Opened 8 years ago

Closed 8 years ago

#3822 closed defect (fixed)

OpenID failure results in some 500 errors

Reported by: emj Owned by: Tom Hughes
Priority: minor Milestone:
Component: website Version:
Keywords: Cc:

Description

Bug 1

Steps:

  1. don't set an "openid URL" to login.
  2. press the "openid" logo
  3. enter your openid http://tiq.com/~erik
  4. press login.

Results: A page with " Application error

The OpenStreetMap server encountered an unexpected condition that prevented it from fulfilling the request (HTTP 500)[....]"

Bug 2:

  1. Make all the steps above, then after 3.
  2. press back
  3. try to login with your password.

Results: Will get you an 500 error as well, the openid option get stuck in someway.

Change History (8)

comment:1 Changed 8 years ago by Tom Hughes

I think it must be more complicated than that because I know people have been managing to login using custom openid URLs...

comment:2 Changed 8 years ago by Tom Hughes

When I tried it (with your URL) I got redirected off to http://tiq.com/~erik/openid/?openid.mode=authorize which just displayed a "You may not access this mode directly." message.

comment:3 Changed 8 years ago by emj

Sorry for the inconvenience.. I see that it is fixed here you have the urls:

Username:a password:a

Results in bug

http://tiq.com/~erik/osm-openid-bug/

Works: empty strings in the "simple Registration Extension" part.

http://tiq.com/~erik/osm-openid-bug/2/

Works: fake email address in

http://tiq.com/~erik/osm-openid-bug/1/

comment:4 Changed 8 years ago by emj

Resolution: fixed
Status: newclosed

comment:5 Changed 8 years ago by Tom Hughes

Err sorry, but have I missed something? Are you saying there is a valid OpenID response that causes us to 500? If there is then I'd like to know about it....

comment:6 Changed 8 years ago by emj

Resolution: fixed
Status: closedreopened

Hmm ok so this URL still doesn't work:

http://tiq.com/~erik/osm-openid-bug/

The only difference is that it hasn't got "Simple Registration Extension" enabled, so there are no values for "nickname" not "email" being sent.

comment:7 Changed 8 years ago by amm

Adding a

sreg = {} unless sreg ax = {} unless ax

on line 547 of the user_controller.rb seems to fix this issue.

comment:8 Changed 8 years ago by Tom Hughes

Resolution: fixed
Status: reopenedclosed

This should be fixed now.

Note: See TracTickets for help on using tickets.