Launchpad itself

403 from SSO/api/v2/tokens/refresh results in OOPS rather than helpful email

Bug #1668368 reported by Nicholas Skaggs
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Launchpad itself
Fix Released
Low
Colin Watson

Bug Description

See https://code.launchpad.net/~juju-qa-bot/+snap/juju-candidate/+build/24410 for example. Note, uploads to the edge channel for same store package is successful.

Adding notes from Colin:

the 403 is from /api/v2/tokens/refresh, which is a bit mysterious
please quote OOPS-83ee077e2b4401cf4d156e4ce3823bc5
(though the statement log in that OOPS is junk, for reasons; but it at least includes a traceback)

Related branches

lp:~cjwatson/launchpad/snap-bad-refresh-response-mail
William Grant: Approve (code)
Diff: 146 lines (+84/-0)
5 files modified
lib/lp/snappy/emailtemplates/snapbuild-refreshfailed.txt (+10/-0)
lib/lp/snappy/interfaces/snapstoreclient.py (+5/-0)
lib/lp/snappy/mail/snapbuild.py (+14/-0)
lib/lp/snappy/model/snapbuildjob.py (+4/-0)
lib/lp/snappy/tests/test_snapbuildjob.py (+51/-0)
Revision history for this message
Nicholas Skaggs (nskaggs) wrote :

I'll note that this appears to affect only candidate channel. All others upload properly.

Revision history for this message
Nicholas Skaggs (nskaggs) wrote :

This is happening regularly now:

See as an example.

https://code.launchpad.net/~juju-qa-bot/+snap/juju-edge/+build/26566

Revision history for this message
Colin Watson (cjwatson) wrote :

As far as I can tell, this is happening because the account that was used to authorise uploads of this snap to the store was ~jujuisquality-deactivatedaccount, which is (as the name suggests) a deactivated Launchpad account, which prevents refreshing time-limited credentials issued for it. To fix this, it will be necessary to reauthorise uploads of that snap using a different account. You can do so using (for example) the following URL, though it may also be necessary to arrange that the account that you do this with has permission to upload the snap in question to the store:

  https://code.launchpad.net/~juju-qa-bot/+snap/juju-edge/+authorize

I think the only Launchpad bug here is that the error is not clearer; we should respond to this not with an OOPS but with an email indicating that you need to reauthorise uploads.

Nicholas Skaggs (nskaggs)
Changed in launchpad:
status: New → Invalid
Colin Watson (cjwatson)
summary: - Snap Store Upload failed "403: Client Error Forbidden"
+ 403 from SSO/api/v2/tokens/refresh results in OOPS rather than helpful
+ email
tags: added: email lp-snappy oops
Changed in launchpad:
status: Invalid → Triaged
importance: Undecided → Low
Colin Watson (cjwatson)
Changed in launchpad:
status: Triaged → In Progress
assignee: nobody → Colin Watson (cjwatson)
Revision history for this message
Launchpad QA Bot (lpqabot) wrote :

Fixed in stable r18410 <http://bazaar.launchpad.net/~launchpad-pqm/launchpad/stable/revision/18410>.

tags: added: qa-needstesting
Changed in launchpad:
status: In Progress → Fix Committed
Colin Watson (cjwatson)
tags: added: qa-ok
removed: qa-needstesting
Colin Watson (cjwatson)
Changed in launchpad:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.