Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Resend OTP after 5 minutes - MFA. #175

Closed
1 of 2 tasks
mdeveracoding opened this issue Apr 18, 2022 · 4 comments
Closed
1 of 2 tasks

Resend OTP after 5 minutes - MFA. #175

mdeveracoding opened this issue Apr 18, 2022 · 4 comments
Labels
help wanted Extra attention is needed

Comments

@mdeveracoding
Copy link

ℹ️ If you have a question, please post it on the Okta Developer Forum instead. Issues in this repository are reserved for bug reports and feature requests only.

I'm submitting a

  • bug report
  • feature request

Background info

We are implementing a custom MFA UI and are using resend code or one time passcode. We are successful in using resend code. However we are running into issues when invoking resend code/OTP....especially when the code has expired after 5 minutes.

Describe your issue or request here (if necessary).

Expected behavior

Receive a new one time passcode even if the original has expired after 5 minutes.

What should have happened?

Receive a new one time passcode even if the original has expired after 5 minutes.

What went wrong?

Using the snippet of code below, we get an exception message of "com.okta.authn.sdk.InvalidTokenException: Invalid token provided". Especially when trying to get a new one time passcode after the original has expired over 5 minutes. Please keep in mind ....using the same code below we can get a new one time passcode if we request a new OTP code within 5 minutes.

try {
_authenticationResponse = _client.resendVerifyFactor(
factorId, _authenticationResponse.getStateToken(), _requestContext, AuthenticationStateHandler(result, activity)
);
} catch (exception: Exception) {
Log.d("000","Error from receiving a new one time passcode $exception")
}

Please provide log or error messages if applicable.

Steps to reproduce

Login with an account that has MFA policies. Request a new OTP after 5 minutes. Especially after the first OTP has been received via email or sms.

If the current behavior is a bug, please provide the steps to reproduce and a minimal demo if possible.

SDK Version

2.0.4
@arvindkrishnakumar-okta
Copy link
Contributor

@mdeveracoding Thanks for posting!

In your case, the stateToken could have most likely expired (not the OTP) which results in the InvalidTokenException that you are seeing. Can you inspect what value the expiresAt property of AuthenticationResponse has when you run into this issue?

@arvindkrishnakumar-okta arvindkrishnakumar-okta added the help wanted Extra attention is needed label Apr 19, 2022
Open
@mdeveracoding
Copy link
Author

@arvindkrishnakumar-okta I put a breakpoint on AuthenticationStateHandler, which handles mfaChallenge and will allow me to view the authenticationresponse. However, I don't hit this break point since I immediately fall into the exception. Is it common practice to just redirect the user back to login when this type of condition occurs?

@arvindkrishnakumar-okta
Copy link
Contributor

@mdeveracoding that's very much the possible case here.

@arvindkrishnakumar-okta
Copy link
Contributor

@mdeveracoding feel free to reopen if further support is needed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mdeveracoding @arvindkrishnakumar-okta