search

GluuFederation / agama-pw

Agama Project for all things password: identifier first, password expiration, account lockout.
Apache License 2.0
6 stars 17 forks source link

fix: the `agama-pw` flow fails to show username-password screen #22

Closed ossdhaval closed 3 months ago

ossdhaval commented 3 months ago

After configuring agama-pw project (release:1.0.1) on Janssen Server, when I try to trigger the flow using jans-tarp, browser shows a blank screen with url as below:

image

Request string: 

https://ossdhaval-rapid-marten.gluu.info/jans-auth/authorize.htm?scope=openid&acr_values=agama&response_type=code&redirect_uri=https%3A%2F%2Fossdhaval-rapid-marten.gluu.info&state=c6caqoxwrkh&code_challenge_method=S256&nonce=d09b7f98-2b53-4d0d-97f2-30e73cc84caf&client_id=5bad7c7d-c32b-477b-82d1-7de4a6ad9edc&code_challenge=Hs3TFmuzwTPPAI4hgih4VuNHTIS1UPw2Nf83K_4pJqQ

Steps taken to configure the project on Jans:

  1. Go to Agama lab explore section
  2. click on release tag (1.0.1)
  3. Download .gama file on Janssen server
  4. Upload the project to the Janssen Server using TUI
  5. Upload the configuration as below: 
    {
      "org.gluu.agama.pw.main": {
        "MAX_LOGIN_ATTEMPT": "6",
        "ENABLE_LOCK": "true",
        "LOCK_EXP_TIME": "180"
      }
  }
  6. use tarp to send request with following parameters image
mmrraju commented 3 months ago

Currently, we define acr value like agama_<flow_name> not need to pass additional parameters. Discussed here.