Comment 1 for bug 1257303

In the process of working on some other related bugs, I tried to reproduce this (admittedly with a different OpenID consumer, since I don't use the Canonical Gmail service) but found that it all seemed to work: the first form was /:token/+decide (where :token was the OpenID request token assigned by SSO to identify the exchange); entering an incorrect password there sent me to /:token/+login; and entering a correct password there eventually sent me back to the originating site.

I think that this bug has probably been fixed along the way, although I've been unable to identify a relevant code change that happened after it was filed. Please could anyone who experienced this bug in the past check whether you still see it? (Note that for these purposes I'm only interested in problems with this specific flow; I know that there are other ways you can end up having the OpenID request token forgotten along the way, and I have a merge proposal up that fixes quite a number of these.)