'Re: [Dev] [IS-5.3.0][IDENTITY-5264] Redirecting to broken page when click on link in Account Confirm'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       wsf-javascript-dev
Subject:    Re: [Dev] [IS-5.3.0][IDENTITY-5264] Redirecting to broken page when click on link in Account Confirm
From:       Isura Karunaratne <isura () wso2 ! com>
Date:       2016-11-25 12:18:08
Message-ID: CAO6_PM=ztzP4J6REbuPHUYERwvtnoyxJitqSR_-jtY=_QWOOtQ () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]

Hi Ayesha,

We have to set the callback URL as property in Rest API. We already do this
for the dashboard. I think we do not want to fix this since we can remove
callback URL from the template if it is not required.

Thanks
Isura.

*Isura Dilhara Karunaratne*
Senior Software Engineer | WSO2
Email: isura@wso2.com
Mob : +94 772 254 810
Blog : http://isurad.blogspot.com/

On Fri, Nov 25, 2016 at 5:18 PM, Ayesha Dissanayaka <ayesha@wso2.com> wrote:

> Hi,
>
> As explained in IDENTITY-5264,
> <https://wso2.org/jira/browse/IDENTITY-5264>
>
> Enable email notifications for Self-signup in Identity Governance,
> use REST API: https://localhost:9443/api/identity/user/v0.9/me to self
> signup to IS.
>
> Click on the confirmation link sent to provided email of self signed user
> and follow the dialog.
>
> It get redirected to https://localhost:9443/accountrecoveryendpoint/%7B%
> 7Bcallback%7D%7D which is a broken page.
>
> But when self signup to IS using dashboard APP UI, there is no issue with
> the email link.
>
> I did some debugging around this and identified following.
>
> Link sent in email are as below
>
> 01. via Dashboard UI :
>       https://localhost:9443/accountrecoveryendpoint/confirmregist
> ration.do?confirmation=dc2ef6fe-6a53-49e3-a3ad-
> 776b78f699d4&userstoredomain=PRIMARY&username=Ayesha7&
> tenantdomain=carbon.super&callback=https%3A%2F%
> 2Flocalhost%3A9443%2Fauthenticationendpoint%2Flogin.do%
> 3FSSOAuthSessionID%3D297252FB3257F6532042516C7CA700723D41CDE
> B868D1E4CE7EF24F2063F35FFC2E39ADA855B7A76B188444B8E7E1682432
> D671A75FB54723CACBF508F4342E824449B02D31AED838B72CF01F342524
> E150B3E83E152557002EDEEB46A22713D1FA6D983FBD953FCB32AD9B50AD
> 1EDB9618155F6B70825ED2B132C379B494F0B%26commonAuthCallerPath
> %3D%2Fsamlsso%26forceAuth%3Dfalse%26passiveAuth%3Dfalse%
> 26tenantDomain%3Dcarbon.super%26sessionDataKey%3D37754e53-b5
> e2-4c59-8afb-9f3ddd2a3c67%26relyingParty%3Dwso2.my.dashboard
> %26type%3Dsamlsso%26sp%3Dwso2_sp_dashboard%26isSaaSApp%
> 3Dtrue%26authenticators%3DBasicAuthenticator%3ALOCAL
>
> 02. via REST API:
> https://localhost:9443/accountrecoveryendpoint/confirmregist
> ration.do?confirmation=cbb8ed93-2f30-497d-8eaa-
> 651969a35b9f&userstoredomain=PRIMARY&username=Ayesha8&
> tenantdomain=carbon.super&callback={{callback}}
>
> In 02. {{callback}} URL is not set, as selfUserRegistrationRequestDTO
> properties are not set at [1] via API.
>
> Similar behavior is observed if dashboard app UI is used with URL
> https://localhost:9443/accountrecoveryendpoint/register.do, where no
> callback parameter is set.
>
> email link :   https://localhost:9443/account
> recoveryendpoint/confirmregistration.do?confirmation=
> e585cfb6-0bdc-4bbe-ab9f-ed3762ada1f6&userstoredomain=
> PRIMARY&username=Ayesha9&tenantdomain=carbon.super&callback=null
>
> What is the best way to handle this. Should we generate a callback URL if
> the request doesn't have it?
>
> [1] https://github.com/wso2-extensions/identity-governance/blob/master/
> components/org.wso2.carbon.identity.user.endpoint/src/
> main/java/org/wso2/carbon/identity/user/endpoint/impl/
> MeApiServiceImpl.java#L48
>
> Thanks!
> -Ayesha
>
> --
> *Ayesha Dissanayaka*
> Software Engineer,
> WSO2, Inc : http://wso2.com
> <http://www.google.com/url?q=http%3A%2F%2Fwso2.com&sa=D&sntz=1&usg=AFQjCNEZvyc0uMD1HhBaEGCBxs6e9fBObg>
> 20, Palmgrove Avenue, Colombo 3
> E-Mail: ayesha@wso2.com <ayshsandu@gmail.com>
>

