Defect #2757
closedUnable to register using OpenID
100%
Description
Using r2476, assuming I have no redmine account:
- on the login form, I enter my openid url
- I'm redirected to my openid provider, I accept to access the site
- I'm redirected to the redmine registration form (only the openid url is filled)
- I fill the form (btw, why do I have to enter a password?)
- I hit Submit
- the registration is displayed with the login field empty and the error message "login can't be blank"
- same error if I re-fill the login and re-submit
Full log is attached (openid url filtered).
Files
Updated by Eric Davis almost 16 years ago
- File development.log added
- Affected version (unused) set to devel
Jean-Philippe Lang wrote:
Using r2476, assuming I have no redmine account:
- on the login form, I enter my openid url
- I'm redirected to my openid provider, I accept to access the site
- I'm redirected to the redmine registration form (only the openid url is filled)
Looks like your OpenID provider doesn't send back the sreg information, which is required to setup the account. This is because Redmine requires a login (sreg 'nickname'), mail (sreg 'email'), firstname, and lastname (sreg 'fullname') in order to create a user. You can see my OpenID provider sends back the sreg so I was able to create a user account on the fly (second to the last request)
- I fill the form (btw, why do I have to enter a password?)
Because Redmine requires a password :) If the user was able to be created on the fly, they get a random password (User#random_password
) but since saving your user account failed the password wasn't set.
- I hit Submit
- the registration is displayed with the login field empty and the error message "login can't be blank"
- same error if I re-fill the login and re-submit
This sounds like a problem with the register form itself. Let me do some more testing and see
Updated by Eric Davis almost 16 years ago
- File development.log development.log added
Last log used the wrong database, where I had an existing user account. This log shows the process for a new user that needs an Administrator to approve the account activation.
Updated by Eric Davis almost 16 years ago
- Status changed from New to Closed
- Target version set to 0.9.0
- % Done changed from 0 to 100
- Resolution set to Fixed
I figured out why it wasn't taking your login. AccountController#open_id_authenticate
was adding an auth_source_registration to the session which caused AccountController#register
to use the wrong codepath. It's fixed in r2483.