Do not always prompt for password when logging in with PIV/CAC during identity verification request#9111
Merged
mitchellhenke merged 2 commits intomainfrom Oct 13, 2023
Conversation
mitchellhenke
force-pushed
the
mitchellhenke/do-not-prompt-for-password-if-there-is-no-profile
branch
from
d799bb6 to
b69dca5
Compare
mitchellhenke
changed the title
mitchellhenke
changed the title
mitchellhenke
force-pushed
the
mitchellhenke/do-not-prompt-for-password-if-there-is-no-profile
branch
3 times, most recently
from
4dc6911 to
0856cd1
Compare
mitchellhenke
force-pushed
the
mitchellhenke/do-not-prompt-for-password-if-there-is-no-profile
branch
from
0856cd1 to
cca0fe7
Compare
zachmargolis
approved these changes
Oct 11, 2023
Contributor
zachmargolis
left a comment
zachmargolis
left a comment
There was a problem hiding this comment.
the code LGTM but the spec changes don't make sense? I'd expect us to keep them or potentially add additional branches for PII cacher having/not having data?
added 2 commits
October 13, 2023 10:01
… identity verification request changelog: Bug Fixes, Authentication, Do not always prompt for password when logging in with PIV/CAC
mitchellhenke
force-pushed
the
mitchellhenke/do-not-prompt-for-password-if-there-is-no-profile
branch
from
cca0fe7 to
481d1af
Compare
Contributor
Author
Yeah, I can't recall what I was doing when I opened this PR. I've undone the spec removals and added a failing spec that the changes address. |
mitchellhenke
deleted the
mitchellhenke/do-not-prompt-for-password-if-there-is-no-profile
branch
Merged
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🛠 Summary of changes
Makes a fix similar to #8622, #6121, #6309 where we should only request the password if it is strictly needed. If a user is not logging in during an IAL2 request with an active profile, we should not prompt for a password.