Improve account creation workflow
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Canonical SSO provider |
Fix Released
|
High
|
David Owen | ||
Bug Description
(forwarded from a mail from Martin Albisetti)
Hello everyone,
Reviewing the SSO registration process with Anthony, I bumped into an issue I'd like us to consider solving before rolling out.
The current workflow is roughly as follows:
1) User clicks on "create account" on a "random" website
2) They get sent to a page where you're presented with a log in and a registration form
3) The user clicks on registration
4) The form asks them for their email address (and a captcha verification)
5) Email is sent with a verification URL
6) User clicks on the URL, get sent to back to the SSO page
7) SSO asks them for their name and password, user fills them in, submits
8) We present the user with a page that tells them what information will be sent to the site that sent them here, and ask them to explicitly submit it
9) User continues their flow on the site they started on
Besides this being too many steps, we split our the information gathering into 2 places, making the process even more confusing, especially if the email verification is done a long time after the process got started.
I spent quite a bit of time discussing this with James Henstridge and Steve Alexander a while back and we had found a better solution for this (and hopefully simple enough to implement now), without getting into creating accounts without verified email addresses, which is a complex and uncertain change.
It goes something roughly like this:
1) User clicks on "create account" on a "random" website
2) They get sent to a page where you're presented with a log in and a registration form
3) The user clicks on registration
4) The form asks for *all* the information (gets saves on a cookie, like the redirect URL)
5) Email is sent with a verification URL
6) User clicks on the URL, get sent to back to *the original site they came from* (we create the SSO account in the back, and don't ask them to verify the information they want to send, as they have already entered it into the system, prompted by the other site)
While this shouldn't block on testing the SSO service with Canonical sites, where everyone already has an SSO account, I feel it's important to do before it's rolled out to a public site, like Ubuntu One.
Related branches
- Danny Tamez (community): Approve
-
Diff: 997 lines (+346/-172)14 files modifieddoctests/stories/openid/per-version/sso-workflow-complete.txt (+12/-8)
doctests/stories/openid/per-version/sso-workflow-register.txt (+14/-10)
doctests/stories/sso-server/standalone-login.txt (+11/-24)
identityprovider/auth.py (+12/-5)
identityprovider/forms.py (+7/-1)
identityprovider/models/account.py (+19/-4)
identityprovider/models/authtoken.py (+16/-6)
identityprovider/templates/registration/confirm_new_account.html (+34/-0)
identityprovider/templates/registration/new_account.html (+17/-3)
identityprovider/tests/test_loginservice.py (+3/-0)
identityprovider/tests/test_models_authtoken.py (+1/-1)
identityprovider/tests/test_views_ui.py (+23/-23)
identityprovider/urls.py (+3/-0)
identityprovider/views/ui.py (+174/-87)
| visibility: | public → private |
| Stuart Metcalfe (stuartmetcalfe) wrote | #1 |
| visibility: | private → public |
| Changed in canonical-identity-provider: | |
| milestone: | none → 2.7.0 |
| Changed in canonical-identity-provider: | |
| milestone: | 2.7.0 → 2.8.0 |
| Stuart Metcalfe (stuartmetcalfe) wrote | #2 |
| Changed in canonical-identity-provider: | |
| assignee: | nobody → Matthew Nuzum (newz) |
| status: | New → Confirmed |
| importance: | Undecided → Medium |
| Anthony Lenton (elachuni) wrote | #3 |
| Changed in canonical-identity-provider: | |
| milestone: | 2.8.0 → 2.9.0 |
| Changed in canonical-isd-qa: | |
| milestone: | none → canonical-identity-provider+2.9.0 |
| Changed in canonical-isd-qa: | |
| importance: | Undecided → Medium |
| Changed in canonical-identity-provider: | |
| importance: | Medium → High |
| Changed in canonical-isd-qa: | |
| importance: | Medium → High |
| David Owen (dsowen) wrote | #4 |
| Changed in canonical-identity-provider: | |
| assignee: | Matthew Nuzum (newz) → David Owen (dsowen) |
| Changed in canonical-identity-provider: | |
| status: | Confirmed → In Progress |
| Changed in canonical-identity-provider: | |
| milestone: | 2.9.0 → 2-implementation |
| Changed in canonical-identity-provider: | |
| milestone: | 2-implementation → 3-internal-qa |
| status: | In Progress → Fix Committed |
| David Owen (dsowen) wrote | #5 |
| Changed in canonical-isd-qa: | |
| status: | New → Confirmed |
| Julien Funk (jaboing) wrote | #6 |
| Changed in canonical-isd-qa: | |
| status: | Confirmed → Fix Committed |
| Changed in canonical-identity-provider: | |
| milestone: | 3-internal-qa → 4-staging |
| Changed in canonical-identity-provider: | |
| milestone: | 4-staging → 5-production |
| Changed in canonical-isd-qa: | |
| status: | Fix Committed → Fix Released |
| Changed in canonical-identity-provider: | |
| status: | Fix Committed → Fix Released |
| Changed in canonical-identity-provider: | |
| milestone: | 5-production → 2.9.0 |
It'd be good to implement asynchronous email verification where it's not immediately required to return a verified email. Of course, we don't want to go sending unverified emails to relying parties because they might not realise they're unverified and start sending actual emails to them.