https://www.redmine.org/https://www.redmine.org/favicon.ico?16793021292011-05-18T20:09:43ZRedmineRedmine - Defect #8399: openid logins not working with 2.0 redirectshttps://www.redmine.org/issues/8399?journal_id=290102011-05-18T20:09:43ZAntoine Beaupré
<ul></ul><p>Oh, and note that redmine doesn't give any useful error message. We just get redirected to a blank login page with the URL:</p>
<p><a class="external" href="http://redmine.koumbit.net/login?_method=post&open_id_complete=1">http://redmine.koumbit.net/login?_method=post&open_id_complete=1</a></p>
<p>Quite odd.</p> Redmine - Defect #8399: openid logins not working with 2.0 redirectshttps://www.redmine.org/issues/8399?journal_id=290422011-05-19T14:55:21ZEtienne Massip
<ul></ul><p>Could you try to change <a class="source" href="https://www.redmine.org/projects/redmine/repository/svn/entry/trunk/vendor/plugins/open_id_authentication/lib/open_id_authentication.rb#L146">source:trunk/vendor/plugins/open_id_authentication/lib/open_id_authentication.rb#L146</a> from :</p>
<pre><code class="ruby syntaxhl"><span class="n">redirect_to</span><span class="p">(</span><span class="n">open_id_redirect_url</span><span class="p">(</span><span class="n">open_id_request</span><span class="p">,</span> <span class="n">return_to</span><span class="p">,</span> <span class="nb">method</span><span class="p">))</span></code></pre>
<p>to :</p>
<pre><code class="ruby syntaxhl"><span class="n">redirect_to</span><span class="p">(</span><span class="n">open_id_redirect_url</span><span class="p">(</span><span class="n">open_id_request</span><span class="p">,</span> <span class="n">return_to</span><span class="p">,</span> <span class="nb">method</span><span class="p">),</span> <span class="ss">:status</span> <span class="o">=></span> <span class="mi">307</span><span class="p">)</span></code></pre>
<p>?</p>
<p>(requires to restart Redmine)</p> Redmine - Defect #8399: openid logins not working with 2.0 redirectshttps://www.redmine.org/issues/8399?journal_id=310902011-07-26T19:47:18ZAntoine Beaupré
<ul></ul><p>Etienne Massip wrote:</p>
<blockquote>
<p>Could you try to change <a class="source" href="https://www.redmine.org/projects/redmine/repository/svn/entry/trunk/vendor/plugins/open_id_authentication/lib/open_id_authentication.rb#L146">source:trunk/vendor/plugins/open_id_authentication/lib/open_id_authentication.rb#L146</a> from :</p>
</blockquote>
<p>A bit better, but still fails, now I get:</p>
<pre>
Invalid form authenticity token.
</pre>
<p>Note that the URL is the same.</p> Redmine - Defect #8399: openid logins not working with 2.0 redirectshttps://www.redmine.org/issues/8399?journal_id=316642011-08-23T04:40:06ZJeffrey Jones
<ul></ul><p>Looks like the controller that open_id_redirect_url points to just needs to skip the checking of the authenticity token for that action since there is no point in this case.</p> Redmine - Defect #8399: openid logins not working with 2.0 redirectshttps://www.redmine.org/issues/8399?journal_id=321832011-09-13T08:45:48ZEtienne Massip
<ul><li><strong>Category</strong> changed from <i>Accounts / authentication</i> to <i>OpenID</i></li></ul> Redmine - Defect #8399: openid logins not working with 2.0 redirectshttps://www.redmine.org/issues/8399?journal_id=355872012-01-28T05:24:06ZAntoine Beaupré
<ul></ul><p><a class="user active" href="https://www.redmine.org/users/82765">Jeffrey Lee</a> Jones: not sure how that could be done. Any ideas?</p>
<p>This is still broken. From what I can tell, Redmine needs a HTTP redirect, which is a 1.0 protocol, while it's actually implementing the 2.0 protocol.</p>
<p>So right now, I am making the decision of breaking the OpenID logins on redmine from Drupal, in favor of Stackoverflow and other standard implementations.</p>
<p>I would really appreciate feedback on how this could be fixed in Redmine, or in Drupal's openid_provider, if you guys think it's broken. As things stand, I believe the problem really is redmine.</p> Redmine - Defect #8399: openid logins not working with 2.0 redirectshttps://www.redmine.org/issues/8399?journal_id=355942012-01-28T19:16:06ZAntoine Beaupré
<ul></ul><p>I figured out how to disable the token check. You need to add</p>
<pre>
skip_before_filter :verify_authenticity_token
</pre>
<p>in the AccountController. Unforatunately, this disables CSRF attack protection on an important form. Furthermore, it still doesn't work: with this we just go back to the form, unmodified.</p> Redmine - Defect #8399: openid logins not working with 2.0 redirectshttps://www.redmine.org/issues/8399?journal_id=355952012-01-28T19:34:07ZAntoine Beaupré
