Login with the email once associated to a merge account OOPS
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical SSO provider |
Invalid
|
Undecided
|
Unassigned | ||
Launchpad itself |
Fix Released
|
High
|
Stuart Bishop |
Bug Description
If you merge two accounts on Launchpad, the OpenID reference is maintained on the merged record. Which means that when the user logs on the SSO server using the email address associated with the merged account, Launchpad tries to log in using the now invalid account and OOPS like OOPS-1582A1292 or OOPS-1585G1420:
AttributeError: 'NoneType' object has no attribute 'email'
There are multiple layers to fixing this problem.
1- First, the OpenIDCallbackView should check the validity of the account returned and offer an adequate error message to the user when the tied account is invalid.
2- We should allow linking multiple OpenID account to a Person. That way when we merge two persons, we can maintain the multiple accounts link. (So if <email address hidden> is merged into <email address hidden>, which still maintains two accounts on the the SSO server, login in using any of these accounts on SSO will end up in the correct person on Launchpad)
3- One could argue that the SSO should merge account at the same time than Launchpad, not sure about this one.
4- Use the returned email address from the SSO server to find the correct Person.
Changed in canonical-identity-provider: | |
status: | New → Confirmed |
Changed in canonical-identity-provider: | |
status: | Confirmed → New |
summary: |
- OpenID linking to an account that does not exist. + Login with the email once associated to a merge account OOPS |
Changed in canonical-identity-provider: | |
status: | New → Invalid |
description: | updated |
Changed in launchpad-foundations: | |
status: | New → Triaged |
importance: | Undecided → High |
tags: | added: openid |
Changed in launchpad-foundations: | |
assignee: | nobody → Stuart Bishop (stub) |
tags: | added: oops |
description: | updated |
tags: |
added: qa-ok removed: qa-needstesting |
Changed in launchpad-foundations: | |
status: | Fix Committed → Fix Released |
If possible, delete my old account of Ubuntu One servers first because I have a new account now.
No problem if someone wants to see my old things with the password I made available publicly.
There is nothing secret that expose myself.