[Attachment #5 (text/html)]

<div dir="ltr">Hi Ayesha,<div><br></div><div>We have to set the callback URL as \
property in Rest API. We already do this for the dashboard. I think we do not want to \
fix this since we can remove callback URL from the template if it is not required.  \
</div><div><br></div><div>Thanks</div><div>Isura.  </div></div><div \
class="gmail_extra"><br clear="all"><div><div class="gmail_signature" \
data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div \
dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div><div \
dir="ltr"><div><div><b>Isura Dilhara Karunaratne<br></b></div><font \
color="#666666"><font style="background-color:rgb(255,255,255)">Senior Software \
Engineer | WSO2</font></font></div><div><div dir="ltr" \
style="font-size:12.8px"><div><font color="#666666">Email:  <a \
href="mailto:isura@wso2.com" target="_blank">isura@wso2.com</a></font></div><font \
color="#666666">Mob : +94 772 254 810</font></div><div dir="ltr" \
style="font-size:12.8px"><font color="#666666">Blog :  <a \
href="http://isurad.blogspot.com/" \
target="_blank">http://isurad.blogspot.com/</a></font></div><div dir="ltr" \
style="font-size:12.8px"><br></div><font \
color="#666666"><br></font></div><div><br></div></div></div></div></div></div></div></div></div></div></div></div></div></div>
 <br><div class="gmail_quote">On Fri, Nov 25, 2016 at 5:18 PM, Ayesha Dissanayaka \
<span dir="ltr">&lt;<a href="mailto:ayesha@wso2.com" \
target="_blank">ayesha@wso2.com</a>&gt;</span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div dir="ltr">Hi,<br><br>As explained in <a \
href="https://wso2.org/jira/browse/IDENTITY-5264" \
target="_blank">IDENTITY-5264,</a><br><br>Enable email notifications for Self-signup \
in Identity Governance, <br>use REST API: <a \
href="https://localhost:9443/api/identity/user/v0.9/me" \
target="_blank">https://localhost:9443/api/<wbr>identity/user/v0.9/me</a> to self \
signup to IS.<br><br>Click on the confirmation link sent to provided email of self \
signed user and follow the dialog.<br><br>It get redirected to <a \
href="https://localhost:9443/accountrecoveryendpoint/%7B%7Bcallback%7D%7D" \
target="_blank">https://localhost:9443/<wbr>accountrecoveryendpoint/%7B%<wbr>7Bcallback%7D%7D</a> \
which is a broken page.<br clear="all"><div><br></div><div>But when self signup to IS \
using dashboard APP UI, there is no issue with the email link.<br><br></div><div>I \
did some debugging around this and identified following.<br><br></div><div>Link sent \
in email are as below<br><br></div><div>01. via Dashboard UI :<br>          <a \
href="https://localhost:9443/accountrecoveryendpoint/confirmregistration.do?confirmati \
on=dc2ef6fe-6a53-49e3-a3ad-776b78f699d4&amp;userstoredomain=PRIMARY&amp;username=Ayesh \
a7&amp;tenantdomain=carbon.super&amp;callback=https%3A%2F%2Flocalhost%3A9443%2Fauthent \
icationendpoint%2Flogin.do%3FSSOAuthSessionID%3D297252FB3257F6532042516C7CA700723D41CD \
