Great @joshua thanks for your help! We can do without the consent for now.
A
Latest posts made by alessandrojcm
-
RE: Unable to invoke @ValidationMethod on the class [class io.fusionauth.app.action.oauth2.CompleteRegistrationAction]posted in Q&A
-
RE: Unable to invoke @ValidationMethod on the class [class io.fusionauth.app.action.oauth2.CompleteRegistrationAction]posted in Q&A
Hi @joshua, thank you very much for your response; to your questions:
Do you happen to know the state of the user when this happened? Did they show registered to the application?
Similar to above If you query the user, what does that user look like? Do they show a registration prior to relogging in?
Yes, the user shows up in the admin panel as registered on the application and verified; the custom metadata that my webhook added to
user.datais also present.You mean, you have email verification toggled "on" on the Tenant and verify registration turned on in the application?
Perhaps more details on what you have enabled and the end goal would be helpful.Yes, that's correct; I also have the unverified behavior set to gated, but, as I said above, the user is able to verify their account correctly via the email link.
Is this a one-off or are you able to faithfully recreate this error?
Just tried registering another user and ended up having the same error.
Have you modified the freemarker templates / theme pages that are provided with the FusionAuth?
No, all the themes and templates are the default ones; with the exception of the registration form (customized using the advanced forms feature).
Are you following any guides or tutorials (FusionAuth or otherwise) when setting up this OAuth workflow?
The app is using next-auth and the FusionAuth guide to set OAuth2 for web applications.
Any other details about what you are trying to accomplish with this app (IE - just register users and have a verification flow?) might be helpful.
Right now just registering new users and login in.
If you have recreate steps (ie - set this, do this, unset this) I can try and troubleshoot this locally
Hm, I don't think I'm doing anything special; but this is what I have so far.
At the tenant level:
- Set the email verification settings on the tenant to clickable link, and the unverified behavior to gated
- Set a password policy
- Turn on
user.registration.verifiedanduser.email.verifiedwebhooks
At the system level:
- Create a single value consent
- Create a custom registration form:
- Username field (
user.username) - Email (
user.email) - Password (
user.password) - Country (This is a select field with 2 string options stored on
user.data.country) - Terms of use (This is a consent)
- Username field (
At the application level:
- Create an application
- Set generate refresh token
- Set Authorization Code, Password, and Refresh Token grants
- Set require registration to on
- Set the templates for email verification (the default ones in this case)
- Verification strategy same as tenant (this is probably unnecessary but I did it just to see if it made a difference)
- Enable self-service registration
- Set the custom registration form
After that, just try to sign up and sign in using the normal OAuth2 flow.
What my webhook does is just create a record in our database and adds that generated id to the
user.dataobject. It also adds those custom fields (country and a boolean flag) to theregistration.dataobject; but as I said above, this metadata shows on the admin UI just fine.Many thanks
-
Unable to invoke @ValidationMethod on the class [class io.fusionauth.app.action.oauth2.CompleteRegistrationAction]posted in Q&A
Hi there, I'm receiving the following exception when trying to log in using OAuth2 (through the Fusionauth managed login form). For some reason, FusionAuth Prompts the user to complete their registration although the registration was already completed (I did manage to log in once, only after login out and loging in again the problem appeared). I'm using FusionAuth 1.28 from the Docker image. The URL FusionAuth is redirecting me to is:
/oauth2/complete-registration?client_id=63c1bf74-34d9-4480-8662-61a96722f043&redirect_uri=https%3A%2F%2Flocalhost%3A4343%2Fapi%2Fauth%2Fcallback%2Ffusionauth&response_type=code&scope=offline_access&state=eba8480af10f0ad7c70e74df54d6d25aa60acd85a62556332cd8afb7b351c746&tenantId=f20182e0-7d48-668e-4349-52a0955b0f7fThe stack trace from STDOUT is:
