Adding PrivacyIDEA in Reset password authentication flow throwing NullPointerException and fail to reset the password
sayedcsekuet opened this issue · 7 comments
Hi Dear,
Currently we are testing PrivacyIDEA version 1.1.0 with quarkus keycloak 19.0.2 and upward version, In every integration we are having issue during reset password action of quarkus keycloak, But the PrivacyIDEA version was working with wildfly keycloak version 16.x.x perfectly. Would you please let us know what we are missing here. Please see the attached file as configuration and the error we are getting.
Steps to reproduce the error:
- Setup the reset password follow as the attached image as reset-password-flow
- Click on the forget password from login form interface.
- It will send email with link of reset password
- Click on the link and you will get authentication error.
Hi, thanks for your detailed report.
I just wonder why you would want our provider in your reset-password-flow, since it is meant to just authenticate the second factor.
If you want to reset your password (first factor), let keycloak do it and the change/reset should propagate from the keycloak user source to privacyidea (granted they have the same source).
Hi @nilsbehlen ,
We are using PrivacyIDEA during reset password for extra security. Whether someone is trying to change the password. So after sending the token we are also verifying the user otp token. Since during reset password user is not providing the password and that time it's throwing error. But if we add checking on send password config on line 161 we can avoid the exception.
Dear @nilsbehlen,
Any update about my request from your side.
Hi, we will fix this problem with our next release, which will be soon.
The fix you proposed will only work if sendPassword is disabled. If it is enabled, the error will occur again, so we will provide a fix that fixes the root of the error.
Hi @nilsbehlen,
I have added the code now inside try catch is that a right approach to avoid that error?
Hi, almost! Check my comment on your PR.
It will take some more time before we release a new version of this because we have serveral new features coming with the release of privacyidea 3.8 which we want to include in the new release of this provider. So if you need the fix quick, you will need to build it from source (or let me know and i can do it for you)
Closed by #123