Launchpad itself

when specifying max_auth_age in an OpenID (PAPE) request, email address is unnecessarily requested

Bug #316796 reported by Christopher Armstrong on 2009-01-13

Affects		Status	Importance	Assigned to	Milestone
	Landscape Server	Fix Released	Medium	Christopher Armstrong	Landscape Server mountainview
	Launchpad itself	Fix Released	High	Francis J. Lacoste	Launchpad itself 2.2.2

Bug Description

When we specify max_auth_age in an OpenID request, even though we may already be logged in to Launchpad, the login screen asks for my email address. At least for Landscape, this causes an awkward workflow: the user types their email address into Landscape (so that we can look up their account and decide whether to use OpenID auth for them) and then they're directed to Launchpad, which asks for their email address again.

Given that the user *is* actually logged in to Launchpad, it shouldn't really be necessary to type the email address in again. It'd be nice if this were either fixed by default or if there were a way for us to specify the default email address to fill into that field when we're making the OpenID request.

Tags:

Revision history for this message

Francis J. Lacoste (flacoste) wrote on 2009-01-14:

We can have a simple fix to pre-fill the user's email address when he's already logged in (and are prompting him because he didn't logged in since max_auth_age).

That won't solve the issue for new users who don't have a Launchpad account yet, or that aren't logged in Launchpad. They'll have to enter their email again.

Solving this for them would involve defining a new OpenID request parameter (or using an existing proposed one, we'll have to research) to hint about the email address.

Because of the OpenID handshake, we simply cannot tack it on the request URL.

Changed in launchpad-foundations:
importance:	Undecided → High
milestone:	none → 2.2.1
status:	New → Triaged

Revision history for this message

Christopher Armstrong (radix) wrote on 2009-01-14:

For what it's worth, I consider solving this for a non-logged-in user a different issue.

Revision history for this message

Gustavo Niemeyer (niemeyer) wrote on 2009-01-27:

Francis, is there an estimated time to get this issue fixed? This is somewhat bad for Landscape, since users will have to type their email addresses twice at all times when logging in.

For the users who don't yet have an account, we can pass Launchpad an additional parameter with the given user's email if needed.

Francis J. Lacoste (flacoste) on 2009-02-02

Changed in launchpad-foundations:
milestone:	2.2.1 → 2.2.2

Andreas Hasenack (ahasenack) on 2009-02-05

Changed in landscape:
importance:	Undecided → Medium
milestone:	none → mountainview

Francis J. Lacoste (flacoste) on 2009-02-05

Changed in launchpad-foundations:
assignee:	nobody → flacoste

Revision history for this message

Francis J. Lacoste (flacoste) wrote on 2009-02-06:

Fixed in RF 7721.

Changed in launchpad-foundations:
status:	Triaged → Fix Committed

Revision history for this message

Francis J. Lacoste (flacoste) wrote on 2009-02-12:

This has been cherry-picked.

Changed in launchpad-foundations:
status:	Fix Committed → Fix Released

Andreas Hasenack (ahasenack) on 2009-04-08

Changed in landscape:
status:	New → Fix Released

Andreas Hasenack (ahasenack) on 2009-04-08

Changed in landscape:
assignee:	nobody → radix

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.