Specificity of this bug: You haven't configured a mapping but you still do a request with a acr_values.
Setup an oauth2 environment:
- create a oauth2 provider on the top realm
- create a oauth2 agent called `DeviceGrantFlow`
- add the scope "profile"
Then try the device flow:
then you got to the page
and you enter the user_code generated, here "PmmnSBMi"
"invalid_request Invalid Request, duplicate request parameter found : user_code"
because we are redirected to