wso2 / identity-apps Goto Github PK
View Code? Open in Web Editor NEWLicense: Apache License 2.0
License: Apache License 2.0
Affected - wso2is 5.10 m8
Expected outcome: The user portal should support for offset.
Describe the bug
Multiple requests to the Gravatar API endpoint is sent with no email hash appended (null).
To Reproduce
Steps to reproduce the behavior:
Expected behavior
The gravatar request should only be sent once, ideally. If there is no gravatar image associated with the first email, only then additional requests should be sent iteratively until a gravatar image is found for an email address.
Screenshots
Affected IAM version : 5.10 m9
Identity -app version : 0.1.152-SNAPSHOT
Type: Improvement
Severity: Medium
Priority: High
Description
After filling in all the data and clicking on the "Register", it will move to an empty page.
Expected improvement :
it is better if we can display a conformation message box
EX: Confirmation link has been sent to your email
Affected version:
wso2is: wso2is-5.10.0-alpha3-SNAPSHOT
Identity -app: 0.9.11-SNAPSHOT
Describe the bug
Screenshots:
Initially, Log in with a user who has permission to view operations(e.g admin),
Description
User able to Register user and will get email confirmation message without checking "Privacy Policy" checkbox
Scenario: Self user registration -> Create New Account (https://localhost:9443/accountrecoveryendpoint/signup.do)
Step to reproduce:
Enter all required fields, and try to click Register without checking "I hereby confirm that I have read and understood the Privacy Policy"
Describe the bug
From the user-portal, we can associate users who do not have login permission. Then when we try to switch to that user, user-portal goes to the logout page.
Expected behavior
The current behavior is somewhat ok, but we can improve the experience in the following ways,
Describe the bug
Footer is overlapping the App content body content.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Shouldn't overlap the Body content.
Desktop (please complete the following information):
Describe the bug
$subject. Built a product on top of wso2/product-is@d0302d0.
To Reproduce
Steps to reproduce the behavior:
If you add basic authentication in step 3 above, it would looks like following,
To Reproduce
Steps to reproduce the behavior:
User Portal
SP. Expand Local & Outbound Authentication Configuration
section and click on Advanced Configuration
option button.Add Authentication Step
and select identifier-first
from the Local Authenticators
section and click on Add Authenticator
button.Add Authentication Step
again and select basic
from the Local Authenticators
section and click on Add Authenticator
button.Advanced Authentication Configuration
s and click update on the next page to save all changes to the 'Service Provider`User Portal
.Expected behavior
Issue 1: Type user name and click on continue. It will ended up with an error page,
TID: [-1234] [authenticationendpoint] [2019-12-15 19:46:12,418] [04aa31ab-e829-4624-af3f-86a415e6a718] ERROR {org.wso2.carbon.identity.application.authentication.endpoint.util.AuthContextAPIClient} - Sending GET request to URL : https://localhost:9443/api/identity/auth/v1.1/context/48f11a36-6f64-4a59-b53a-ca4ba8ee0dc1failed. java.io.IOException: Server returned HTTP response code: 401 for URL: https://localhost:9443/api/identity/auth/v1.1/context/48f11a36-6f64-4a59-b53a-ca4ba8ee0dc1
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1894)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:263)
at org.wso2.carbon.identity.application.authentication.endpoint.util.AuthContextAPIClient.getContextProperties(AuthContextAPIClient.java:69)
at org.apache.jsp.login_jsp._jspService(login_jsp.java:374)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:476)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:385)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:329)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:712)
at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:459)
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:384)
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:312)
at org.wso2.carbon.identity.application.authentication.endpoint.util.filter.AuthenticationEndpointFilter.doFilter(AuthenticationEndpointFilter.java:179)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:126)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
at org.wso2.carbon.identity.context.rewrite.valve.TenantContextRewriteValve.invoke(TenantContextRewriteValve.java:80)
at org.wso2.carbon.identity.authz.valve.AuthorizationValve.invoke(AuthorizationValve.java:110)
at org.wso2.carbon.identity.auth.valve.AuthenticationValve.invoke(AuthenticationValve.java:74)
at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:49)
at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62)
at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:145)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:678)
at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57)
at org.wso2.carbon.tomcat.ext.valves.RequestEncodingValve.invoke(RequestEncodingValve.java:49)
at org.wso2.carbon.tomcat.ext.valves.RequestCorrelationIdValve.invoke(RequestCorrelationIdValve.java:116)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:853)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1587)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
TID: [-1234] [authenticationendpoint] [2019-12-15 19:46:12,427] [04aa31ab-e829-4624-af3f-86a415e6a718] ERROR {org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/authenticationendpoint].[oauth2_login.do]} - Servlet.service() for servlet [oauth2_login.do] threw exception java.lang.NullPointerException
at org.apache.jsp.login_jsp._jspService(login_jsp.java:377)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:476)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:385)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:329)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:712)
at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:459)
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:384)
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:312)
at org.wso2.carbon.identity.application.authentication.endpoint.util.filter.AuthenticationEndpointFilter.doFilter(AuthenticationEndpointFilter.java:179)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:126)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
at org.wso2.carbon.identity.context.rewrite.valve.TenantContextRewriteValve.invoke(TenantContextRewriteValve.java:80)
at org.wso2.carbon.identity.authz.valve.AuthorizationValve.invoke(AuthorizationValve.java:110)
at org.wso2.carbon.identity.auth.valve.AuthenticationValve.invoke(AuthenticationValve.java:74)
at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:49)
at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62)
at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:145)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:678)
at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57)
at org.wso2.carbon.tomcat.ext.valves.RequestEncodingValve.invoke(RequestEncodingValve.java:49)
at org.wso2.carbon.tomcat.ext.valves.RequestCorrelationIdValve.invoke(RequestCorrelationIdValve.java:116)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:853)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1587)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
TID: [-1234] [authenticationendpoint] [2019-12-15 19:46:12,480] [04aa31ab-e829-4624-af3f-86a415e6a718] ERROR {org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/authenticationendpoint].[default]} - Servlet.service() for servlet [default] in context with path [/authenticationendpoint] threw exception [An exception occurred processing [login.jsp] at line [106]
103: String contextProperties = AuthContextAPIClient.getContextProperties(authAPIURL);
104: Gson gson = new Gson();
105: Map<String, Object> parameters = gson.fromJson(contextProperties, Map.class);
106: username = (String) parameters.get("username");
107: }
108: %>
109:
Stacktrace:] with root cause java.lang.NullPointerException
at org.apache.jsp.login_jsp._jspService(login_jsp.java:377)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:476)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:385)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:329)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:712)
at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:459)
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:384)
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:312)
at org.wso2.carbon.identity.application.authentication.endpoint.util.filter.AuthenticationEndpointFilter.doFilter(AuthenticationEndpointFilter.java:179)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:126)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
at org.wso2.carbon.identity.context.rewrite.valve.TenantContextRewriteValve.invoke(TenantContextRewriteValve.java:80)
at org.wso2.carbon.identity.authz.valve.AuthorizationValve.invoke(AuthorizationValve.java:110)
at org.wso2.carbon.identity.auth.valve.AuthenticationValve.invoke(AuthenticationValve.java:74)
at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:49)
at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62)
at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:145)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:678)
at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57)
at org.wso2.carbon.tomcat.ext.valves.RequestEncodingValve.invoke(RequestEncodingValve.java:49)
at org.wso2.carbon.tomcat.ext.valves.RequestCorrelationIdValve.invoke(RequestCorrelationIdValve.java:116)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:853)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1587)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
Issue 2: In the identifier first step, type username and press enter. It's redirect user to registration page.
Is your feature request related to a problem? Please describe.
The label of the claims in the profile page don/t support translation.
