Context:
WSO2 v7.0.0
Login flow:
Step 1: Identifier First
Step 2: Username and Password
Using Conditional Authentication Script
Scenario:
a. The user visits the first web application and tries to log in. b. WSO2 shows Step 1 (Identifier First). c. The user follows the steps and successfully logs in. d. The user then opens a new tab and visits a second web application, also protected by the same WSO2 instance and have same Login Flow e. WSO2 detects an active session and skips Step 1 (Identifier First). WSO2 directly shows Step 2 (Username and Password).
Here, the user is still required to enter the username again, even though there’s an active session.
My questions:
Is it possible to automatically pass the username from context.currentKnownSubject.Identifier (in the Conditional Auth script) into Step 2 as the subject identifier, so that the user doesn’t have to type the username again?
Alternatively, is it possible to pass a string value (e.g., "idf") to Step 2 so that it can be detected in login.jsp (this page have this script String inputType = request.getParameter("inputType");. If the user coming from Identifier First, the value should be "idf") and treated as if Step 1 has already been completed?
Thanks in advance
the conditoinal code :
var onLoginRequest = function(context) {
var reqId = null;
var usernameForRegistration = null;
executeStep(1, {
onSuccess: function(context) {
subject = context.currentKnownSubject;
Log.info("POST-TRACE known subject: " + subject.identifier);
Log.info("POST-TRACE known subject: " + subject.username);
var usernameParam = context.request.params.username;
var usernameInput = (usernameParam && usernameParam.length > 0) ? usernameParam[0] : null;
Log.info("POST-TRACE Username input: " + usernameInput);
if (usernameInput) {
var isMobile = usernameInput.match(/^\+?[0-9]{10,15}$/);
var userExists = false;
try {
if (isMobile) {
Log.info("POST-TRACE User input detected as mobile");
var claims = {};
claims['http://wso2.org/claims/mobile'] = usernameInput;
var user = getUniqueUserWithClaimValues(claims, context);
userExists = (user != null);
} else {
Log.info("POST-TRACE User input detected as email or username");
// Or use 'http://wso2.org/claims/username' if stored as claim
var claims = {};
claims['http://wso2.org/claims/emailaddress'] = usernameInput;
var user = getUniqueUserWithClaimValues(claims, context);
userExists = (user != null);
}
if (userExists) {
if (isMobile) {
executeStep(3);
} else {
executeStep(2);
}
} else {
Log.info("POST-TRACE User not found");
reqId = "REQ-" + Math.floor(Math.random() * 1000000000);
usernameForRegistration = usernameInput;
httpPost('https://custom-registration-portal.com/register/request-id', {
"requestID": reqId
}, {
"X-API-Key": "sdfsf12345"
}, {
onSuccess: function(context, data) {
Log.info('httpPost call succeeded');
sendError(
'https://custom-registration-portal.com/register',
{
'callback': 'http://my-sample-web.com/Response/EAE',
'value': usernameForRegistration,
'requestID': reqId,
'clientID': 'someClientID'
}
);
},
onFail: function(context, data) {
Log.info('httpPost call failed');
// do something
}
});
}
} catch (e) {
Log.info("POST-TRACE Exception while checking user: " + e.message);
}
} else {
Log.info("POST-TRACE username : " + usernameParam);
}
}
});
};
