Error occured with custom authenticator in B2B login flows

[Thisara-Welmilla]

Description

Feature issue:

• Support for external custom authention extension #20809

For B2B scenarios, the context.subject() becomes null when comes to second step, even through there is a authenticated user from the previous step. Due to this, following errors occurred.

1. In a sub organization, create a local authenticator and use it as a second step. Got following error,

TID: [25237] Tenant: [00bdf7be-f70c-46ad-9085-66c0ae23070a] [2025-02-27 06:00:30,820] [20250227T060030Z-167c755789djnhhnhC1SG1sch000000003cg000000003nzm] : iam-cloud-carbon : ERROR {org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator} - Exception in Authentication Framework java.lang.NullPointerException: null| at org.wso2.carbon.identity.application.authentication.framework.AbstractApplicationAuthenticator.process(AbstractApplicationAuthenticator.java:117) ~[org.wso2.carbon.identity.application.authentication.framework_7.8.23.jar:?]| at org.wso2.carbon.identity.application.authenticator.adapter.internal.AbstractAuthenticatorAdapter.process(AbstractAuthenticatorAdapter.java:108) ~[?:?]| at org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.doAuthentication(DefaultStepHandler.java:747) ~[org.wso2.carbon.identity.application.authentication.framework_7.8.23.jar:?]| at org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.handleResponse(DefaultStepHandler.java:702) ~[org.wso2.carbon.identity.application.authentication.framework_7.8.23.jar:?]| at org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.handle(DefaultStepHandler.java:252) ~[org.wso2.carbon.identity.application.authentication.framework_7.8.23.jar:?]| at org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler.handle(DefaultStepBasedSequenceHandler.java:215) 

2. In sub org login flow, when 2FA authenticator is engaged in the currently authenticated user details are not in request to the external authentication service.

{\n' +    "  actionType: 'AUTHENTICATION',\n" +    "  flowId: '587d6c07-29ec-4010-b196-3a06c329bf10',\n" +    '  event: {\n' +    "    tenant: { id: '25237', name: '00bdf7be-f70c-46ad-9085-66c0ae23070a' },\n" +    '    application: {\n' +    "      id: 'f632cc97-7d61-401e-a8f2-0e0149a9e20d',\n" +    "      name: 'oidcdebugger'\n" +    '    },\n' +    '    currentStepIndex: 2,\n' +    "    authenticatedSteps: [ { index: 1, name: 'BasicAuthenticator' } ]\n" +    '  },\n' +    "  allowedOperations: [ { op: 'redirect' } ]\n" +    '}'

Steps to Reproduce

Scenario 1:

1. Create a internal custom authenticator and engage it in 2nd step of the B2B login flow.
2. Try login, will get redirect to error page.

Scenario 2:

1. Create a 2FA custom authenticator and engage it in 2nd step of the B2B login flow.
2. The currently authenticated user details are not in request to the external authentication service.

Version

7.1.0

Environment Details (with versions)

No response