It doesnt allow to login to myaccount or update user identifier value when login identifier set to mobile and optional field Reg Ex removed from claim

[ShanikaWickramasinghe]

How to reproduce:

1. Enable multi attribute login for mobile claim
2. List mobile claim and remove the default regular expression given in the system for mobile claim and keep it empty
3. Update
4. Will allow to update as this field is not a mandatory field
5. Access myaccount
6. Try to login by providing the mobile value set for admin user

https://user-images.githubusercontent.com/31848014/159155156-87bb44a8-12ff-41e9-b69e-2d40f0725f2f.mp4

Actual behavior: It doesn't allow to login for myaccount Also it doesnt allow to update the value for the claim to a value that doest match with reg ex. ( As I have removed reg ex validation it should allow me to update it for any value)

Environment information (Please complete the following information; remove any unnecessary fields) : IS 5.12.0 alpha 16 h2/default

[nilasini]

@ShanikaWickramasinghe according to the documentation it is expected to add regex pattern in order to use multi attribute feature "Once you have configured WSO2 Identity Server for multi attribute login, you need to provide regular expression for the allowed claims. Some claims have a default regex. If they don't, you need to provide it." [1] https://is.docs.wso2.com/en/5.12.0/learn/multi-attribute-login/

For the issue "updating the mobile number even after deleting the regex pattern throws error", if we remove the claim configuration from the ui then we are validating it with the default regex through the code. It is an expected behaviour.

[ShanikaWickramasinghe]

@nilasini This was a negative test case carried out to check the "Mandatory and optional fields related to the feature in the UI". Dont we need to make the reg ex then a mandatory field in the UI. As I feel Giving it as a optional field and allowing to update it successfully for a user by keeping empty without giving any UI restrictions during that time and later giving a error when trying to do the login will create a bad user experience.

Also as you have mentioned when the regex is removed from the UI if it validates with the default reg ex given in the code then it should allow the user to login right. As there will be a default reg ex which is operating underneath

[nilasini]

@ShanikaWickramasinghe yes I agreed with that point. For that shall we create an improvement and add it to [1].

[1] https://github.com/wso2/product-is/issues/12340

[ShanikaWickramasinghe]

@nilasini I added it under the improvements #12340 . So shall we keep this issue opened by changing the milestone and the project. So when addressing the issue they can refer to the detailed concern in the opened issue.

[isharak]

This issue is being closed due to extended inactivity. Please feel free to reopen it if further attention is needed. Thank you for helping us keep the issue list relevant and focused!