By: Mohana Jeyatharan user 11 Jan 2022 at 12:29 a.m. CST

3 Responses
Mohana Jeyatharan gravatar
Hi Gluu Support Team, Some details on the issue when we set the authentication profile of person auth script to one_step for super_gluu being authentication mechanism. Expected behaviour ---------------- When authentication_mode is set to one_step, we are expecting some passwordless authentication will take effect. But currently authentication is not happening in this mode. To achieve this, we simply changed the authentication_mode in Gluu admin portal related to super gluu custom script to =>one_step Current behaviour ---------- Tested the authentication_mode = one_step in two scenarios. Scenario A- The device was already registered using authentication_mode=two_step and changed the authentication_mode to one_step. Scenario B- The device registration was removed from Oxtrust UI. Then the authentication_mode was set to one_step and tried a complete enrollment/registration and authentication. The behaviour: Got a message saying push notification sent but did not reach the Super gluu device. Also when QR code option was chosen, using Super Gluu app (IOS 3.2.8) could not do any registration nor authentication. Some script log snippets ---------- 09:22:22,264 INFO [oxAuthScheduler_Worker-5] [org.gluu.service.PythonService$PythonLoggerOutputStream] (PythonService.java:243) - Super-Gluu. Initialization 2022-01-07 09:22:22,265 INFO [oxAuthScheduler_Worker-5] [org.gluu.service.PythonService$PythonLoggerOutputStream] (PythonService.java:243) - Super-Gluu. Initialize Native/SNS/Gluu notification services 2022-01-07 09:22:22,265 INFO [oxAuthScheduler_Worker-5] [org.gluu.service.PythonService$PythonLoggerOutputStream] (PythonService.java:243) - Super-Gluu. Initialize Gluu notification services 2022-01-07 09:22:22,265 INFO [oxAuthScheduler_Worker-5] [org.gluu.service.PythonService$PythonLoggerOutputStream] (PythonService.java:243) - Super-Gluu. Initialize notification services 2022-01-07 09:22:22,998 INFO [oxAuthScheduler_Worker-5] [org.gluu.service.PythonService$PythonLoggerOutputStream] (PythonService.java:243) - Super-Gluu. Initialize Gluu notification services. Assuming that 'gluu_secret_access_key' in not encrypted 2022-01-07 09:22:22,999 INFO [oxAuthScheduler_Worker-5] [org.gluu.service.PythonService$PythonLoggerOutputStream] (PythonService.java:243) - Super-Gluu. Initialize Gluu notification services. Created Android notification service 2022-01-07 09:22:22,999 INFO [oxAuthScheduler_Worker-5] [org.gluu.service.PythonService$PythonLoggerOutputStream] (PythonService.java:243) - Super-Gluu. Initialize Gluu notification services. Assuming that 'gluu_secret_access_key' in not encrypted 2022-01-07 09:22:23,000 INFO [oxAuthScheduler_Worker-5] [org.gluu.service.PythonService$PythonLoggerOutputStream] (PythonService.java:243) - Super-Gluu. Initialize Gluu notification services. Created iOS notification service 2022-01-07 09:22:23,000 INFO [oxAuthScheduler_Worker-5] [org.gluu.service.PythonService$PythonLoggerOutputStream] (PythonService.java:243) - Super-Gluu. Initialized successfully. oneStep: 'True', twoStep: 'False', pushNotifications: 'True', customLabel: 'Super Gluu' 2022-01-07 09:26:28,967 INFO [qtp222511810-19] [org.gluu.service.PythonService$PythonLoggerOutputStream] (PythonService.java:243) - Super-Gluu. Prepare for step 1 2022-01-07 09:26:28,970 INFO [qtp222511810-19] [org.gluu.service.PythonService$PythonLoggerOutputStream] (PythonService.java:243) - Super-Gluu. Prepare for step 2. Adding req_ip and req_loc