2011-10-04 13:23:45 |
Stuart Langridge |
bug |
|
|
added bug |
2011-10-04 13:25:21 |
Ricardo Kirkner |
canonical-identity-provider: status |
New |
Confirmed |
|
2011-10-04 13:25:26 |
Ricardo Kirkner |
canonical-identity-provider: importance |
Undecided |
Medium |
|
2011-10-04 13:28:21 |
Michał Karnicki |
bug |
|
|
added subscriber Michał Karnicki |
2011-11-16 17:59:47 |
Stuart Metcalfe |
tags |
|
escalated |
|
2011-11-17 13:55:35 |
Stuart Metcalfe |
description |
A plain user of the SSO API cannot retrieve their own list of tokens. It requires a privileged "API user". This is quite frustrating, because if I want to build an app where the user signs in with username and password, I *must* create a new token every time. If I could get the list of user tokens, I could see if I've already created a token for my app and just use it again. What this leads to is SSO holding a zillion tokens for a user, because I have to create a new one every go.
http://bazaar.launchpad.net/~canonical-isd-hackers/canonical-identity-provider/trunk/view/head:/identityprovider/api10/handlers.py#L332 shows that the list_tokens operation is restricted to API users; perhaps it would be OK for a user to list existing tokens (since I have their username and password anyway, so I can create a new token if I want). |
A plain user of the SSO API cannot retrieve their own list of tokens. It requires a privileged "API user". This is quite frustrating, because if I want to build an app where the user signs in with username and password, I *must* create a new token every time. If I could get the list of user tokens, I could see if I've already created a token for my app and just use it again. What this leads to is SSO holding a zillion tokens for a user, because I have to create a new one every go.
http://bazaar.launchpad.net/~canonical-isd-hackers/canonical-identity-provider/trunk/view/head:/identityprovider/api10/handlers.py#L332 shows that the list_tokens operation is restricted to API users; perhaps it would be OK for a user to list existing tokens (since I have their username and password anyway, so I can create a new token if I want).
Escalated by sil |
|
2012-04-10 19:33:08 |
David Owen |
tags |
escalated |
escalated kb-feature sp-1 |
|
2012-04-12 16:33:50 |
David Owen |
canonical-identity-provider: status |
Confirmed |
Triaged |
|
2012-04-16 10:57:18 |
Stuart Metcalfe |
tags |
escalated kb-feature sp-1 |
kb-feature sp-1 |
|
2012-04-16 10:57:25 |
Stuart Metcalfe |
description |
A plain user of the SSO API cannot retrieve their own list of tokens. It requires a privileged "API user". This is quite frustrating, because if I want to build an app where the user signs in with username and password, I *must* create a new token every time. If I could get the list of user tokens, I could see if I've already created a token for my app and just use it again. What this leads to is SSO holding a zillion tokens for a user, because I have to create a new one every go.
http://bazaar.launchpad.net/~canonical-isd-hackers/canonical-identity-provider/trunk/view/head:/identityprovider/api10/handlers.py#L332 shows that the list_tokens operation is restricted to API users; perhaps it would be OK for a user to list existing tokens (since I have their username and password anyway, so I can create a new token if I want).
Escalated by sil |
A plain user of the SSO API cannot retrieve their own list of tokens. It requires a privileged "API user". This is quite frustrating, because if I want to build an app where the user signs in with username and password, I *must* create a new token every time. If I could get the list of user tokens, I could see if I've already created a token for my app and just use it again. What this leads to is SSO holding a zillion tokens for a user, because I have to create a new one every go.
http://bazaar.launchpad.net/~canonical-isd-hackers/canonical-identity-provider/trunk/view/head:/identityprovider/api10/handlers.py#L332 shows that the list_tokens operation is restricted to API users; perhaps it would be OK for a user to list existing tokens (since I have their username and password anyway, so I can create a new token if I want). |
|
2016-02-25 16:23:16 |
Michał Karnicki |
removed subscriber Michał Karnicki |
|
|
|