niharaabeywardhana / CIAM-ISVA-internal-SSO--Ncinga

0 stars 0 forks source link

ISVA(Internal) -019 OTP valid for more than the specified expiration period(> 2 minutes) #18

Open niharaabeywardhana opened 1 month ago

niharaabeywardhana commented 1 month ago

Description

#

OTP valid for more than the specified expiration period(> 2 minutes)

Environment : UAT

Step to Reproduce

#

1.Trigger OTP generation for user authentication. 2.Record the time when the OTP is generated. 3.Wait for additional minutes greater than 2 minutes (OTP expiration period).

  1. Attempt to use the OTP after 3 minutes. 5.Record the result.

Expected Result

#

The OTP should expire after 2 minutes and should not be accepted for authentication after the expiration period.

Actual Result (07/10/2024)

#

The OTP remains valid and can still be used after 3 minutes.User is navigated to the intranet.

https://github.com/user-attachments/assets/03861e6d-d859-483c-87ef-a53e6ec0d0e9

WhatsApp Image 2024-10-07 at 10 39 13

supunncinga commented 1 month ago

Fixed directly on the UAT environment. (this was a configuration and does not require a release)