Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-11391

Requesting 'OAuth2.0/OIDC' auth module a second time results in display of AM's "Authentication Failed" page



    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 13.5.0, 14.0.0, 14.1.0
    • 13.5.2, 14.5.0, 14.1.2
    • oauth2, XUI
    • AM Sustaining Sprint 42
    • 3
    • Yes
    • No
    • No
    • Yes and I used the same an in the description


      Bug description

      Requesting the 'OAuth2.0/OIDC' auth module a second time directly after the first request results in the AM "Unable to Login" page being shown with the "Authentication Failed" pop-up message.

      How to reproduce the issue (Google can be used for this test)

      1. Go to https://console.developers.google.com
      2. Create a project and set the redirect uri to be http://am.fqdn:port/oauth2c/OAuthProxy.jsp
      3. Find the project's client ID and client secret
      4. In AM create an OAuth 2/OIDC authentication module using information from step 3.

      To test:

      1. Request http://am.example.com:port/am/XUI/#login/&module=oauth2 (or simply set the module to be the default for the organisation)

      The redirect to Google will take place as expected.

      2. Request http://am.example.com:port/am/XUI/#login/&module=oauth2 for a second time - the AM 'Unable to Login' page will be displayed and the user will not be sent to Google.

      Expected behaviour

      The user should be sent back to Google as occurs in the first request.

      Current behaviour

      The user is shown the AM "Unable to Login" page with the "Authentication Failed" pop-up message.

      This is an undesirable user experience.

      Work around

      Send the request a third time.


          Issue Links



              adam.heath Adam Heath
              andy.itter Andy Itter
              0 Vote for this issue
              4 Start watching this issue