You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
ℹ️ If you have a question, please post it on the Okta Developer Forum instead. Issues in this repository are reserved for bug reports and feature requests only.
I'm submitting a
bug report
feature request
Background info
We are implementing a custom MFA UI and are using resend code or one time passcode. We are successful in using resend code. However we are running into issues when invoking resend code/OTP....especially when the code has expired after 5 minutes.
Describe your issue or request here (if necessary).
Expected behavior
Receive a new one time passcode even if the original has expired after 5 minutes.
What should have happened?
Receive a new one time passcode even if the original has expired after 5 minutes.
What went wrong?
Using the snippet of code below, we get an exception message of "com.okta.authn.sdk.InvalidTokenException: Invalid token provided". Especially when trying to get a new one time passcode after the original has expired over 5 minutes. Please keep in mind ....using the same code below we can get a new one time passcode if we request a new OTP code within 5 minutes.
try {
_authenticationResponse = _client.resendVerifyFactor(
factorId, _authenticationResponse.getStateToken(), _requestContext, AuthenticationStateHandler(result, activity)
);
} catch (exception: Exception) {
Log.d("000","Error from receiving a new one time passcode $exception")
}
Please provide log or error messages if applicable.
Steps to reproduce
Login with an account that has MFA policies. Request a new OTP after 5 minutes. Especially after the first OTP has been received via email or sms.
If the current behavior is a bug, please provide the steps to reproduce and a minimal demo if possible.
SDK Version
2.0.4
The text was updated successfully, but these errors were encountered:
In your case, the stateToken could have most likely expired (not the OTP) which results in the InvalidTokenException that you are seeing. Can you inspect what value the expiresAt property of AuthenticationResponse has when you run into this issue?
@arvindkrishnakumar-okta I put a breakpoint on AuthenticationStateHandler, which handles mfaChallenge and will allow me to view the authenticationresponse. However, I don't hit this break point since I immediately fall into the exception. Is it common practice to just redirect the user back to login when this type of condition occurs?
ℹ️ If you have a question, please post it on the Okta Developer Forum instead. Issues in this repository are reserved for bug reports and feature requests only.
I'm submitting a
Background info
We are implementing a custom MFA UI and are using resend code or one time passcode. We are successful in using resend code. However we are running into issues when invoking resend code/OTP....especially when the code has expired after 5 minutes.
Describe your issue or request here (if necessary).
Expected behavior
Receive a new one time passcode even if the original has expired after 5 minutes.
What should have happened?
Receive a new one time passcode even if the original has expired after 5 minutes.
What went wrong?
Using the snippet of code below, we get an exception message of "com.okta.authn.sdk.InvalidTokenException: Invalid token provided". Especially when trying to get a new one time passcode after the original has expired over 5 minutes. Please keep in mind ....using the same code below we can get a new one time passcode if we request a new OTP code within 5 minutes.
try {
_authenticationResponse = _client.resendVerifyFactor(
factorId, _authenticationResponse.getStateToken(), _requestContext, AuthenticationStateHandler(result, activity)
);
} catch (exception: Exception) {
Log.d("000","Error from receiving a new one time passcode $exception")
}
Please provide log or error messages if applicable.
Steps to reproduce
Login with an account that has MFA policies. Request a new OTP after 5 minutes. Especially after the first OTP has been received via email or sms.
If the current behavior is a bug, please provide the steps to reproduce and a minimal demo if possible.
SDK Version
2.0.4
The text was updated successfully, but these errors were encountered: