[keycloak-dev] 2.3.0.Final error when refreshing half-way into browser auth flow

Martin Hardselius martin.hardselius at gmail.com
Mon Oct 31 04:14:22 EDT 2016


Created https://issues.jboss.org/browse/KEYCLOAK-3835.

On Mon, 31 Oct 2016 at 07:29 Stian Thorgersen <sthorger at redhat.com> wrote:

> Can you create a JIRA please?
>
> On 28 October 2016 at 16:01, Martin Hardselius <
> martin.hardselius at gmail.com> wrote:
>
> There seems to be a problem with refreshing in the middle of browser auth
> flow with more than one authenticators configured. The problem also appears
> when refreshing the consent view.
>
> ClientSessionCode#verifyCode() fails.
>
> This was not an issue pre 2.3.0.Final to my knowledge.
>
> Steps to reproduce the error.
>
> 1. Create a user
> 2. Log into the account client
> 3. Configure OTP
> 4. Logout
> 5. Login username/password
> 6. Refresh the page asking for OTP
>
> or
>
> 1. Tick 'require consent' for the account client
> 2. Try to log in to the account client
> 3. Refresh consent view
>
> Is this intended behaviour as of now, or is it an actual bug introduced in
> the latest build?
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>
>
>


More information about the keycloak-dev mailing list