Project

General

Profile

Actions

Defect #2757

closed

Unable to register using OpenID

Added by Jean-Philippe Lang almost 16 years ago. Updated almost 16 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Accounts / authentication
Target version:
Start date:
2009-02-15
Due date:
% Done:

100%

Estimated time:
Resolution:
Fixed
Affected version:

Description

Using r2476, assuming I have no redmine account:

  • on the login form, I enter my openid url
  • I'm redirected to my openid provider, I accept to access the site
  • I'm redirected to the redmine registration form (only the openid url is filled)
  • I fill the form (btw, why do I have to enter a password?)
  • I hit Submit
  • the registration is displayed with the login field empty and the error message "login can't be blank"
  • same error if I re-fill the login and re-submit

Full log is attached (openid url filtered).


Files

development.log (12.8 KB) development.log Jean-Philippe Lang, 2009-02-15 20:52
development.log (11.9 KB) development.log Eric's development.log showing a successful on the fly creation Eric Davis, 2009-02-18 05:49
Actions #1

Updated by Eric Davis almost 16 years ago

  • File development.log added
  • Affected version (unused) set to devel

Jean-Philippe Lang wrote:

Using r2476, assuming I have no redmine account:

  • on the login form, I enter my openid url
  • I'm redirected to my openid provider, I accept to access the site
  • I'm redirected to the redmine registration form (only the openid url is filled)

Looks like your OpenID provider doesn't send back the sreg information, which is required to setup the account. This is because Redmine requires a login (sreg 'nickname'), mail (sreg 'email'), firstname, and lastname (sreg 'fullname') in order to create a user. You can see my OpenID provider sends back the sreg so I was able to create a user account on the fly (second to the last request)

  • I fill the form (btw, why do I have to enter a password?)

Because Redmine requires a password :) If the user was able to be created on the fly, they get a random password (User#random_password) but since saving your user account failed the password wasn't set.

  • I hit Submit
  • the registration is displayed with the login field empty and the error message "login can't be blank"
  • same error if I re-fill the login and re-submit

This sounds like a problem with the register form itself. Let me do some more testing and see

Actions #2

Updated by Eric Davis almost 16 years ago

Last log used the wrong database, where I had an existing user account. This log shows the process for a new user that needs an Administrator to approve the account activation.

Actions #3

Updated by Eric Davis almost 16 years ago

  • File deleted (development.log)
Actions #4

Updated by Eric Davis almost 16 years ago

  • Status changed from New to Closed
  • Target version set to 0.9.0
  • % Done changed from 0 to 100
  • Resolution set to Fixed

I figured out why it wasn't taking your login. AccountController#open_id_authenticate was adding an auth_source_registration to the session which caused AccountController#register to use the wrong codepath. It's fixed in r2483.

Actions

Also available in: Atom PDF