User Redirected to Incomplete Sign In Page When Clicking 'Go Back' in Email Link Expired Password Reset Flow

[HasiniSama]

Describe the issue:
When a user clicks the 'Go Back' button in the Email Link Expired Password Reset flow in the My Account portal, they are redirected to an incomplete sign-in page. This also happens when the access URL is not specified for an Application (which is not specified by default).

Screen.Recording.2024-09-18.at.15.51.19.mov

How to reproduce:

1. Set up WSO2 Identity Server with email-sending capability.
2. Navigate to Login & Registration in the console.
3. Under Account Recovery, go to Password Recovery and check the 'Email link based recovery' option.
4. Optionally, change the Recovery link expiry time to 1 minute.
5. Create a user account with a valid email address.
6. Go to /myaccount.
7. Click the 'Forgot password' option and enter the user’s username.
8. The user will receive a 'Password reset' email.
9. Wait for the password reset link to expire, or send it again and let the old link expire.
10. Click the 'Reset Password' button after the link has expired.
11. An error page will be shown.
12. Click the 'Go Back' button.

This issue can also be observed for applications if the access URL is not specified under the General Tab (which is not specified by default).

Expected behavior:

The user should be redirected to a completed sign-in page, or the 'Go Back' button should not be visible if no valid access URL is provided to prevent an incomplete page from being displayed.

Environment information

• Product Version: [e.g., IS 7.1.0]
• OS: [Mac]
• Database: [H2]
• Userstore: [JDBC]

---

Optional Fields

Related issues:

• Redirection issue in 'Go Back' button in Expired Password Reset emails. #21060