Canonical SSO provider

login.launchpad.net email address validation links are sometimes broken

Bug #1787496 reported by Tom Reynolds
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Canonical SSO provider
Fix Released
Critical
Maximiliano Bertacchini

Bug Description

Hi,

someone in #ubuntu that email address validation is currently broken, and I was able to confirm this using an account created solely for this purpose: tester-0815.

I requested an e-mail address validation e-mail, and received it. When accessing the email address validation link embedded in this email (I compared it against the e-mail source code to ensure nothing is cut off or modified), then (successfully) logging in to Ubuntu One, the next thing I got was a 404 with an empty page.
Shift-reloading (Firefox) does not fix it, returns another 404 and blank page. The email address remains unverified (based on the accoutn overview page on registered e-mail addresses).

Details on the request returning the 404:
Request Id W3X22n8AAQEAAHWrv0MAAABi1 , endpoint 162.213.33.100:443
The URL looks like this https://login.ubuntu.com/RANDOM_STRING/token/RANDOM_TOKEN/+newemail/EMAILADRESS

You are welcome to overtake this account and to delete it according to your needs. You are welcome to ask me questions about it on IRC to verify my (current) account ownership, if needed.

Thanks.

Related branches

lp:~maxiberta/canonical-identity-provider/revert-r1653
Celso Providelo (community): Approve
Diff: 814 lines (+112/-87)
11 files modified
django_project/settings_test.py (+0/-2)
src/api/v10/handlers.py (+2/-1)
src/api/v10/tests/utils.py (+1/-2)
src/api/v20/handlers.py (+7/-4)
src/api/v20/registration.py (+3/-3)
src/api/v20/tests/test_handlers.py (+5/-3)
src/api/v20/tests/test_registration.py (+31/-26)
src/identityprovider/emailutils.py (+22/-21)
src/identityprovider/tests/test_emailutils.py (+34/-23)
src/webui/views/account.py (+5/-1)
src/webui/views/ui.py (+2/-1)
Revision history for this message
William Grant (wgrant) wrote :

URLs in emails from login.launchpad.net now point to login.ubuntu.com, which doesn't have that OpenID interaction in its session.

Replacing login.ubuntu.com with login.launchpad.net in the URL from the email is a workaround.

Changed in canonical-identity-provider:
importance: Undecided → Critical
status: New → Triaged
William Grant (wgrant)
summary: - Email address validation is currently broken, returns 404 with blank
- page
+ login.launchpad.net email address validation links are sometimes broken
Revision history for this message
William Grant (wgrant) wrote :

We've rolled back the bad release, so this is now fixed on production.

Changed in canonical-identity-provider:
status: Triaged → In Progress
Revision history for this message
Maximiliano Bertacchini (maxiberta) wrote :

The offending commit has been reverted in trunk.

Changed in canonical-identity-provider:
assignee: nobody → Maximiliano Bertacchini (maxiberta)
status: In Progress → Fix Committed
Maximiliano Bertacchini (maxiberta)
Changed in canonical-identity-provider:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.