Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cannot log in with FxA without 2FA account on AAI LOW (no 2FA requirement) page [NEEDED IN PROD] #239

Open
rleitan opened this issue Dec 12, 2018 · 1 comment
Assignees

Comments

@rleitan
Copy link

rleitan commented Dec 12, 2018

[Prerequisites]:
use a Firefox account without 2FA

[Steps to reproduce]:
1.Open a new Firefox profile
2.Go https://aai-low-social-ldap-pwless.testrp.security.allizom.org/ and select Log in with Firefox
3.Enter valid email from a FxA account without 2FA
4.Enter valid password

[Expected result]:
3. The page should be redirected to accounts.stage.mozaws.net - without 2FA
4.The log in should be successful

[Actual results]:
3. The page is redirected to https://accounts.stage.mozaws.net/oauth/signin?acr_values=AAL2&action=email&response_type=code&redirect_uri=https%3A%2F%2Fauth-dev.mozilla.auth0.com%2Flogin%2Fcallback&scope=openid%20profile%20given_name&state=aJzwBlcSnVUSuQjlq4StF7e_vH6-00TT&client_id=1a118eae25503e99

4.This request requires two step authentication enabled on your account. More Information

@gdestuynder
Copy link
Contributor

oh, that's a good catch i did not think of this case
I fixed it in dev, however I'm going to leave this open and assigned to myself as its not something that is in code at this time, in order to also change it in prod when its deployed

thanks!

@gdestuynder gdestuynder self-assigned this Dec 13, 2018
@gdestuynder gdestuynder changed the title Cannot log in with FxA without 2FA account on AAI LOW (no 2FA requirement) page Cannot log in with FxA without 2FA account on AAI LOW (no 2FA requirement) page [NEEDED IN PROD] Dec 13, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants