Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

User is in password expired state - exception while changing password when user has only password factor enrolled and has few other required factors to enroll. #181

Open
PranithaReddyAedla opened this issue Nov 8, 2022 · 1 comment
Open

User is in password expired state - exception while changing password when user has only password factor enrolled and has few other required factors to enroll. #181

PranithaReddyAedla opened this issue Nov 8, 2022 · 1 comment
Labels
bug Something isn't working

Comments

@PranithaReddyAedla
Copy link

Describe the bug?

User is enrolled for only password factor and there are few other required factors as per authenticator enrollment policy which user is not enrolled.
Now when user goes to password expired status and tries to change password using ChangePasswordAsync() method with payload
{
NewPassword = {{newPassword}}
}

Password is being updated but in return we are getting following exception instead of proper response with "AwaitingAuthenticatorEnrollment" status since user is yet to enroll few required factors

Exception : {"Unexpected remediation step: Expected '['successWithInteractionCode or select-authenticator-authenticate']' but received ['select-authenticator-enroll'].\n Verify that your policies are configured as expected."}

In same above case
OKTA OIE Browser End Point : https://oie-tecnics-dev.oktapreview.com/idp/idx/challenge/answer
OKTA OIE Browser Response : https://jsonblob.com/1039515194677805056

What is expected to happen?

Expecting response object with "AwaitingAuthenticatorEnrollment" status after password is changed/updated.

What is the actual behavior?

Getting exception instead of response object with AwaitingAuthenticatorEnrollment status

Exception : {"Unexpected remediation step: Expected '['successWithInteractionCode or select-authenticator-authenticate']' but received ['select-authenticator-enroll'].\n Verify that your policies are configured as expected."}

Reproduction Steps?

  1. Make sure user is enrolled only for password factor and yet to enroll for few other required factors as per authenticator enrollment policy and users password is expired as per password policy.
  2. Authenticate with AuthenticationAsync() method with username and password.
  3. Then we get "PasswordExpired" status in AuthenticationAsync() response.
  4. Now user tries to change/update password using ChangePasswordAsync() method.
  5. Password will be updated.
  6. In response we except "AwaitingAuthenticatorEnrollment" status and required factors info that user is yet to enroll, but instead of that response we are getting following exception.

Exception : {"Unexpected remediation step: Expected '['successWithInteractionCode or select-authenticator-authenticate']' but received ['select-authenticator-enroll'].\n Verify that your policies are configured as expected."}

Additional Information?

No response

.NET Version

.NET core 3.1

SDK Version

Okta IDX Sdk 2.2.1, Okta IDX Sdk 2.2.2, Okta IDX Sdk 2.2.3

OS version

Windows 11 :
BuildNumber Caption OSArchitecture Version
22000 Microsoft Windows 11 Pro 64-bit 10.0.22000
Windows 10 :
BuildNumber Caption OSArchitecture Version
19044 Microsoft Windows 10 Pro 64-bit 10.0.19044
@PranithaReddyAedla PranithaReddyAedla added the bug Something isn't working label Nov 8, 2022
@laura-rodriguez
Copy link
Collaborator

Hi @PranithaReddyAedla,

Thank you for reporting this issue. I filed an internal ticket to be reviewed and prioritized by the team.

Internal Ref: OKTA-549377

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@laura-rodriguez @PranithaReddyAedla