search

wso2 / product-is

Welcome to the WSO2 Identity Server source code! For info on working with the WSO2 Identity Server repository and contributing code, click the link below.
http://wso2.github.io/
Apache License 2.0
728 stars 713 forks source link

[Migration] New configurations related to OTP pattern are added #17927

Open shanggeeth opened 7 months ago

shanggeeth commented 7 months ago

Describe the issue:

Related Issue - https://github.com/wso2/product-is/issues/14808

IS versions up to 6.1 have the following configuration supported for Account Recovery Governance Connector.

[identity_mgt.password_reset_sms]
sms_otp_regex = "custom_regex"

This is not supported in IS 7.0 and is replaced with the following new config

[identity_mgt.password_reset_email.otp]
send_otp_in_email = false
use_uppercase_in_otp = true
use_lowercase_in_otp = true
use_numeric_in_otp = true
otp_length = 6

In addition, same sms_otp_regex can be added to the following governance connectors < IS 7.0

  1. Password reset flow
  2. Self registration flow
  3. Lite user registration flow These are replaced by similar same above UI level configurations.

In addition, the following flows now support the new OTP pattern configuration

  1. Related to forced password reset

    [identity_mgt.password_reset_email.otp]
send_otp_in_email = false
use_uppercase_in_otp = true
use_lowercase_in_otp = true
use_numeric_in_otp = true
otp_length = 6

  2. Related to Ask Password flow

    [identity_mgt.user_onboarding.otp]
send_otp_in_email = false
use_uppercase_in_otp = true
use_lowercase_in_otp = true
use_numeric_in_otp = true
otp_length = 6

  3. Related to user self registration flow

    [identity_mgt.user_self_registration.otp]
send_otp_in_email = false
use_uppercase_in_otp = true
use_lowercase_in_otp = true
use_numeric_in_otp = true
otp_length = 6

  4. Related to Lite user registraion flow

    [identity_mgt.lite_user_registration.otp]
send_otp_in_email = false
use_uppercase_in_otp = true
use_lowercase_in_otp = true
use_numeric_in_otp = true
otp_length = 6

  5. Related to user claim update flow

    [identity_mgt.user_claim_update.otp]
send_otp_in_email = false
use_uppercase_in_otp = true
use_lowercase_in_otp = true
use_numeric_in_otp = true
otp_length = 6
chamathns commented 7 months ago

Wouldn't this introduce a breaking change?

shanggeeth commented 7 months ago

Wouldn't this introduce a breaking change?

The config will be backward compatible with following changes.

The new OTP pattern config will be resolved in terms on existing SMS OTP Regex pattern unless new OTP pattern config is explicitly configured for Account Recovery Governance Connector.