[keycloak-dev] 2.3.0.Final error when refreshing half-way into browser auth flow

Stian Thorgersen sthorger at redhat.com
Mon Oct 31 02:29:10 EDT 2016


Can you create a JIRA please?

On 28 October 2016 at 16:01, Martin Hardselius <martin.hardselius at gmail.com>
wrote:

> There seems to be a problem with refreshing in the middle of browser auth
> flow with more than one authenticators configured. The problem also appears
> when refreshing the consent view.
>
> ClientSessionCode#verifyCode() fails.
>
> This was not an issue pre 2.3.0.Final to my knowledge.
>
> Steps to reproduce the error.
>
> 1. Create a user
> 2. Log into the account client
> 3. Configure OTP
> 4. Logout
> 5. Login username/password
> 6. Refresh the page asking for OTP
>
> or
>
> 1. Tick 'require consent' for the account client
> 2. Try to log in to the account client
> 3. Refresh consent view
>
> Is this intended behaviour as of now, or is it an actual bug introduced in
> the latest build?
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>


More information about the keycloak-dev mailing list