Notifications

25 views

Description

When a password reset email is received by a user and the user clicks on the link, it shows an error: "General error. Contact the service desk for assistance".

Cause

When submitting the URL, it goes to the passwordreset processor first: /nav_to.do?uri=sys_processor.do?sys_id=cffa39634fd1a2001f6eac118110c7b6

which redirects to $pwd_new UI page: /nav_to.do?uri=sys_ui_page.do?sys_id=5d0f19b2d7032100b9bc43d60e610350 

This UI page has the following logic to calculate whether the request is secured (see lines in bold):

<g:evaluate var="jvar_is_secure" jelly="true">
var isSecure = new SNC.PwdSecurityManager().validateSecureTokenFromHttpRequest();
<!-- request may come from link -->
if (!isSecure &amp;&amp; jelly.jvar_gr_process.email_password_reset_url) {
var userId = jelly.sysparm_sys_user_id;
var token = jelly.sysparm_token;
if(!GlideStringUtil.nil(userId) &amp;&amp; !GlideStringUtil.nil(token)) {
var userName = GlideUser.getUserByID(userId).getName(); <======
if(!GlideStringUtil.nil(userName) &amp;&amp; userName != "guest"){ <=====
var isTokenValid = SNC.PasswordResetUtil.validateUniqueUserToken(userId, token, false);
if(isTokenValid == false)
SNC.PasswordResetUtil.invalidateTokenForUser(userId, token);
else
isSecure = true;
}
}
}

Resolution

Populate the "user_id" field of the user

Article Information

Last Updated:2020-08-24 01:53:54
Published:2020-08-24