Backport of UI: allow retries for MFA form errors into release/1.17.x #27607
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Backport
This PR is auto-generated from #27574 to be assessed for backporting due to the inclusion of the label backport/1.17.x.
The below text is copied from the body of the original PR.
🛠️ Description
Fixes a bug where the MFA form wasn't displaying an error message nor countdown when a user tried to enter an incorrect one-time password too many times.
Fixes JIRA ticket # VAULT-28437
📸 Screenshots
Before (notice missing error banner)
After (error banner & countdown shown, button disabled)
🏗️ How to Build and Test the Change
To replicate this you'll need to set up MFA and a userpass user. I recommend having two browser windows open: one for the
root
user and one for a userpass user.test
with all privileges (so the user can eventually enable MFA on their login):userpass
auth methodtest
policyVault
as the issuer (though it doesn't really matter). Enter 2 as the max validation attempts. Under Enforcements select "skip this step".60c04ac9-943b-79f6-f466-e1f1d2c2fe19
inmfa/methods/60c04ac9-943b-79f6-f466-e1f1d2c2fe19
TODO only if you're a HashiCorp employee
getting backported to N-2, use the new style
backport/ent/x.x.x+ent
labelsinstead of the old style
backport/x.x.x
labels.the normal
backport/x.x.x
label (there should be only 1).of a public function, even if that change is in a CE file, double check that
applying the patch for this PR to the ENT repo and running tests doesn't
break any tests. Sometimes ENT only tests rely on public functions in CE
files.
in the PR description, commit message, or branch name.
description. Also, make sure the changelog is in this PR, not in your ENT PR.
Overview of commits