search

wso2 / product-is

Welcome to the WSO2 Identity Server source code! For info on working with the WSO2 Identity Server repository and contributing code, click the link below.
http://wso2.github.io/
Apache License 2.0
741 stars 719 forks source link

[Custom Connector] Federated Authenticator Request Does Not Return New Authenticators Due to Invisible Templates in UI. #19347

Closed melanisilva closed 7 months ago

melanisilva commented 7 months ago

Describe the issue:

Although the authenticator JAR files have been added to the /repository/components/dropins directory, they are not being returned through the API and are not visible in the authenticator list within the Custom connector.

Screenshot 2024-02-02 at 14 57 33

Screenshot 2024-02-01 at 17 47 52

How to reproduce:

  1. Follow this and add new authenticators, (SMS OTP and Email OTP authenticators.)
  2. Create a custom connector
  3. try to add a newly added authenticator from the settings tab -> New Authenticator.

Expected behavior:

Environment information (Please complete the following information; remove any unnecessary fields) :

Optional Fields

Related issues:

Suggested labels:

dasuni-30 commented 7 months ago

The newly added connection jars are not in the API call response.

Screenshot 2024-02-02 at 10 21 57

This used to work in the previous packs.

Screenshot 2024-02-01 at 14 44 28
melanisilva commented 7 months ago

Startup error log -

[2024-02-02 11:10:08,990] [] ERROR {Events.Framework} - FrameworkEvent ERROR org.osgi.framework.BundleException: Could not resolve module: org.wso2.carbon.extension.identity.authenticator.linkedin.connector [218] Unresolved requirement: Import-Package: org.wso2.carbon.identity.application.authentication.framework; version="[5.0.0,6.0.0)"

at org.eclipse.osgi.container.Module.start(Module.java:457)
at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel$1.run(ModuleContainer.java:1820)
at org.eclipse.osgi.internal.framework.EquinoxContainerAdaptor$2$1.execute(EquinoxContainerAdaptor.java:150)
at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel.incStartLevel(ModuleContainer.java:1813)
at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel.incStartLevel(ModuleContainer.java:1770)
at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel.doContainerStartLevel(ModuleContainer.java:1735)
at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel.dispatchEvent(ModuleContainer.java:1661)
at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel.dispatchEvent(ModuleContainer.java:1)
at org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:234)
at org.eclipse.osgi.framework.eventmgr.EventManager$EventThread.run(EventManager.java:345)

[2024-02-02 11:10:09,022] [] ERROR {Events.Framework} - FrameworkEvent ERROR org.osgi.framework.BundleException: Could not resolve module: org.wso2.carbon.extension.identity.authenticator.smsotp.connector [221] Unresolved requirement: Import-Package: org.apache.catalina.util; version="[1.7.0,2.0.0)"; resolution:="optional" Unresolved requirement: Import-Package: org.wso2.carbon.identity.application.authentication.framework; version="[5.12.0,6.0.0)" Unresolved requirement: Import-Package: org.wso2.carbon.extension.identity.helper.util; version="[1.0.8,2.0.0)" -> Export-Package: org.wso2.carbon.extension.identity.helper.util; bundle-symbolic-name="org.wso2.carbon.extension.identity.helper"; bundle-version="1.0.8"; version="1.0.8"; uses:="org.wso2.carbon.identity.application.authentication.framework.config.model,org.w3c.dom,org.wso2.carbon.identity.application.authentication.framework.exception,org.wso2.carbon.extension.identity.helper,org.wso2.carbon.registry.api,org.wso2.carbon.context,javax.xml.parsers,org.wso2.carbon.registry.core,org.wso2.carbon.identity.application.authentication.framework.context,org.apache.commons.logging,org.wso2.carbon.identity.core.util,org.xml.sax,org.wso2.carbon.registry.core.exceptions,org.wso2.carbon.identity.application.authentication.framework.config.builder" org.wso2.carbon.extension.identity.helper [226] Unresolved requirement: Import-Package: javax.xml.parsers; version="[1.3.0,2.0.0)"; resolution:="optional" Unresolved requirement: Import-Package: org.wso2.carbon.identity.application.authentication.framework; version="[5.0.0,6.0.0)" Unresolved requirement: Import-Package: org.wso2.carbon.extension.identity.helper; version="[1.0.8,2.0.0)" -> Export-Package: org.wso2.carbon.extension.identity.helper; bundle-symbolic-name="org.wso2.carbon.extension.identity.helper"; bundle-version="1.0.8"; version="1.0.8"; uses:="org.wso2.carbon.identity.application.common.model,org.wso2.carbon.identity.application.authentication.framework.config.model,org.wso2.carbon.identity.application.authentication.framework.exception,org.wso2.carbon.identity.application.authentication.framework,org.wso2.carbon.utils.multitenancy,org.wso2.carbon.extension.identity.helper.util,org.wso2.carbon.identity.application.authentication.framework.context,org.wso2.carbon.identity.application.authentication.framework.model,org.apache.commons.logging,org.wso2.carbon.identity.core.util,org.wso2.carbon.user.api,org.wso2.carbon.identity.application.authentication.framework.config.builder,org.apache.commons.lang,org.wso2.carbon.user.core.service,org.wso2.carbon.user.core,org.wso2.carbon.identity.mgt,org.wso2.carbon.identity.base,org.wso2.carbon.identity.mgt.store,org.wso2.carbon.identity.core.model,org.wso2.carbon.identity.mgt.dto"

at org.eclipse.osgi.container.Module.start(Module.java:457)
at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel$1.run(ModuleContainer.java:1820)
at org.eclipse.osgi.internal.framework.EquinoxContainerAdaptor$2$1.execute(EquinoxContainerAdaptor.java:150)
at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel.incStartLevel(ModuleContainer.java:1813)
at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel.incStartLevel(ModuleContainer.java:1770)
at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel.doContainerStartLevel(ModuleContainer.java:1735)
at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel.dispatchEvent(ModuleContainer.java:1661)
at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel.dispatchEvent(ModuleContainer.java:1)
at org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:234)
at org.eclipse.osgi.framework.eventmgr.EventManager$EventThread.run(EventManager.java:345)

[2024-02-02 11:10:09,068] [] ERROR {Events.Framework} - FrameworkEvent ERROR org.osgi.framework.BundleException: Could not resolve module: org.wso2.carbon.extension.identity.helper [226] Unresolved requirement: Import-Package: javax.xml.parsers; version="[1.3.0,2.0.0)"; resolution:="optional" Unresolved requirement: Import-Package: org.wso2.carbon.identity.application.authentication.framework; version="[5.0.0,6.0.0)"

at org.eclipse.osgi.container.Module.start(Module.java:457)
at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel$1.run(ModuleContainer.java:1820)
at org.eclipse.osgi.internal.framework.EquinoxContainerAdaptor$2$1.execute(EquinoxContainerAdaptor.java:150)
at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel.incStartLevel(ModuleContainer.java:1813)
at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel.incStartLevel(ModuleContainer.java:1770)
at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel.doContainerStartLevel(ModuleContainer.java:1735)
at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel.dispatchEvent(ModuleContainer.java:1661)
at org.eclipse.osgi.container.ModuleContainer$ContainerStartLevel.dispatchEvent(ModuleContainer.java:1)
at org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:234)
at org.eclipse.osgi.framework.eventmgr.EventManager$EventThread.run(EventManager.java:345)
madurangasiriwardena commented 7 months ago

@melanisilva SMS OTP federated authenticator is already available in the distribution and you don't need to add any connector. The connector available in the store is not compatible with the IS 7.0 distribution and that the reason for the startup errors.

If you see the API response you have attacked, SMS OTP authenticator is available as the 10th item. However, it seems to be hidden from the UI.

melanisilva commented 7 months ago

@melanisilva SMS OTP federated authenticator is already available in the distribution and you don't need to add any connector. The connector available in the store is not compatible with the IS 7.0 distribution and that the reason for the startup errors.

If you see the API response you have attacked, SMS OTP authenticator is available as the 10th item. However, it seems to be hidden from the UI.

ACK , Will discuss the issue with the UI team.

It appears that we may need to prioritize this issue, as all connectors from the connector store are currently non-functional due to compatibility issues with the IS 7.0 distribution. Plus, seems like resolving this issue may require some time.

madurangasiriwardena commented 7 months ago

To test out the custom federated authenticators, you can use the updated LinkedIn authenticator. Until this is hosted in the store, please use the jar at [1] for testing purposes.

[1] https://maven.wso2.org/nexus/content/repositories/releases/org/wso2/carbon/extension/identity/authenticator/outbound/linkedin/org.wso2.carbon.extension.identity.authenticator.linkedin.connector/2.0.2/org.wso2.carbon.extension.identity.authenticator.linkedin.connector-2.0.2.jar

madurangasiriwardena commented 7 months ago

@melanisilva SMS OTP federated authenticator is already available in the distribution and you don't need to add any connector. The connector available in the store is not compatible with the IS 7.0 distribution and that the reason for the startup errors.

If you see the API response you have attacked, SMS OTP authenticator is available as the 10th item. However, it seems to be hidden from the UI.

As discussed with @malithie , not being able to add connections with SMS or Email federated authenticators is expected since they are now deprecated.

asha15 commented 7 months ago

To test out the custom federated authenticators, you can use the updated LinkedIn authenticator. Until this is hosted in the store, please use the jar at [1] for testing purposes.

[1] https://maven.wso2.org/nexus/content/repositories/releases/org/wso2/carbon/extension/identity/authenticator/outbound/linkedin/org.wso2.carbon.extension.identity.authenticator.linkedin.connector/2.0.2/org.wso2.carbon.extension.identity.authenticator.linkedin.connector-2.0.2.jar

I tested federated authentication with LinkedIn using the given jar and the flow worked seamlessly.

melanisilva commented 7 months ago

To test out the custom federated authenticators, you can use the updated LinkedIn authenticator. Until this is hosted in the store, please use the jar at [1] for testing purposes.

[1] https://maven.wso2.org/nexus/content/repositories/releases/org/wso2/carbon/extension/identity/authenticator/outbound/linkedin/org.wso2.carbon.extension.identity.authenticator.linkedin.connector/2.0.2/org.wso2.carbon.extension.identity.authenticator.linkedin.connector-2.0.2.jar

Tested the shared LinkedIn custom federated authenticator.

Analysis
With a previously configured Linked in Apps, the flow works as expected. but with the newly configured LinkedIn Apps, the flow had an issue and was redirected to a Something went Wrong page. No server errors or failed network calls can be found.

Git Issue for Tracking the Mentioned Problem -

https://github.com/wso2/product-is/assets/41188245/95cf9765-599b-49bf-9c49-b51481947dc1