-
Notifications
You must be signed in to change notification settings - Fork 490
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rename API: Does not work properly with non builtin accounts. #5811
Milestone
Comments
Here is the query to run in production that should find any possible broken users: (note that this may return some non broken, if for example they chose to use their orcid id as their dataverse id) |
sekmiller
added a commit
that referenced
this issue
May 3, 2019
kcondon
added a commit
that referenced
this issue
May 3, 2019
…or-remote-users #5811 Fix rename user account
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Using the rename API endpoint does not work properly with shib, orcid, google, github accounts since their persistentuserid column in the authenticateuserlookup table is not the same as their useridentifier in the authenticateduser table. The net effect when renaming one of these account identifiers is it places the useridentifier in place of the persistentuserid for that account in the authenticateduserlookup table and when they try to log in with that account it does not recognize that the account exists since persistenuserid is different and prompts the user to create a new account that then fails with duplicate email addr. The fix is to put the persistentuserid back the way it was but simply renaming it back using the API won't work -you need to do it directly in the db. The trick is locating the correct value.
Gustavo identifier the place in the code:
here is the code, btw, and it is a bug:
AuthenticatedUserLookup aul = au.getAuthenticatedUserLookup();
aul.setPersistentUserId(newIdentifier);
(that is correct for native users, but not for shib. (and not sure about oauth?)
The text was updated successfully, but these errors were encountered: