-
Notifications
You must be signed in to change notification settings - Fork 262
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix idx recoverpassword flow - OKTA-452787 #1032
Conversation
Codecov Report
@@ Coverage Diff @@
## master #1032 +/- ##
==========================================
- Coverage 92.83% 92.54% -0.30%
==========================================
Files 138 134 -4
Lines 3770 3675 -95
Branches 784 754 -30
==========================================
- Hits 3500 3401 -99
- Misses 270 274 +4
Continue to review full report at Codecov.
|
@@ -48,29 +48,15 @@ export function getRemediator( | |||
|
|||
const T = remediators[remediation.name]; | |||
remediator = new T(remediation, values); | |||
if (flowMonitor.isRemediatorCandidate(remediator, idxRemediations, values)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
how would we filter out remediations that are valid within the idxResponse
, but don't match the desired flow?
I had to do this for idx.unlockAccount
, when remediations were:
0. identify
1. select-enroll-profile
2. unlock-account
If I called idx.unlockAccount({username: 'foo', authenticator: '...'})
, auth-js
would attempt to auto-remediate /identify
, because username
was present. To prevent this, I added:
isRemediatorCandidate(remediator, remediations?, values?) {
const prevRemediatorName = this.previousRemediator?.getName();
const remediatorName = remediator.getName();
// required to prevent /identify from auto-remediating when 'username' passed
if (remediatorName === 'identify' && !prevRemediatorName) {
return false;
}
....
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was hoping to use isRemediatorCandidate()
check for picking next remediation after polling:
- enroll-poll
- select-enrollment-channel <-
Is there a suggested way to pick non-first remediation from the list?
4fe3d22
to
ee3bbc3
Compare
e79ca2c
to
7f61d95
Compare
@@ -92,6 +92,7 @@ export default function App() { | |||
const newTransaction = flowMethod === 'idp' | |||
? await oktaAuth.idx.startTransaction() | |||
: await oktaAuth.idx[flowMethod](); | |||
console.log('Transaction:', newTransaction); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
remove this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's in test app for debugging purpose, I added it on purpose, but in the future we can add some logging logic for idx flow, and hide it behind the devMode
flag.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
OKTA-452787 <<<Jenkins Check-In of Tested SHA: 9d1c49e for eng_productivity_ci_bot_okta@okta.com>>> Artifact: okta-auth-js Files changed count: 31 PR Link: "#1032"
OKTA-458631 <<<Jenkins Check-In of Tested SHA: ba58fe6 for eng_productivity_ci_bot_okta@okta.com>>> Artifact: okta-auth-js Files changed count: 1 PR Link: "#1052"
currentAuthenticatorEnrollment-recover
action.