"get() returned more than one User" when attempting to use the oauth protected parts of the api
Bug #701209 reported by
Anthony Lenton
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ratings and Reviews server |
Fix Released
|
Medium
|
Anthony Lenton | ||
Software Center Agent |
Fix Released
|
Medium
|
Anthony Lenton |
Bug Description
I suspect this is because:
- Django-openid-auth creates a user for you when you sign into (or try to sign into) authenticated pages like /reviews/
- The API is creating UserOpenIDs with only the openid_identifier as the claimed_id portion. This is a bad idea, and should be changed to use the full openid url.
These two openids are different and yet finish in the same openid_identifier, so a search for user's with an openid ending in a particular openid_identifier will return two Users.
Related branches
lp:~elachuni/rnr-server/avoid-duplicate-openids
- Ratings and Reviews Developers: Pending requested
-
Diff: 272 lines (+72/-29)5 files modifiedsrc/reviewsapp/auth.py (+7/-3)
src/reviewsapp/tests/factory.py (+3/-4)
src/reviewsapp/tests/test_auth.py (+44/-22)
src/reviewsapp/tests/test_utilities.py (+14/-0)
src/reviewsapp/utilities.py (+4/-0)
Changed in rnr-server: | |
status: | New → In Progress |
importance: | Undecided → Medium |
assignee: | nobody → Anthony Lenton (elachuni) |
tags: | added: kb-task |
Changed in rnr-server: | |
status: | In Progress → Fix Committed |
Changed in software-center-agent: | |
status: | New → In Progress |
importance: | Undecided → Medium |
assignee: | nobody → Anthony Lenton (elachuni) |
Changed in software-center-agent: | |
status: | In Progress → Fix Committed |
Changed in rnr-server: | |
status: | Fix Committed → Fix Released |
Changed in software-center-agent: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
QA untestable on sca there is no known case to trigger it, so we will test it on rnr where we have a case and make the assumption that if the code works on rnr it should work similarly on sca too.