Describe the solution you'd like
Since the profile page obtains the label to be displayed for claims from the displayName attribute of the schema attributes, translated versions of the display names should be available to support localization.
Affected version: wso2is-5.10.m7 (DEV)
Description
If there are no filers, Applications page shows that "No results found"
Affected Version:
-IAM version: 5.10 m9
Identity -app version - 0.1.152-SNAPSHOT
Type: Bug
-Severity: Medium
Priority : High
Description
The consent page does not redirect to the home page when clicking on cancel.
Tested Environment:
Describe the bug
When SCIM not enabled for the user-store user-portal goes to an inconsistent state after the login.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
The user-portal should relay on the id_token for user attributes and disable any features which use the SCIM.
Affected product version: wso2is-5.10.0-alpha2-SNAPSHOT
Identity -App: 0.9.8-SNAPSHOT
Description
Unable to view Personal Infor: when user creates via SCIM 2.0
curl -v -k --user admin:admin --data '{"schemas":[],"name":{"familyName":"jackson","givenName":"kim"},"userName":"kim","password":"kimwso2","emails":[{"primary":true,"value":"[email protected]","type":"home"},{"value":"[email protected]","type":"work"}]}' --header "Content-Type:application/json" https://localhost:9443/scim2/Users
Response :
{"emails":
[
{"type":"work","value":"[email protected]"},{"type":"home","value":"[email protected]"}
],
"meta":{"created":"2020-01-10T16:24:15.279577Z","location":"https://localhost:9443/scim2/Users/fcd8c49a-1fb4-4ae8-a41a-60026fe26117","lastModified":"2020-01-10T16:24:15.279577Z","resourceType":"User"},
"schemas":["urn:ietf:params:scim:schemas:core:2.0:User","urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"],
"roles":[
{"type":"default","value":"Internal/everyone"}
],
"name":{
"givenName":"kim",
"familyName":"jackson"
},
"id":"fcd8c49a-1fb4-4ae8-a41a-60026fe26117","userName":"kim"
}
followed document : https://is.docs.wso2.com/en/5.9.0/develop/using-the-scim-2.0-rest-apis/#post-create-user
Please follow the attached document: ( issues are highlighted)
https://docs.google.com/document/d/17WeJPSUOzDf8kf8woSNZmKZxqVmQ1MPfu2xzYr74f_A/edit
Affected Version:
-IAM version: 5.10 m9
-Identity -app version - 0.1.152-SNAPSHOT
-Type: Bug
-Severity: Medium
-Priority : High
**Description **
Either user created with mobile number, via management console or
the mobile number updated via user portal, it is not updated in the "Complete your profile"->"optional fields completed" section
Test Environment
Affected version: is_5 10 m9, -Identity -app version - 0.1.152-SNAPSHOT
Description
Default user Profile (management console) claims are not synced with Personal info-> user profile claims.
**
management console, by using wso2 http://wso2.org/claims, but in user profile get claims through scim dialect, so this may be the cause of this issue.
Note the below image,
When there are mix of applications,
it can see following issues,
Recent Application
section has an inconsistency with the size of tilesAll Application
section also has the same consistency as above which is only visible when hover over the mouse pointer on different applicationsAll Application
section, in applications that does not have descriptions, the application name seems to be more positioned towards the top, compared to ones that have the descriptions.Describe the bug
In the user portal, sessions can be terminated by extending the corresponding session description and clicking on the Terminate
button or by clicking on Terminate All
button from the user sessions section in the security page. Once either action is performed the sessions list is not getting updated.
To Reproduce
Steps to reproduce the behavior:
show more
button.Terminate
button.Expected behavior
The details section should get retracted and the sessions list should be updated. The terminated session should not be on the list.
Screenshots
Desktop
Describe the bug
As the SaaS application option is getting removed, tenant wise support for user-portal has to be implemented.
Affected version :
wso2is-5.10.0-m10-SNAPSHOT
identity app - 0.1.167-SNAPSHOT
Describe the bug
npm audit
report will give a moderate security vulnerability for the webpack plugin uglifyjs-webpack-plugin
which has an outdated dependency serialize-javascript
in it's dependency list.
To Reproduce
Steps to reproduce the behavior:
npm audit
to get the report.Expected behavior
The npm audit
command shouldn't have any vulnerabilities listed.
Desktop (please complete the following information):
Is your feature request related to a problem? Please describe.
Tried SMS OTP flow where I have basic authenticator as the step 1 and SMS OTP IDP as the step 2.
Step-1 basic login page looks like this,
while the step-2 SMS OTP page looks like this,
Cannot have disconnected UX, hence as the first iteration it should have all the OOTB shipped endpoints to use same styling pattern.
As of 5.10.0-m9, following endpoints are available OOTB.
accountrecoveryendpoint
authenticationendpoint
emailotpauthenticationendpoint
smsotpauthenticationendpoint
totpauthenticationendpoint
user-portal
x509certificateauthenticationendpoint
Then should have a plan to update all other endpoints that product supports.
Product IS: wso2is-5.10.0-m3
Priority: Medium
Severity : Low
Describe the bug
Links to "profile data" JSON downloads the file twice.
Expected behavior
It should only do once.
Desktop (please complete the following information):
IAM Product : wso2is-5.10.0-m3
Priority : Low
Severity : Low
Describe the bug
When click on the "Logout" button, error logs are displayed in Firefox browser console
To Reproduce
Steps to reproduce the behavior:
Expected behavior
User should successfully logout without any error.
Claims are get translated in the Profile page though,
Additionally, lets get URL and other possible claims also translated by default. So if anyone enabled supported by default for OOTB claims shipped in the product, usability be intact.
Environment
A product-is m10-snapshot pack with identity-apps: 0.1.149.
Affected : wso2is-5.10.0-m6
Description
There is no option to remove Linked account- user portal
personal-info→Linked accounts
Expected behavior
There should be an ability to remove proffered linked account
Please refer:
wso2-product-is wso2/product-is#7425
Description
All the Tasks authorized to a particular Role/user, will not be listed on the grid ("Operations → Pending approvals"), when added more than 50 user tasks for the workflow. even there are no pagination to view all tasks.
Only the added task at the end is shown
Type: BUG
Severity : High
Priority : High
Steps to reproduce the behavior:
Test Environment :
Describe the bug
$subject. Refer below image,
To Reproduce
Steps to reproduce the behavior:
Built a pack on wso2/product-is@e0c67d6 updating identity-apps version as 0.1.166
User Portal
SP as discoverable.Applications
menu.Describe the bug
Mobile
claim showing a Incomplete Claim
even it have a value.
To Reproduce
Steps to reproduce the behavior:
Mobile
claim as Incomplete Claim
Environment
A product-is m10-snapshot pack with identity-apps: 0.1.149.
Description
User Poratal
Scenario: Create New Account (https://localhost:9443/accountrecoveryendpoint/signup.do)
It is better required/mandatory fields are marked with * against the field, then the user can easily identify required/mandatory fields.
Type/BUG
Affected/5.10.0
Severity/Major
Priority/High
Screenshots attached
Response comparing
SCIM 2.0 REST API
curl -v -k --user admin:admin --data '{"schemas":[],"name":{"familyName":"jackson","givenName":"kim"},"userName":"kim","password":"kimwso2","emails":[{"primary":true,"value":"[email protected]","type":"home"},{"value":"[email protected]","type":"work"}]}' --header "Content-Type:application/json" https://localhost:9443/scim2/Users
Affected version: is_5 10 m9, -Identity -app version - 0.1.152-SNAPSHOT
-Type: Bug
-Severity: Low
-Priority: High
Description
Even user sets challenge questions, consent, but those details are missing in user-profile.json
But we already mentioned in an Export profile grid,
"Download all your profile data including personal data, security questions, and consents"
Affected IS version: wso2is-5.10.0-alpha2-SNAPSHOT
Identity App: 0.9.8-SNAPSHOT
Description
Scenario: self user registration
Even password does not match with Confirm password, user can successfully register.
Step to reproduced:
Enable Self User Registration - Identity Providers > Resident and expand the Account Management Policies section.(management Console)
2. Click on "Create Account" in user portal
3. Add proper user name and click on Proceed to self Register
4. Fill fields which required, in "Create New Account" section
5. enter that, Password != Confirm password
6. Click Register
Application allow user to continue, process even password != conform password
Tested version: identity-app: 0.9.17-SNAPSHOT
Describe the bug
Issue: "Remember me" is not working in user portal
Need to look in how this can be implemented in a secure manner.
Tested Environment: wso2is m8 DEV mode
Please refer attached screenshots :
Issue 2:
Select, "Select All" then it will only select the particular checkbox.
Issue3:
Asterisk (*) symbol which uses for identity mandatory fields should be red color.
Issue 4 : Environment -windows 2016 server, Google chrome browser
When click on "Continue" without selecting any radio button
Describe the bug
Some characters in Application Name
get stripped off from the below in the Applications view in the user portal.
To Reproduce
Steps to reproduce the behavior:
Google Drive
and mark it as discoverable app.This issue observed with both Firefox and Safari, but not with Chrome.
Expected behavior
Application name should be showed without stripping out characters in edges.
Screenshots
Note the letter 'g' got stripped off in the bottom.
Desktop (please complete the following information):
When login to the user profile with valid user credentials, "Profile information" are not populated properly.
Priority : High
Severity : High
Affected Product version: wso2is-5.10.0-m3
Tested Environment:
Browser- Google chrome Version 78.0.3904.70 , Firefox 69.0.1 (64-bit),68.0.2 (64-bit), Opera mini, Microsoft Edge-Version 78.0.276.20, Safari
Database:MySQL 5.7, H2
User Store- JDBC, LDAP
OS- Mac OS, Windows Server 2016
Fire fox
Tested Environment: wso2is m8, Dev mode,
Browsers: Google-Version 78.0.3904.108 (Official Build) (64-bit) and Firefox 70.0.1 (64-bit)
Description
Getting an error, when trying to add a biometric device via User portal
"Error occurred while retrieving the device"
:9443/api/users/v1/me/webauthn/start-registration?appId=https:%2F%2Flocalhost:9000:1 GET https://localhost:9443/api/users/v1/me/webauthn/start-registration?appId=https:%2F%2Flocalhost:9000 500
Added below in identity.xml j2
"
{{fido.webauthn.enable}}
{% for origin in fido.trusted.origins %}
{{origin}}
https://localhost:9000/
https://localhost
{% endfor %}
"
Description
Step to reproduce:
Forgot password use case Login screen user portal
Initially, Management Console
Configure the email configurations in deployment.toml
[output_adapter.email]
from_address= "<email_address>"
username=""
password=""
Click on Resident found under the Identity Providers section on the Main tab of the management console.
Expand the Account Management Policies tab, then the Account Recovery tab and select the Enable Notification Based Password Recovery.
In User portal,
Click on the Forgot password link and enter a non-existing user name, select the "Recover with Email" option and submit it.
Then, the Application display an invalid confirmation message
Expected Behaviour: if the user enters the non-existing or invalid or deleted user name then there should be a display validation message for “Invalid username” or “User not exist.”
Additional context
But there is proper Error log is displaying in wso2carbon log
ERROR {org.wso2.carbon.identity.recovery.endpoint.impl.RecoverPasswordApiServiceImpl} - Unable to find an user with username: Nonexistentuser in the system.
There are some language mistakes containing WSO2 IDENTITY SERVER - COOKIE POLICY page.
Sent PR- https://github.com/wso2/identity-apps/pull/180/files
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.