fusionauth_1 | 2021-06-08 3:11:22.950 PM ERROR io.fusionauth.app.primeframework.error.ExceptionExceptionHandler - An unhandled exception was thrown fusionauth_1 | org.primeframework.mvc.PrimeException: Unable to invoke @ValidationMethod on the class [class io.fusionauth.app.action.oauth2.CompleteRegistrationAction] fusionauth_1 | at org.primeframework.mvc.validation.DefaultValidationProcessor.validate(DefaultValidationProcessor.java:79) fusionauth_1 | at org.primeframework.mvc.validation.DefaultValidationWorkflow.perform(DefaultValidationWorkflow.java:46) fusionauth_1 | at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51) fusionauth_1 | at org.primeframework.mvc.security.DefaultSecurityWorkflow.perform(DefaultSecurityWorkflow.java:60) fusionauth_1 | at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51) fusionauth_1 | at org.primeframework.mvc.parameter.DefaultPostParameterWorkflow.perform(DefaultPostParameterWorkflow.java:50) fusionauth_1 | at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51) fusionauth_1 | at org.primeframework.mvc.content.DefaultContentWorkflow.perform(DefaultContentWorkflow.java:52) fusionauth_1 | at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51) fusionauth_1 | at org.primeframework.mvc.parameter.DefaultParameterWorkflow.perform(DefaultParameterWorkflow.java:57) fusionauth_1 | at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51) fusionauth_1 | at org.primeframework.mvc.parameter.DefaultURIParameterWorkflow.perform(DefaultURIParameterWorkflow.java:102) fusionauth_1 | at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51) fusionauth_1 | at org.primeframework.mvc.scope.DefaultScopeRetrievalWorkflow.perform(DefaultScopeRetrievalWorkflow.java:58) fusionauth_1 | at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51) fusionauth_1 | at org.primeframework.mvc.message.DefaultMessageWorkflow.perform(DefaultMessageWorkflow.java:44) fusionauth_1 | at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51) fusionauth_1 | at org.primeframework.mvc.action.DefaultActionMappingWorkflow.perform(DefaultActionMappingWorkflow.java:126) fusionauth_1 | at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51) fusionauth_1 | at org.primeframework.mvc.workflow.StaticResourceWorkflow.perform(StaticResourceWorkflow.java:97) fusionauth_1 | at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51) fusionauth_1 | at org.primeframework.mvc.parameter.RequestBodyWorkflow.perform(RequestBodyWorkflow.java:91) fusionauth_1 | at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51) fusionauth_1 | at org.primeframework.mvc.security.DefaultSavedRequestWorkflow.perform(DefaultSavedRequestWorkflow.java:64) fusionauth_1 | at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51) fusionauth_1 | at io.fusionauth.app.primeframework.CORSFilter.doFilter(CORSFilter.java:262) fusionauth_1 | at io.fusionauth.app.primeframework.CORSRequestWorkflow.perform(CORSRequestWorkflow.java:49) fusionauth_1 | at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51) fusionauth_1 | at io.fusionauth.app.primeframework.FusionAuthMVCWorkflow.perform(FusionAuthMVCWorkflow.java:86) fusionauth_1 | at org.primeframework.mvc.workflow.DefaultWorkflowChain.continueWorkflow(DefaultWorkflowChain.java:44) fusionauth_1 | at org.primeframework.mvc.servlet.FilterWorkflowChain.continueWorkflow(FilterWorkflowChain.java:50) fusionauth_1 | at org.primeframework.mvc.servlet.PrimeFilter.doFilter(PrimeFilter.java:78) fusionauth_1 | at com.inversoft.maintenance.servlet.MaintenanceModePrimeFilter.doFilter(MaintenanceModePrimeFilter.java:63) fusionauth_1 | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) fusionauth_1 | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) fusionauth_1 | at com.inversoft.servlet.UTF8Filter.doFilter(UTF8Filter.java:27) fusionauth_1 | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) fusionauth_1 | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) fusionauth_1 | at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199) fusionauth_1 | at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) fusionauth_1 | at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:544) fusionauth_1 | at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143) fusionauth_1 | at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81) fusionauth_1 | at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) fusionauth_1 | at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:353) fusionauth_1 | at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:616) fusionauth_1 | at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) fusionauth_1 | at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:831) fusionauth_1 | at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1629) fusionauth_1 | at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) fusionauth_1 | at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1130) fusionauth_1 | at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:630) fusionauth_1 | at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) fusionauth_1 | at java.base/java.lang.Thread.run(Thread.java:832) fusionauth_1 | Caused by: org.primeframework.mvc.parameter.el.InvalidExpressionException: The expression string [c6f83-639f-48bc-a9f3-f00e4d783e57']] is invalid. fusionauth_1 | at org.primeframework.mvc.parameter.el.Expression.parse(Expression.java:246) fusionauth_1 | at org.primeframework.mvc.parameter.el.Expression.