'Identity Provider'
  1. Identity Provider
  2. IDP-1605

AuthenticationResult reuseCondition not re-populated for MFA subresults

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 4.0.0
    • Fix Version/s: 4.0.1
    • Component/s: Authentication
    • Labels:
      None

      Description

      In V3 the reuseCondition for testing reuse of an AuthenticationResult was attached to the underlying flow descriptor so was applied consistently at the top level or within an MFA transition.

      In V4 the condition migrated in the API to the AuthenticationResult, but I blew the deserialization that has to attach the condition to the object.

      At the top level within a Session, the flow descriptor is used as the deserializer and does the reattachment, and it works. During MFA flow use, there's a nested layer of deserializers and the one that does the work for the flow result isn't the flow descriptor and doesn't attach the condition, so it's left defaulted to alwaysTrue.

      I actually have a test case for this in production that's now broken, though isn't really being exercised.

        Attachments

          Activity

            People

            Assignee:
            cantor.2@osu.edu Scott Cantor
            Reporter:
            cantor.2@osu.edu Scott Cantor
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - Not Specified
                Not Specified
                Logged:
                Time Spent - 1 hour, 30 minutes
                1h 30m