Defect #11778

openid : Fields not taken when logged in using Google account. Redmine 2.0.3

Added by Anup Nair about 8 years ago. Updated over 7 years ago.

Status:NewStart date:
Priority:HighDue date:
Assignee:-% Done:

0%

Category:OpenID
Target version:-
Resolution: Affected version:2.0.3

Description

Environment:
Redmine version 2.0.3.stable
Ruby version 1.8.7 (x86_64-linux)
Rails version 3.2.6
Environment production
Database adapter MySQL
Redmine plugins:
no plugin installed

I deployed the above redmine instance running over apache with passenger.

I enabled OpenID authentication in the settings.
Upon using Google App Account for login it redirects to Google for login and authorization. Works fine until here.

Thereafter, it shows a redmine registration page with following errors:

Login can't be blank
First name can't be blank
Last name can't be blank
Email can't be blank

I have to manually enter each field. Ideally this should have come automatically.

I have tried OpenID-fix but it doesn't work with redmine 2.0.3.

Entries in the application log is given below.

Started GET "/login?_method=post&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=id_res&openid.op_endpoint=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fud&openid.response_nonce=2012-09-05T11%3A21%3A42ZmjzBaAvps53Q1A&openid.return_to=http%3A%2F%2Ftracker.xxx.xxx.com%2Flogin%3F_method%3Dpost&openid.assoc_handle=AMlYxxxxxxxxxxxxxxxxxXchR3cDErPo30gskxxxxxxrkuzwA76&openid.signed=op_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle&openid.sig=Xdvxxxxxxxxxx7gFQRXf0%3D&openid.identity=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%xxxxxxxxxxdcniXPa9HagoovdIpQ&openid.claimed_id=https%3A%2F%2Fwww.google.com%2Faccountsxxxxxxx44ghdtWhTqsdcnxxxxxgoovdIpQ" for 192.168.2.xxx at Wed Sep 05 17:02:43 +0530 2012
Error attempting to use stored discovery information: OpenID::TypeURIMismatch
Attempting discovery to verify endpoint
Performing discovery on https://www.google.com/accounts/o8/id?id=AItOaxxxhTqsdcniXxxxxxxgoovdIpQ
WARNING: making https request to https://www.google.com/accounts/o8/id?id=AItOxxwlLAgxxxxxxxxxxxxovdIpQ without verifying server certificate; no CA path was specified.
Processing by AccountController#login as HTML
WARNING: Can't verify CSRF token authenticity
  Rendered account/register.html.erb within layouts/base (15.1ms)
Completed 200 OK in 63ms (Views: 22.7ms | ActiveRecord: 5.7ms)

I have tried looking around for a fix for 2.0.3 but failed to find any trackers covering this issue.

If this has been reported & fixed before, then kindly provide me the link to the same.

redmine-openid_ax_requests_fix_google_yahoo_registration-DrewDahl-11778.patch Magnifier (4.48 KB) Andrew Dahl, 2012-12-16 14:01

redmine-openid_ax_requests_fix_google_yahoo_registration-2.3.1.patch - OpenID patch for 2.3.1 (3.5 KB) Siebe Joris Jochems, 2013-06-19 10:12


Related issues

Related to Redmine - Defect #8399: openid logins not working with 2.0 redirects Resolved 2011-05-18
Related to Redmine - Defect #3780: Attribute exchange with OpenID providers New 2009-08-25

History

#1 Updated by Toshi MARUYAMA about 8 years ago

  • Assignee deleted (Jonas De Meulenaere)

#2 Updated by Lars Pedersen about 8 years ago

I see the same problem. Are we doing anything wrong here ?

#3 Updated by Andrew Dahl almost 8 years ago

The problem is that Google, Yahoo, and, from what I understand, most big name OpenID providers are no longer supporting SReg (Simple Registration) requests and have switched to AX (Attribute Exchange). Redmine is currently setup to use SReg.

I've attached a patch that works on Google and Yahoo. I haven't tested it on other providers, but I'm fairly confident it will work as well, if not better, than the current implementation.

The patch is to be applied against 2.1.4.stable

I tested it using Ruby 1.9.3 and Rails 3.2.8

#4 Updated by Anonymous over 7 years ago

I think the openid-fix plugin also caters for this: http://projects.andriylesyuk.com/projects/openid-fix

But of course this should be fixed / implemented in Redmine itself.

Finally, see also issue #8399.

#5 Updated by Antoine Beaupré over 7 years ago

This may be a dupe of #3780 - although it doesn't have a patch like here.

#6 Updated by Siebe Joris Jochems over 7 years ago

I've tried to apply the patch to Redmine 2.3.1 and found out it didn't work 'out of the box'. So here is an updated patch. :-)

It's been 10 months already...

Also available in: Atom PDF