<ul></ul><p>I notice also that the openid wrapper used by redmine hasn't been updated in years while there has been upstream releases:</p>
<p><a class="external" href="https://github.com/Velir/open_id_authentication">https://github.com/Velir/open_id_authentication</a></p>
<p>... that should probably the first step in fixing that problem.</p> Redmine - Defect #8399: openid logins not working with 2.0 redirectshttps://www.redmine.org/issues/8399?journal_id=355962012-01-28T20:59:31ZAntoine Beaupré
<ul><li><strong>File</strong> <a href="/attachments/7107">8399_redmine_fix_openid.patch</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/7107/8399_redmine_fix_openid.patch">8399_redmine_fix_openid.patch</a> added</li><li><strong>% Done</strong> changed from <i>0</i> to <i>100</i></li></ul><p>Alright, I confirm the fix works. I needed to fix both the Redmine and Drupal sides, as Redmine was refusing the login, not only because of the missing ticket, but also because Drupal was sending too much stuff.</p>
<p>I had to enable more debugging, otherwise Redmine would just send a blank page when the openid login would fail, without any explanation. I also had to pass down the errors from the ruby library... So the attached patch fixes all this.</p> Redmine - Defect #8399: openid logins not working with 2.0 redirectshttps://www.redmine.org/issues/8399?journal_id=383592012-05-22T13:18:26ZAnonymous
<ul></ul><p>This isn't quite perfect -- logging in with OpenID always redirects the user to the front page, no matter where you started.</p> Redmine - Defect #8399: openid logins not working with 2.0 redirectshttps://www.redmine.org/issues/8399?journal_id=466732013-03-14T22:46:36ZAntoine Beaupré
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Resolved</i></li></ul><p>this seems to be fine without the patch in redmine 1.4.4.</p> Redmine - Defect #8399: openid logins not working with 2.0 redirectshttps://www.redmine.org/issues/8399?journal_id=466752013-03-15T00:08:10ZMischa The Evil
<ul></ul><p>Antoine Beaupré wrote:</p>
<blockquote>
<p>this seems to be fine without the patch in redmine 1.4.4.</p>
</blockquote>
<p>I've did some quick lookup of openid related revisions on Redmine 1.4.x but couln't find any which should be able to solve this issue...</p>
<p>OTOH: on Redmine 2.x the included openid wrapper has been updated to <a class="external" href="https://github.com/Velir/open_id_authentication/tree/8b97cd2e9e3bbe1650ea526b6be3555b159f5ad4">https://github.com/Velir/open_id_authentication/tree/8b97cd2e9e3bbe1650ea526b6be3555b159f5ad4</a> and several other fixes has been applied. Though, some other issues (<a class="issue tracker-1 status-5 priority-4 priority-default closed" title="Defect: Attribute exchange with OpenID providers (Closed)" href="https://www.redmine.org/issues/3780">#3780</a> & <a class="issue tracker-1 status-5 priority-5 priority-high2 closed" title="Defect: openid : Fields not taken when logged in using Google account. Redmine 2.0.3 (Closed)" href="https://www.redmine.org/issues/11778">#11778</a>) still seem to exist.</p> Redmine - Defect #8399: openid logins not working with 2.0 redirectshttps://www.redmine.org/issues/8399?journal_id=466942013-03-15T16:26:48ZAnonymous
<ul></ul><p>I wonder how this related to the openid-fix plugin? <a class="external" href="http://projects.andriylesyuk.com/projects/openid-fix">http://projects.andriylesyuk.com/projects/openid-fix</a></p> Redmine - Defect #8399: openid logins not working with 2.0 redirectshttps://www.redmine.org/issues/8399?journal_id=466962013-03-15T16:29:55ZAnonymous
<ul></ul><p>Also see issue <a class="issue tracker-1 status-5 priority-5 priority-high2 closed" title="Defect: openid : Fields not taken when logged in using Google account. Redmine 2.0.3 (Closed)" href="https://www.redmine.org/issues/11778">#11778</a></p> Redmine - Defect #8399: openid logins not working with 2.0 redirectshttps://www.redmine.org/issues/8399?journal_id=1048472021-12-14T00:14:58ZGo MAEDA
<ul><li><strong>Status</strong> changed from <i>Resolved</i> to <i>Closed</i></li><li><strong>Resolution</strong> set to <i>Wont fix</i></li></ul><p>The OpenID support has been dropped by <a class="issue tracker-2 status-5 priority-4 priority-default closed" title="Feature: Drop OpenID support (Closed)" href="https://www.redmine.org/issues/35755">#35755</a> for the upcoming Redmine 5.0.0.</p>