I have been using Google Identity Toolkit (for web) on my site for more than 2 years. Recently I found that the password reset flow is broken. When I try to "Forgot Password", check the recaptcha checkbox and click Continue, I get an error "Request failed. Please try again."
In the console I see this:
[ 28.949s] [identitytoolkit] Error: Invalid JSON string: Password reset email sent successfully.
Gj @ gitkit.js:254
Ej.addLogRecord @ gitkit.js:254
Zi.log @ gitkit.js:237
R @ gitkit.js:254
(anonymous) @ gitkit.js:255
Yc @ gitkit.js:44
g.dispatchEvent @ gitkit.js:42
tj @ gitkit.js:247
lj.onReadyStateChangeEntryPoint_ @ gitkit.js:245
lj.onReadyStateChange_ @ gitkit.js:245
XMLHttpRequest.send (async)
lj.send @ gitkit.js:242
Mj @ gitkit.js:255
Lj.requestRpEndpoint @ gitkit.js:256
g.requestRpEndpoint @ gitkit.js:259
(anonymous) @ gitkit.js:4
N @ gitkit.js:190
Fh @ gitkit.js:190
Sm @ gitkit.js:334
(anonymous) @ gitkit.js:335
(anonymous) @ gitkit.js:80
(anonymous) @ gitkit.js:77
Yc @ gitkit.js:44
g.dispatchEvent @ gitkit.js:42
fd @ gitkit.js:47
ed.handleClick_ @ gitkit.js:47
Uc @ gitkit.js:39
Rc @ gitkit.js:41
Pc.b @ gitkit.js:37
Even though the error says "email sent successfully", it's not sent. I do not know how long it has been broken for. I only found it yesterday.
I'm using this script:
https://www.gstatic.com/authtoolkit/js/gitkit.js
on my web site.
I hope someone from the Gooogle Identity Toolkit team can help on this.
UPDATE 1:
Server side code:
OobResponse oobResponse = gitkitClient.getOobResponse(request);
OobAction oobAction = oobResponse.getOobAction();
// For DEBUG
logger.info("oobAction : " + oobAction);
String action = request.getParameter("action");
logger.info("action : " + action); // returns null
logger.info("response: " + request.getParameter("response")); // returns a long string
logger.info("responseBody : " + oobResponse.getResponseBody()); // returns {"error": "CAPTCHA_CHECK_FAILED" }
logger.info("email : " + oobResponse.getEmail()); // returns null
// If reset password
if (OobAction.RESET_PASSWORD.equals(oobAction)) {
Optional<String> forgotPasswordLinkOpt = oobResponse.getOobUrl();
String passwordResetLink = forgotPasswordLinkOpt.get();
sendMailService.sendPasswordResetEmail(oobResponse.getEmail(), passwordResetLink);
return(oobResponse.getResponseBody());
}
The oobAction
is coming out to be null
and therefore the link is not being sent. But action
has a value of resetPassword
. 'responseBody' is returning
{"error": "CAPTCHA_CHECK_FAILED" }
. Do I need to do some configuration for the recaptcha string at my end?
I'm using v1.2.7 of gitkitclient from the Maven repo:
https://mvnrepository.com/artifact/com.google.identitytoolkit/gitkitclient
The issue was fixed by the Google team on the backend without any change from my end. See comments on the original issue for details.