EB868D1E4CE7EF24F2063F35FFC2E39ADA855B7A76B188444B8E7E1682432D671A75FB54723CACBF508F43 \
42E824449B02D31AED838B72CF01F342524E150B3E83E152557002EDEEB46A22713D1FA6D983FBD953FCB3 \
2AD9B50AD1EDB9618155F6B70825ED2B132C379B494F0B%26commonAuthCallerPath%3D%2Fsamlsso%26f \
orceAuth%3Dfalse%26passiveAuth%3Dfalse%26tenantDomain%3Dcarbon.super%26sessionDataKey% \
3D37754e53-b5e2-4c59-8afb-9f3ddd2a3c67%26relyingParty%3Dwso2.my.dashboard%26type%3Dsam \
lsso%26sp%3Dwso2_sp_dashboard%26isSaaSApp%3Dtrue%26authenticators%3DBasicAuthenticator%3ALOCAL" \
rel="noreferrer" target="_blank">https://localhost:9443/account<wbr>recoveryendpoint/c \
onfirmregist<wbr>ration.do?confirmation=<wbr>dc2ef6fe-6a53-49e3-a3ad-<wbr>776b78f699d4 \
&amp;userstoredomain=<wbr>PRIMARY&amp;username=Ayesha7&amp;<wbr>tenantdomain=carbon.su \
per&amp;<wbr>callback=https%3A%2F%<wbr>2Flocalhost%3A9443%2Fauthentic<wbr>ationendpoin \
t%2Flogin.do%<wbr>3FSSOAuthSessionID%3D297252FB3<wbr>257F6532042516C7CA700723D41CDE<wb \
r>B868D1E4CE7EF24F2063F35FFC2E39<wbr>ADA855B7A76B188444B8E7E1682432<wbr>D671A75FB54723 \
CACBF508F4342E82<wbr>4449B02D31AED838B72CF01F342524<wbr>E150B3E83E152557002EDEEB46A227 \
<wbr>13D1FA6D983FBD953FCB32AD9B50AD<wbr>1EDB9618155F6B70825ED2B132C379<wbr>B494F0B%26c \
ommonAuthCallerPath<wbr>%3D%2Fsamlsso%26forceAuth%<wbr>3Dfalse%26passiveAuth%3Dfalse%< \
wbr>26tenantDomain%3Dcarbon.super%<wbr>26sessionDataKey%3D37754e53-b5<wbr>e2-4c59-8afb \
-9f3ddd2a3c67%26re<wbr>lyingParty%3Dwso2.my.dashboard<wbr>%26type%3Dsamlsso%26sp%3Dwso \
2_<wbr>sp_dashboard%26isSaaSApp%<wbr>3Dtrue%26authenticators%3DBasi<wbr>cAuthenticator%3ALOCAL</a><br><br></div><div>02. \
via REST API: <br> <a rel="noreferrer" \
href="https://localhost:9443/accountrecoveryendpoint/confirmregistration.do?confirmati \
on=cbb8ed93-2f30-497d-8eaa-651969a35b9f&amp;userstoredomain=PRIMARY&amp;username=Ayesha8&amp;tenantdomain=carbon.super&amp;callback=%7B%7Bcallback%7D%7D" \
target="_blank">https://localhost:9443/account<wbr>recoveryendpoint/confirmregist<wbr> \
ration.do?confirmation=<wbr>cbb8ed93-2f30-497d-8eaa-<wbr>651969a35b9f&amp;userstoredom \
ain=<wbr>PRIMARY&amp;username=Ayesha8&amp;<wbr>tenantdomain=carbon.super&amp;<wbr>callback={{callback}}</a><br><br></div><div>In \
02. {{callback}} URL is not set, as <span \
style="color:rgb(51,51,51);font-family:consolas,&quot;liberation \
mono&quot;,menlo,courier,monospace;font-size:12px;font-style:normal;font-variant:norma \
l;font-weight:normal;letter-spacing:normal;line-height:20px;text-align:start;text-inde \
nt:0px;text-transform:none;white-space:pre-wrap;word-spacing:0px;display:inline;float:none;background-color:rgb(248,238,199)">selfUserRegistrationRequestDTO<wbr> \
</span> properties are not set at [1] via API.<br><br></div><div>Similar behavior is \
observed if dashboard app UI is used with URL <a \
href="https://localhost:9443/accountrecoveryendpoint/register.do" \
target="_blank">https://localhost:9443/<wbr>accountrecoveryendpoint/<wbr>register.do</a>, \
