Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Email Verification Gate with TX Web-hooks Configured Prompts unexpected error #2418

Open
jobannon opened this issue Aug 10, 2023 · 0 comments
Open

Email Verification Gate with TX Web-hooks Configured Prompts unexpected error #2418

jobannon opened this issue Aug 10, 2023 · 0 comments
Labels
bug Something isn't working triage

Comments

@jobannon
Copy link

jobannon commented Aug 10, 2023
edited by robotdan

Email Verification Gate with TX Web-hooks Configured Prompts unexpected error

Description

If you have configured two webhooks

  • user.email.verified
  • user.update

and you have configured the Tenant TX settings as All the Webhooks must succeed, when sending a user another verificationId at a Verification Gate landing page for email, a 500 error is returned.

Affects versions

Dev - 1.47.1

Steps to reproduce

Steps to reproduce the behavior:

  1. Create a webhook
  2. Turn on two events - user.update and user.email.verified
  3. On the tenant level, under the webhooks tab, also enable only these events. Require that they succeed - All the webhooks must succeed.
  4. Force your webhook to return a non-200 code to FusionAuth
  5. Enable email verification (this affects both workflows; registration verification too, see below videos). Allow the user to change their email address at the verification gate page.
  6. Enable Self Service User registration or add a user registration that needs to have email verification completed.
  7. Arrive at a verification gate.
  8. Adjust the email address of the user that would like to complete email verification.
  9. See a 500 error.
  10. Or try and upset to a new email address for verification and see a 500 error.

Expected behavior

Step 9/10 should not occur.
FusionAuth should return validation errors.

Platform

Dev setup. Client replicated.

Additional context

The FusionAuth syslogs do not log any information related to the 500 error.

We should review if any other affects registration verification (it does).

Failure Case #1

  • With only user.email.verified webhook enabled
  • and all the webhooks must succeed,
  • and non-200 response returned from webhooks

FusionAuth should return a 400 validation error.

500.error.mp4

Failure Case #2

  • With user.update and user.email.verified webhook enabled
  • and all the webhooks must succeed,
  • and non-200 responses returned from webhooks

FusionAuth should send the updated verification to the new email specified (end of video) and the last verification code should work (if not expired).

with-user-update-and-user.email.verified.mp4

Failure Case #3 -

  • With user.update and user.registration.verified webhook enabled
  • and all the webhooks must succeed,
  • and non-200 responses returned from webhooks

FusionAuth should return a validation error and not a 500 error.

Registration-verification.mp4

Related
@FusionAuth FusionAuth deleted a comment from jobannon Aug 14, 2023
@robotdan robotdan added bug Something isn't working triage labels Aug 14, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@robotdan @jobannon