Bryan CoscaBug #5951
closed
GET-Evidence login via google login no longer works - OpenID 2.0 is gone
Description
Currently unable to login to GET-Evidence, which is blocking editing variants. The error page you get directed to is attached
Files
Updated by Abram Connelly almost 9 years ago
Tom has a blog post about OpenID to OAuth 2.0 migration:
Piddling around I found it was pretty easy to get setup.
Updated by Ward Vandewege almost 9 years ago
- Target version changed from Bug Triage to 2015-06-10 sprint
Updated by Brett Smith almost 9 years ago
- Target version changed from 2015-06-10 sprint to 2015-07-08 sprint
Updated by Tom Clegg almost 9 years ago
At commit:40a50a0
In lib/openid.php
It looks like a number of possible errors culminating in a "no idea which user" condition are handled with "log something and proceed". I think we need to abandon ship at this point, presumably redirecting with an auth_error session var like in the earlier $resp->error condition.
if (!$id_payload->sub) {
error_log(json_encode($id_payload));
}
(After this the errors seem relatively benign: "don't know your full name" etc.)
I'm not sure what the best error message is here, but surely it shouldn't say OpenID:
if (!$resp) {
error_log(json_encode($http_response_header));
$_SESSION["auth_error"] = "Error: not a valid OpenID.";
In public_html/openid_verify_oauth2.php I suspect this regexp was meant to have a ^ anchor:
if (ereg ("/[^:]*$", $_REQUEST["return_url"], $regs))
Updated by Tom Clegg almost 9 years ago
At commit:get-evidence|bbb1ed9
The regexp in openid_verify_oauth2.php still doesn't look right -- now the initial slash is a preg delimiter but the ending one is missing. How about
-if (preg_match('/^\/[^:]*$', $_REQUEST["return_url"], $regs))
+if (preg_match('/^\/[^:]*$/', $_REQUEST["return_url"], $regs))
The rest looks good, thanks.
Updated by Abram Connelly almost 9 years ago
- Status changed from In Progress to Closed