Bug #4296

[SSO] 500 from a fresh login

Added by Brett Smith about 6 years ago. Updated almost 6 years ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Category:
-
Target version:
Start date:
10/23/2014
Due date:
% Done:

100%

Estimated time:
(Total: 0.00 h)
Story points:
1.0

Description

Steps to reproduce:

  1. Start with a new browser session. No cookies, etc.
  2. Visit workbench.qr1hi.
  3. Click "Log in."
  4. Go through Google's log in process.

Expected results:

After you finish that login process, you land on a Workbench page.

Actual results:

When you log in with Google, you get a 500 page. If you go back to workbench.qr1hi, you can click "Log in" again, and it works that time. It seems like there's something off about the case where the user is not already logged in with Google when they try to log in.


Subtasks

Task #4588: FixResolvedPeter Amstutz

Task #4377: DiagnoseResolvedPeter Amstutz


Related issues

Related to Arvados - Feature #4570: [SSO] Implement Google OAuth2 for new SSO installationsResolved11/05/2014

Associated revisions

Revision c253c634
Added by Peter Amstutz about 6 years ago

Merge branch '4296-login-500' refs #4296

History

#1 Updated by Tom Clegg about 6 years ago

  • Target version changed from Bug Triage to Arvados Future Sprints

#2 Updated by Tom Clegg about 6 years ago

  • Story points set to 1.0

#3 Updated by Ward Vandewege about 6 years ago

  • Target version changed from Arvados Future Sprints to 2014-11-19 sprint

#4 Updated by Ward Vandewege about 6 years ago

  • Assigned To set to Peter Amstutz

#5 Updated by Peter Amstutz about 6 years ago

Started GET "/" for 127.0.0.1 at 2014-11-17 14:27:34 -0500
Processing by AuthController#welcome as HTML
Rendered auth/welcome.html.erb within layouts/application (1.6ms)
Completed 500 Internal Server Error in 16ms

ActionView::Template::Error (application.css isn't precompiled):
    2: <html>
    3: <head>
    4:   <title>CfiOauthProvider</title>
    5:   <%= stylesheet_link_tag    "application", :media => "all" %>
    6:   <%= javascript_include_tag "application" %>
    7:   <%= csrf_meta_tags %>
    8: </head>
  app/views/layouts/application.html.erb:5:in `_app_views_layouts_application_html_erb__1919252491310798925_40904760'

#6 Updated by Peter Amstutz about 6 years ago

This seems like it might be the root cause of the redirection issue:

https://code.google.com/p/gdata-issues/issues/detail?id=6628

#7 Updated by Peter Amstutz about 6 years ago

  • Target version changed from 2014-11-19 sprint to 2014-12-10 sprint

#8 Updated by Peter Amstutz about 6 years ago

commit:cfd47c9a7abf514ce34fb6f762850bafdb33bace in the sso-provider repository fixes the actual 500 error.

However, there is still a problem with redirects, where Google's sign in page actually causes the browser to visit the callback more than once. The first callback removes the redirect from the session, but the user actually sees the result of the 2nd callback, which doesn't have the redirect any more and so they end up at a generic page, which was the one that was broken and fixed in the above commit.

On google's side, the problem of getting more than one callback may be fixed on OAuth2 login page, although the bug report in note #6 is for OAuth2 and not OpenId.

The missing redirect problem wouldn't be such a big deal except that the fallback "welcome" page consists of simply a hardcoded link to qr1hi. If we had #3312, this page could actually be useful.

#9 Updated by Peter Amstutz about 6 years ago

Fixes related to this are merged into #4570, please review it there.

#10 Updated by Peter Amstutz almost 6 years ago

  • Status changed from New to In Progress

#11 Updated by Ward Vandewege almost 6 years ago

  • Status changed from In Progress to Resolved

I reviewed and merged this over the weekend.

Also available in: Atom PDF