We are federating our users from an Oracle db. I have extended the AbstractUserAdapterFederatedStorage class. The requirement is to add MFA to users who meet a certain requirement. Within the UserAdapter we call AddRequiredAction(RequiredAction.CONFIGURE_TOTP) if it is not already in the user’s required actions.
Set<String> actions = getRequiredActions();
if (!actions.contains(RequiredAction.CONFIGURE_TOTP)){
addRequiredAction(RequiredAction.CONFIGURE_TOTP);
}
When testing, the problem we are seeing is that the Configure OTP goes into a loop. The user logs in successfully with a username and password. Then the configure mobile authenticator screen displays in an endless loop.
The TOTP credentials are being created but the screen keeps displaying.
I know I a missing something but can not figure out what.