<init>(Expression.java:56) fusionauth_1 | at org.primeframework.mvc.parameter.el.DefaultExpressionEvaluator.getValue(DefaultExpressionEvaluator.java:95) fusionauth_1 | at io.fusionauth.app.service.user.DefaultRegistrationFrontendService.getValue(DefaultRegistrationFrontendService.java:386) fusionauth_1 | at io.fusionauth.app.service.user.DefaultRegistrationFrontendService.missingRequired(DefaultRegistrationFrontendService.java:439) fusionauth_1 | at io.fusionauth.app.service.user.DefaultRegistrationFrontendService.lambda$registrationComplete$5(DefaultRegistrationFrontendService.java:225) fusionauth_1 | at java.base/java.util.stream.MatchOps$1MatchSink.accept(MatchOps.java:90) fusionauth_1 | at java.base/java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:177) fusionauth_1 | at java.base/java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:177) fusionauth_1 | at java.base/java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:177) fusionauth_1 | at java.base/java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:177) fusionauth_1 | at java.base/java.util.ArrayList$ArrayListSpliterator.tryAdvance(ArrayList.java:1601) fusionauth_1 | at java.base/java.util.stream.ReferencePipeline.forEachWithCancel(ReferencePipeline.java:127) fusionauth_1 | at java.base/java.util.stream.AbstractPipeline.copyIntoWithCancel(AbstractPipeline.java:502) fusionauth_1 | at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:488) fusionauth_1 | at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474) fusionauth_1 | at java.base/java.util.stream.MatchOps$MatchOp.evaluateSequential(MatchOps.java:230) fusionauth_1 | at java.base/java.util.stream.MatchOps$MatchOp.evaluateSequential(MatchOps.java:196) fusionauth_1 | at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) fusionauth_1 | at java.base/java.util.stream.ReferencePipeline.anyMatch(ReferencePipeline.java:528) fusionauth_1 | at io.fusionauth.app.service.user.DefaultRegistrationFrontendService.registrationComplete(DefaultRegistrationFrontendService.java:225) fusionauth_1 | at io.fusionauth.app.action.oauth2.CompleteRegistrationAction.validateGet(CompleteRegistrationAction.java:121) fusionauth_1 | at jdk.internal.reflect.GeneratedMethodAccessor147.invoke(Unknown Source) fusionauth_1 | at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) fusionauth_1 | at java.base/java.lang.reflect.Method.invoke(Method.java:564) fusionauth_1 | at org.primeframework.mvc.util.ReflectionUtils.invoke(ReflectionUtils.java:414) fusionauth_1 | at org.primeframework.mvc.validation.DefaultValidationProcessor.validate(DefaultValidationProcessor.java:77) fusionauth_1 | ... 53 common frames omittedI also have one webhook set up for registration verified and email verified events; none of these events where fired when this error occurred (they did fired after I verified the email and completed successfully).
I also have registration verification turned on at the tenant and application level.
-
RE: Webhook events for multi part formsposted in Q&A
Hi @joshua , thanks for your response.
Is the code that you are sending related to MFA? Or some other business logic? If MFA related, there may be more options that we can explore.
My use-case is related to our business logic, our app is only available in certain countries; thus we require users to validate they're in one of those countries via a code sent to their phones. I've read the docs about the Form API but I don't quite see how would it solve this issue (and, as you said, would negate the benefits of advanced forms). The other option would be just to validate the phone outside FusionAuth (like we're doing right now), but I would like to migrate all the registration-related steps into FusionAuth.
-
Webhook events for multi part formsposted in Q&A
Hi there! At work, we're in the process of evaluating FusionAuth to replace our current auth system and I'm building a proof of concept to see how feasible this is.
In our apps, we have a multi-step onboarding process; in one of the steps, the users are required to enter a code sent via SMS to the phone number they inputted in the previous step. Reading the docs, I see that the multi-step form can be implemented with the advanced forms feature; but now I'm thinking about how could I signal our API to send the verification code to the user, is there a way to implement a webhook that fires after each step in the form is completed? Or does it only fire after all the steps are completed? I see that there is the 'Registration update' webhook; could that one work?
Thanks in advance!