Redirect locked Group SSO users to SSO page instead of 500 error
What
Redirects locked users to the SSO page instead of generic sign in when accessed via Group SAML.
This avoids a 500 error caused by attempting to access a missing captcha_enabled?
method that is not present in the OmniauthCallbacksController
, and instead displays an account locked flash message.
Why
Users were getting a 500 error after incorrectly entering a 2FA code many times.
One part of solving #34998 (closed)
Next steps
- The SSO page still redirects to generic sign in via
route_not_found
because the user is locked - Need to fix root cause of 2FA lockouts
Screenshots
Before | After |
---|---|
Acceptance criteria
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
Edited by James Edwards-Jones