From b8dd4a2ea0b080f08bd00df8b7e670a1116469c5 Mon Sep 17 00:00:00 2001 From: Kumuditha - KD Date: Tue, 2 Dec 2025 09:09:04 +0530 Subject: [PATCH] Refactor redirect URL handling for account lock and confirmation errors --- .../handler/step/impl/DefaultStepHandler.java | 40 +++++++++---------- 1 file changed, 20 insertions(+), 20 deletions(-) diff --git a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/step/impl/DefaultStepHandler.java b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/step/impl/DefaultStepHandler.java index ca1d59feedef..79bcd315cbd3 100644 --- a/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/step/impl/DefaultStepHandler.java +++ b/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/handler/step/impl/DefaultStepHandler.java @@ -1279,28 +1279,28 @@ protected String getRedirectUrl(HttpServletRequest request, HttpServletResponse reCaptchaParamString.toString(); } else if (UserCoreConstants.ErrorCode.USER_IS_LOCKED.equals(errorCode)) { String redirectURL; + String baseURL; if (isRedirectionToRetryPageOnAccountLock(context)) { - String retryPage = ConfigurationFacade.getInstance().getAuthenticationEndpointRetryURL(); - redirectURL = response.encodeRedirectURL(retryPage - + ("?" + context.getContextIdIncludedQueryParams())) - + errorParamString; + // Redirect to the retry page. + baseURL = ConfigurationFacade.getInstance().getAuthenticationEndpointRetryURL(); } else { - redirectURL = response.encodeRedirectURL(loginPage - + ("?" + context.getContextIdIncludedQueryParams())) - + String.format( - "&errorCode=%s&authenticators=%s", - errorCode, URLEncoder.encode(authenticatorNames, "UTF-8")) - + retryParam + reCaptchaParamString; - if (remainingAttempts == 0) { - redirectURL = String.format("%s&remainingAttempts=0", redirectURL); - } - if (!StringUtils.isBlank(reason)) { - redirectURL = String.format("%s&lockedReason=%s", redirectURL, reason); - } - if (username != null) { - redirectURL = String.format("%s&failedUsername=%s", redirectURL, URLEncoder.encode(username, - "UTF-8")); - } + baseURL = loginPage; + } + redirectURL = response.encodeRedirectURL(baseURL + + ("?" + context.getContextIdIncludedQueryParams())) + + String.format( + "&errorCode=%s&authenticators=%s", + errorCode, URLEncoder.encode(authenticatorNames, "UTF-8")) + + retryParam + reCaptchaParamString; + if (remainingAttempts == 0) { + redirectURL = String.format("%s&remainingAttempts=0", redirectURL); + } + if (!StringUtils.isBlank(reason)) { + redirectURL = String.format("%s&lockedReason=%s", redirectURL, reason); + } + if (username != null) { + redirectURL = String.format("%s&failedUsername=%s", redirectURL, URLEncoder.encode(username, + "UTF-8")); } return redirectURL; } else if (IdentityCoreConstants.USER_ACCOUNT_NOT_CONFIRMED_ERROR_CODE.equals(errorCode)) {