-
Bug
-
Resolution: Done
-
Undefined
-
None
-
False
-
-
False
-
-
Before reporting an issue
[X] I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.
Area
admin/ui
Describe the bug
Since keycloak 24 the Look around window configuration option in the OTP policies (Authentication ⟶ Policies ⟶ OTP policy) cannot be configured to 0. That property is the extra time periods (TOTP) or counts (HOTP) the server will take into account just in case the generator and server are out of sync. So the value 0 makes sense (no extra time windows for TOTP and no extra counts for HOTP).
The configuration for OTP is from 0 to any max number with default 1 (here). So 0 should be allowed.
Version
25.0.2
Regression
[ ] The issue is a regression
Expected behavior
Value 0 should be allowed.
Actual behavior
When you set 0 it converts to default 1.
How to Reproduce?
Just go to Authentication ⟶ Policies ⟶ OTP policy in your realm. The value for the look around window is 1 by default. Click the minus buttom, it's still 1 and not 0.
Anything else?
No response
- links to