Project

General

Profile

Actions
Copy link

Defect #11778

closed

openid : Fields not taken when logged in using Google account. Redmine 2.0.3

Added by Anup Nair about 12 years ago. Updated almost 3 years ago.

Status:
Closed
Priority:
High
Assignee:
-
Category:
OpenID
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Wont fix
Affected version:
2.0.3

Description

Environment:
Redmine version 2.0.3.stable
Ruby version 1.8.7 (x86_64-linux)
Rails version 3.2.6
Environment production
Database adapter MySQL
Redmine plugins:
no plugin installed

I deployed the above redmine instance running over apache with passenger.

I enabled OpenID authentication in the settings.
Upon using Google App Account for login it redirects to Google for login and authorization. Works fine until here.

Thereafter, it shows a redmine registration page with following errors:

Login can't be blank
First name can't be blank
Last name can't be blank
Email can't be blank

I have to manually enter each field. Ideally this should have come automatically.

I have tried OpenID-fix but it doesn't work with redmine 2.0.3.

Entries in the application log is given below.

Started GET "/login?_method=post&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=id_res&openid.op_endpoint=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fud&openid.response_nonce=2012-09-05T11%3A21%3A42ZmjzBaAvps53Q1A&openid.return_to=http%3A%2F%2Ftracker.xxx.xxx.com%2Flogin%3F_method%3Dpost&openid.assoc_handle=AMlYxxxxxxxxxxxxxxxxxXchR3cDErPo30gskxxxxxxrkuzwA76&openid.signed=op_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle&openid.sig=Xdvxxxxxxxxxx7gFQRXf0%3D&openid.identity=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%xxxxxxxxxxdcniXPa9HagoovdIpQ&openid.claimed_id=https%3A%2F%2Fwww.google.com%2Faccountsxxxxxxx44ghdtWhTqsdcnxxxxxgoovdIpQ" for 192.168.2.xxx at Wed Sep 05 17:02:43 +0530 2012
Error attempting to use stored discovery information: OpenID::TypeURIMismatch
Attempting discovery to verify endpoint
Performing discovery on https://www.google.com/accounts/o8/id?id=AItOaxxxhTqsdcniXxxxxxxgoovdIpQ
WARNING: making https request to https://www.google.com/accounts/o8/id?id=AItOxxwlLAgxxxxxxxxxxxxovdIpQ without verifying server certificate; no CA path was specified.
Processing by AccountController#login as HTML
WARNING: Can't verify CSRF token authenticity
  Rendered account/register.html.erb within layouts/base (15.1ms)
Completed 200 OK in 63ms (Views: 22.7ms | ActiveRecord: 5.7ms)

I have tried looking around for a fix for 2.0.3 but failed to find any trackers covering this issue.

If this has been reported & fixed before, then kindly provide me the link to the same.

Files

Download all files
redmine-openid_ax_requests_fix_google_yahoo_registration-DrewDahl-11778.patch (4.48 KB) redmine-openid_ax_requests_fix_google_yahoo_registration-DrewDahl-11778.patch Andrew Dahl, 2012-12-16 14:01
redmine-openid_ax_requests_fix_google_yahoo_registration-2.3.1.patch (3.5 KB) redmine-openid_ax_requests_fix_google_yahoo_registration-2.3.1.patch OpenID patch for 2.3.1 Siebe Joris Jochems, 2013-06-19 10:12

Related issues

Related to Redmine - Defect #8399: openid logins not working with 2.0 redirectsClosed2011-05-18

Actions
Related to Redmine - Defect #3780: Attribute exchange with OpenID providersClosed2009-08-25

Actions
Actions
Copy link
 #1

Updated by Toshi MARUYAMA about 12 years ago

  • Assignee deleted (Jonas De Meulenaere)
Actions
Copy link
 #2

Updated by Lars Pedersen about 12 years ago

I see the same problem. Are we doing anything wrong here ?

Actions
Copy link
 #3

Updated by Andrew Dahl almost 12 years ago

The problem is that Google, Yahoo, and, from what I understand, most big name OpenID providers are no longer supporting SReg (Simple Registration) requests and have switched to AX (Attribute Exchange). Redmine is currently setup to use SReg.

I've attached a patch that works on Google and Yahoo. I haven't tested it on other providers, but I'm fairly confident it will work as well, if not better, than the current implementation.

The patch is to be applied against 2.1.4.stable

I tested it using Ruby 1.9.3 and Rails 3.2.8

Actions
Copy link
 #4

Updated by Anonymous over 11 years ago

I think the openid-fix plugin also caters for this: http://projects.andriylesyuk.com/projects/openid-fix

But of course this should be fixed / implemented in Redmine itself.

Finally, see also issue #8399.

Actions
Copy link
 #5

Updated by Antoine Beaupré over 11 years ago

This may be a dupe of #3780 - although it doesn't have a patch like here.

Actions
Copy link
 #6

Updated by Siebe Joris Jochems over 11 years ago

I've tried to apply the patch to Redmine 2.3.1 and found out it didn't work 'out of the box'. So here is an updated patch. :-)

It's been 10 months already...

Actions
Copy link
 #7

Updated by Go MAEDA almost 3 years ago

  • Status changed from New to Closed
  • Resolution set to Wont fix

The OpenID support has been dropped by #35755 for the upcoming Redmine 5.0.0.

Actions
Copy link

Also available in: Atom PDF