New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Introduce step 2 for passport flow #39

Closed
jgomer2001 opened this Issue Jun 22, 2018 · 4 comments

Comments

Projects
None yet
3 participants
@jgomer2001
Contributor

jgomer2001 commented Jun 22, 2018

In last fix of security threat, if email attribute is not present in user profile, authentication fails.

We should introduce step 2 in the cust script flow to gather additional data (similar to how passportpostlogin page did previously)

We might introduce suggestions of team members on how to handle this, eg. the "emailLinkingSafe" flag

@jgomer2001 jgomer2001 added this to the 3.1.4 milestone Jun 22, 2018

@jgomer2001 jgomer2001 self-assigned this Jun 22, 2018

@yurem

This comment has been minimized.

Contributor

yurem commented Jun 23, 2018

We can add script parameter to specify list of required fields. This will cover cases when we need to ask user to provide more than only e-mail field.
Second step should be optional. And we should not send user profile data to form (we did that in old version). We can store information from step 1 in authentication session.

jgomer2001 added a commit to GluuFederation/oxAuth that referenced this issue Jul 3, 2018

jgomer2001 added a commit to GluuFederation/oxAuth that referenced this issue Jul 3, 2018

jgomer2001 added a commit to GluuFederation/oxAuth that referenced this issue Jul 5, 2018

@jgomer2001

This comment has been minimized.

Contributor

jgomer2001 commented Jul 5, 2018

We can add script parameter to specify list of required fields. This will cover cases when we need to ask user to provide more than only e-mail field.

I'll schedule this for ver4

@jgomer2001 jgomer2001 closed this Jul 5, 2018

@jgomer2001 jgomer2001 reopened this Aug 17, 2018

jgomer2001 added a commit to GluuFederation/community-edition-setup that referenced this issue Aug 18, 2018

@jgomer2001

This comment has been minimized.

Contributor

jgomer2001 commented Aug 18, 2018

requestForEmail property can be set (per strategy) when they require email value

@jgomer2001 jgomer2001 closed this Aug 18, 2018

@natt-tester

This comment has been minimized.

natt-tester commented Sep 20, 2018

Done and checked in RC6:

email

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment