In some flows, user is asked to authorize the RP twice
Bug #938042 reported by
David Owen
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical SSO provider |
Triaged
|
Medium
|
Unassigned |
Bug Description
To reproduce:
1. Add a two-factor device to an account.
2. Set preference to always require two-factor.
3. Log out.
4. Log in with only email address and password, not entering a OTP when asked.
5. Go to an RP and log in.
6. You will be asked to allow the RP (first time). Do so.
7. You will be asked for a OTP. Enter one.
8. You will be asked to allow the RP (second time).
Changed in canonical-identity-provider: | |
milestone: | 2-factor-internal-rollout → 2-factor-post-rollout |
Changed in canonical-identity-provider: | |
importance: | Wishlist → Medium |
Changed in canonical-identity-provider: | |
milestone: | 2-factor-post-rollout → none |
To post a comment you must log in.