where no callback parameter is set.<br><br></div><div style="margin-left:40px">email \
link :     <a rel="noreferrer" \
href="https://localhost:9443/accountrecoveryendpoint/confirmregistration.do?confirmati \
on=e585cfb6-0bdc-4bbe-ab9f-ed3762ada1f6&amp;userstoredomain=PRIMARY&amp;username=Ayesha9&amp;tenantdomain=carbon.super&amp;callback=null" \
target="_blank">https://localhost:9443/account<wbr>recoveryendpoint/confirmregist<wbr> \
ration.do?confirmation=<wbr>e585cfb6-0bdc-4bbe-ab9f-<wbr>ed3762ada1f6&amp;userstoredom \
ain=<wbr>PRIMARY&amp;username=Ayesha9&amp;<wbr>tenantdomain=carbon.super&amp;<wbr>callback=null</a><br>
 </div><div><br></div><div>What is the best way to handle this. Should we generate a \
callback URL if the request doesn&#39;t have it?<br></div><div><br>[1] <a \
href="https://github.com/wso2-extensions/identity-governance/blob/master/components/or \
g.wso2.carbon.identity.user.endpoint/src/main/java/org/wso2/carbon/identity/user/endpoint/impl/MeApiServiceImpl.java#L48" \
target="_blank">https://github.com/wso2-<wbr>extensions/identity-<wbr>governance/blob/ \
master/<wbr>components/org.wso2.carbon.<wbr>identity.user.endpoint/src/<wbr>main/java/ \
org/wso2/carbon/<wbr>identity/user/endpoint/impl/<wbr>MeApiServiceImpl.java#L48</a><br><br></div><div>Thanks!<span \
class="HOEnZb"><font color="#888888"><br></font></span></div><span \
class="HOEnZb"><font color="#888888"><div>-Ayesha<br></div><div><br>-- <br><div \
class="m_-6320042592724782695gmail_signature"><div dir="ltr"><b \
style="font-size:9pt;line-height:17px;font-family:arial,sans-serif;background-color:rgb(255,255,255)"><font \
color="#000066">Ayesha Dissanayaka</font></b><br><div><div \
style="font-family:arial,sans-serif;font-size:12.7273px;background-color:rgb(255,255,255)"><div><span \
style="color:rgb(32,18,77)"><span \
style="font-family:arial,sans-serif;font-size:10.9091px;line-height:15px">Software \
Engineer,</span></span><font color="#ff9900"><span \
style="font-family:arial,sans-serif;font-size:10.9091px;line-height:15px"><br><span \
style="color:rgb(7,55,99)">WSO2, Inc : </span></span></font><span \
style="color:rgb(7,55,99)"><span \
style="font-family:arial,sans-serif;font-size:10.9091px;line-height:15px"><a \
rel="nofollow noreferrer" \
href="http://www.google.com/url?q=http%3A%2F%2Fwso2.com&amp;sa=D&amp;sntz=1&amp;usg=AFQjCNEZvyc0uMD1HhBaEGCBxs6e9fBObg" \
dir="ltr" target="_blank">http://wso2.com</a><br>20, Palmgrove Avenue, Colombo \
3</span></span></div><div style="font-size:13px"><span \
style="color:rgb(7,55,99)"><font face="Arial, sans-serif"><span \
style="font-size:11px;line-height:15px">E-Mail: <a href="mailto:ayshsandu@gmail.com" \
target="_blank">ayesha@wso2.com</a><br></span></font></span></div></div></div></div></div>
 </div></font></span></div>
</blockquote></div><br></div>

_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[prev in list] [next in list] [prev in thread] [next in thread] 