Re-entering SSO verification code results in a "stale request" error
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical SSO provider |
Triaged
|
Undecided
|
Unassigned |
Bug Description
Re-entering SSO verification code results in a "stale request" error.
Scenario:
1. Attempting to authenticate against an SSO protected endpoint I am prompted to enter in my verification code[1].
2. I incorrectly enter the wrong code in and submit the form.
3. SSO correctly denies me access and prompts me to re-enter my verification code.
4. I enter the correct code and submit the form.
5. SSO incorrectly denies me access and sends me to a 'Your page was stale.' error page[2].
6. I cannot re-enter my SSO code and I need to navigate back to the original endpoint to attempt to reauthenticate.
What I expect:
All the steps 1-4 will be the same as before, but 5 will result in me being logged in.
[1]: I'm using a Yubikey and it requires a long press to create the verification code. Occassionally I do not press long enough and it then generates an incorrect code.
[2]: The time difference between (2) and (4) is a matter of seconds.
Changed in canonical-identity-provider: | |
status: | New → In Progress |
Changed in canonical-identity-provider: | |
status: | In Progress → Triaged |