azure-ad-b2c/samples

Send a new code via SMS broken in latest page layout versions

gazzyt opened this issue · 1 comments

gazzyt commented

Deploy the sample at https://github.com/azure-ad-b2c/samples/tree/master/policies/mfa-email-or-phone updated with the latest page version of the mfa page.

Steps to reproduce:

  • Register a new user
  • In MFA choice choose Phone
  • Enter region and phone number
  • Press Send Code
  • An SMS is sent to the phone
  • Wait a minute to avoid hitting the throttling
  • Click Send a New Code

Expected behaviour:

  • A new SMS is sent to the phone
  • User remains on the phone MFA page to enter the new code

Actual behaviour:

  • A new SMS is sent to the phone
  • The user is returned to the sign-in page

The issue seems to be related to the page layout version with later versions demonstrating the problem and earlier version working ok.
Page versions tested:

  • multifactor:1.2.12 - fails
  • multifactor:1.2.9 - fails
  • multifactor:1.2.8 - works
  • multifactor:1.2.7 - works
  • multifactor:1.2.5 - works

Under Chrome dev tools I see that the second request to https://******.b2clogin.com/******.onmicrosoft.com/B2C_1A_Demo_SignUp_SignIn_PhoneOrEmailMFA/Phonefactor/verify has a status of cancelled with the non-working page versions.

Tested using Chrome on Windows 10 Version 118.0.5993.120 (Official Build) (64-bit).
I want to use the latest versions as they have some useful fixes (e.g. submit when the return key is pressed).

This ended up being a platform issue that Microsoft have now fixed so I am closing this issue here.