adding a yubikey device can result in double submit
Bug #934391 reported by
Ricardo Kirkner
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Canonical SSO provider |
Fix Released
|
Medium
|
Ricardo Kirkner | ||
Bug Description
Symptom: When adding a new YubiKey as an authentication device, the device gets added twice
Expected: The device should get added only once
Details:
When adding a new yubikey (using the generic hotp device option), after entering the OTP it's normal for the user to click on the submit button to add the device. However yubikey will already have submitted the form because it's sending a newline character along with the OTP, which triggers form submission.
One option is to protect the device submission form to prevent double submissions. Another option is to configure the yubikey so not to send the newline character.
| Changed in canonical-identity-provider: | |
| status: | New → Confirmed |
| importance: | Undecided → Medium |
| milestone: | none → 2-factor-internal-production-ready |
| tags: | added: kb-defect sp-1 |
| Changed in canonical-identity-provider: | |
| assignee: | nobody → Ricardo Kirkner (ricardokirkner) |
| status: | Confirmed → In Progress |
| Changed in canonical-identity-provider: | |
| status: | In Progress → Fix Committed |
| Changed in canonical-identity-provider: | |
| status: | Fix Committed → Fix Released |
| Changed in canonical-identity-provider: | |
| status: | Fix Released → Fix Committed |
| Changed in canonical-identity-provider: | |
| status: | Fix Committed → Fix Released |
To post a comment you must log in.
