new configuration version

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/etc/nevis/k8s-nai-6ec6739e824c8e56d9633622.yaml

@@ -45,7 +45,7 @@ spec:
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-8414d493096d02dbcb9c62db0f8cd634462c4e71"
+    tag: "r-2f391d6b9730f8a850971efbdb5e9ba1c9d2635a"
     dir: "DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai"
     credentials: "git-credentials"
   keystores:

DEFAULT-ADN-POST-IAM-TKNXCHNG-PROJECT/DEFAULT-ADN-POST-IAM-TKNXCHNG-INV/nai/var/opt/nevisauth/default/conf/esauth4.xml

@@ -194,7 +194,9 @@
         </AuthState>
         <AuthState name="cossa_realm_IdTokenVerification" class="ch.adnovum.cossa.IdTokenVerification" final="false" resumeState="false">
             <!-- source: pattern://a976546c6a56dc04c0d34592 -->
-            <ResultCond name="failed" next="cossa_realm_Authentication_Failed"/>
+            <ResultCond name="failed" next="cossa_realm_auth_failed"/>
+            <!-- source: pattern://a976546c6a56dc04c0d34592 -->
+            <ResultCond name="invalid_grant" next="cossa_realm_auth_failed"/>
             <!-- source: pattern://a976546c6a56dc04c0d34592 -->
             <ResultCond name="ok" next="cossa_realm_CallRestApi"/>
             <!-- source: pattern://a976546c6a56dc04c0d34592 -->
@@ -305,18 +307,6 @@
             <!-- source: pattern://e02a36447ce2d3c66d8d81c0 -->
             <property name="scope.phone.clientCredentialsFlowPolicy" value="true"/>
         </AuthState>
-        <AuthState name="cossa_realm_Authentication_Failed" class="ch.nevis.esauth.auth.states.standard.AuthError" final="false">
-            <!-- source: pattern://5daa6d4f525b11a4e9b0ea79, pattern://a976546c6a56dc04c0d34592 -->
-            <Response value="AUTH_ERROR">
-                <!-- source: pattern://5daa6d4f525b11a4e9b0ea79, pattern://a976546c6a56dc04c0d34592 -->
-                <Gui name="Error">
-                    <!-- source: pattern://5daa6d4f525b11a4e9b0ea79, pattern://a976546c6a56dc04c0d34592 -->
-                    <GuiElem name="info" type="error" label="error_99"/>
-                    <!-- source: pattern://5daa6d4f525b11a4e9b0ea79, pattern://a976546c6a56dc04c0d34592 -->
-                    <GuiElem name="submit" type="button" label="continue.button.label"/>
-                </Gui>
-            </Response>
-        </AuthState>
         <AuthState name="cossa_realm_CallRestApi" class="ch.adnovum.cossa.CallPolicyVerificationAPI" final="false" resumeState="false">
             <!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
             <ResultCond name="failed" next="cossa_realm_Authentication_Failed"/>
@@ -380,6 +370,18 @@
             <!-- source: pattern://a1e5d0192e082e689465a0c9 -->
             <property name="keyobjectref" value="tokensigner"/>
         </AuthState>
+        <AuthState name="cossa_realm_Authentication_Failed" class="ch.nevis.esauth.auth.states.standard.AuthError" final="false">
+            <!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
+            <Response value="AUTH_ERROR">
+                <!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
+                <Gui name="Error">
+                    <!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
+                    <GuiElem name="info" type="error" label="error_99"/>
+                    <!-- source: pattern://5daa6d4f525b11a4e9b0ea79 -->
+                    <GuiElem name="submit" type="button" label="continue.button.label"/>
+                </Gui>
+            </Response>
+        </AuthState>
         <AuthState name="cossa_realm_Prepare_Done" class="ch.nevis.esauth.auth.states.scripting.ScriptState" final="false">
             <!-- source: pattern://b67f81a971e4c08aa79040a2 -->
             <ResultCond name="default" next="cossa_realm_Auth_Done"/>