search

wso2-extensions / identity-outbound-auth-totp

Apache License 2.0
4 stars 95 forks source link

Remove failed login lockout count claim reset logic #144

Closed ZiyamSanthosh closed 1 year ago

ZiyamSanthosh commented 1 year ago

Purpose

In a MFA scenario, if a user successfully authenticates a step, the FailedLoginLockoutCount claim gets reset. But, there can be authentication failures after a successful authentication in MFA scenarios.

Goals

Resetting the above mentioned claim only for once and it should happen after a complete successful authentication flow.

Approach

Removing the claim reset logic in authenticator level and Introducing a new post authentication handler to reset the claim after a successful authentication flow.

PR for new post authentication handler: https://github.com/wso2-extensions/identity-event-handler-account-lock/pull/119 Related issue: https://github.com/wso2/product-is/issues/14928

jenkins-is-staging commented 1 year ago

PR builder started Link: https://github.com/wso2/product-is/actions/runs/3600666522

jenkins-is-staging commented 1 year ago

PR builder completed Link: https://github.com/wso2/product-is/actions/runs/3600666522 Status: success