to super_gluu_request 2022-01-07 09:26:28,970 INFO [qtp222511810-19] [org.gluu.service.PythonService$PythonLoggerOutputStream] (PythonService.java:243) - Super-Gluu. Determine remote location. remote_ip: '121.6.46.184' 2022-01-07 09:26:28,983 INFO [qtp222511810-19] [org.gluu.service.PythonService$PythonLoggerOutputStream] (PythonService.java:243) - Super-Gluu. Prepare for step 1. Prepared super_gluu_request: 2022-01-07 09:26:28,983 INFO [qtp222511810-19] [org.gluu.service.PythonService$PythonLoggerOutputStream] (PythonService.java:243) - {"app":"https://188.166.187.153:8080/gluu/callback","licensed":false,"req_ip":"121.6.46.184","created":"2022-01-07T09:26:28Z","issuer":"https://idp42.psbu.top","req_loc":"Singapore%2C%20%2C%20Queenstown%20Estate","state":"b70c6e23-e738-4322-9a00-c5e753a39912"} 2022-01-07 09:28:59,090 INFO [qtp222511810-20] [org.gluu.service.PythonService$PythonLoggerOutputStream] (PythonService.java:243) - Super-Gluu. Prepare for step 1 2022-01-07 09:28:59,092 INFO [qtp222511810-20] [org.gluu.service.PythonService$PythonLoggerOutputStream] (PythonService.java:243) - Super-Gluu. Prepare for step 2. Adding req_ip and req_loc to super_gluu_request 2022-01-07 09:28:59,092 INFO [qtp222511810-20] [org.gluu.service.PythonService$PythonLoggerOutputStream] (PythonService.java:243) - Super-Gluu. Determine remote location. remote_ip: '121.6.46.184' 2022-01-07 09:28:59,103 INFO [qtp222511810-20] [org.gluu.service.PythonService$PythonLoggerOutputStream] (PythonService.java:243) - Super-Gluu. Prepare for step 1. Prepared super_gluu_request: 2022-01-07 09:28:59,103 INFO [qtp222511810-20] [org.gluu.service.PythonService$PythonLoggerOutputStream] (PythonService.java:243) - {"app":"https://188.166.187.153:8080/gluu/callback","licensed":false,"req_ip":"121.6.46.184","created":"2022-01-07T09:28:59Z","issuer":"https://idp42.psbu.top","req_loc":"Singapore%2C%20%2C%20Queenstown%20Estate","state":"2dea67f4-5815-4490-9ff4-8a66c89691e1"} 2022-01-07 09:36:56,388 INFO [qtp222511810-22] [org.gluu.service.PythonService$PythonLoggerOutputStream] (PythonService.java:243) - Super-Gluu. Prepare for step 1 2022-01-07 09:36:56,395 INFO [qtp222511810-22] [org.gluu.service.PythonService$PythonLoggerOutputStream] (PythonService.java:243) - Super-Gluu. Prepare for step 2. Failed to determine session_id 2022-01-07 09:36:56,642 INFO [qtp222511810-19] [org.gluu.service.PythonService$PythonLoggerOutputStream] (PythonService.java:243) - Super-Gluu. Authenticate for step 1. Get auth_result: 'error'

By Aliaksandr Samuseu staff 11 Jan 2022 at 9:21 a.m. CST

Aliaksandr Samuseu gravatar
Hi, Mohana. I see, thanks. @Mohit.Mali , do we QA such scenario? Can we include in QA list otherwise, if it's a supported flow?

By Michael Schwartz Account Admin 11 Jan 2022 at 12:05 p.m. CST

Michael Schwartz gravatar
This is a known issue that we are working on right now. There will be a patch soon for supported customers, and then it will be fixed in 4.3.2.

By Mohana Jeyatharan user 11 Jan 2022 at 4:09 p.m. CST

Mohana Jeyatharan gravatar
Hi Aliaksandr, Mike, Got it. Thanks. Last tested sucussfully for this one_step is for Gluu 4.2.1? Is that right? Also just few additional questions in order for us to customize these scrupts in the future. [1]To activate one_step, in oxTrust UI a change to authentication_mode to one_step is sufficient or anything else to be done in the super gluu person authentication script? [2]which oxauth application or class is calling these python script's functions and also instantiating the personauthentication class?