signon_identity_signout does not delete credentials from gnome keyring

Bug #1172710 reported by Lukas Vacek on 2013-04-25
258
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Online Accounts: signond keyring extension
Medium
Alberto Mardegan
signon-keyring-extension (Ubuntu)
Undecided
Alberto Mardegan

Bug Description

Hey,

In clean installation of raring, signon_identity_signout function does not work, and while it returns with success the login credentials are still kept in gnome-keyring.

Example python script to reproduce this issue:

#!/usr/bin/env python3

import argparse
import sys

from gi.repository import GLib
from gi.repository import GObject
from gi.repository import Accounts
from gi.repository import Signon

class AccountConsole:
    def __init__(self):
        self.manager = Accounts.Manager()

    def list_accounts(self, args):
        accounts = self.manager.list()
        if not accounts:
            print('No accounts')
            main_loop.quit()
            return

        for account_id in accounts:
            account = self.manager.get_account(account_id)
            enabledness = 'enabled' if account.get_enabled() else 'disabled'
            print('account: id %s, %s, provider: %s' % (account_id, enabledness, account.get_provider_name()))
        main_loop.quit()

    def remove_credentials(self, args):
        self.args = args
        self.account = account = self.manager.get_account(args.account)
        if self.account is None:
            print("no such account")
            main_loop.quit()
            return
        value, signon_id = account.get_variant(args.signon_id_field )
        if value is not None and signon_id != Accounts.SettingSource.NONE:
           self.account.set_enabled(False)
            # is still stored even though the user would believe they have been deleted
            print ( signon_id )
            self.identity = Signon.Identity.new_from_db( signon_id )
            if self.identity is not None:
                self.identity.signout(lambda x,y,z:
                        self.account.store(lambda x,y,z:
                            [print("done"),main_loop.quit() ], 0)
                    , 0 )
        else:
            print ("No credentials set for account")
            main_loop.quit()

    def on_credentials_stored(self, identity, id, error, account):
        self.account.set_variant(self.args.signon_id_field, GLib.Variant('u', id))
        self.account.store(lambda x,y,z: [print("done"), main_loop.quit() ], None)

app = AccountConsole()

parser = argparse.ArgumentParser(description='Command-line tool for account handling')
subparsers = parser.add_subparsers(title='Valid actions')

subparser = subparsers.add_parser('list',
        help='List existing accounts')
subparser.set_defaults(func=app.list_accounts)

subparser = subparsers.add_parser('remove_credentials',
        help='Remove credentials for an account')
subparser.add_argument('account', type=int,
        help='Id of the SignOn identity')
subparser.add_argument('--signon-id-field', type=str, default='CredentialsId',
        help='Name of the key holding the SignOn ID')
subparser.set_defaults(func=app.remove_credentials)

args = parser.parse_args()
if 'func' in args:
    main_loop = GLib.MainLoop()
    GLib.idle_add(args.func, args)
    main_loop.run()
else:
    parser.print_help()

steps:
1) Launch "credentials-preferences" and create a new account
2) check the password in gnome-keyring
3) execute the above script with "list" parameter
4) execute the above script with "remove_credentials <account_number>"
5) check the password in gnome-keyring (fail: the password have not been deleted). Expected result: credentials have been deleted

ProblemType: Bug
DistroRelease: Ubuntu 13.04
Package: signond 8.49-0ubuntu2
ProcVersionSignature: Ubuntu 3.8.0-19.29-generic 3.8.8
Uname: Linux 3.8.0-19-generic i686
ApportVersion: 2.9.2-0ubuntu8
Architecture: i386
Date: Thu Apr 25 14:04:27 2013
InstallationDate: Installed on 2013-04-24 (0 days ago)
InstallationMedia: Ubuntu 13.04 "Raring Ringtail" - Release i386 (20130424)
MarkForUpload: True
SourcePackage: signon
UpgradeStatus: No upgrade log present (probably fresh install)

Related branches

Lukas Vacek (lukas-vacek) wrote :
information type: Private Security → Public Security
Alberto Mardegan (mardy) wrote :

Thanks Lukas for reporting this bug! The script you provided didn't work for me, I'm attaching a slightly modified one which worked for me.

Anyway, the bug exists (even with the fixed script, the credentials are not removed). But I found where the problem is and a fix will be ready soon.

Changed in signon (Ubuntu):
assignee: nobody → Alberto Mardegan (mardy)
status: New → In Progress
affects: signon (Ubuntu) → signon-keyring-extension (Ubuntu)
Changed in signon-keyring-extension:
assignee: nobody → Alberto Mardegan (mardy)
status: New → In Progress
importance: Undecided → Medium
PS Jenkins bot (ps-jenkins) wrote :

Fix committed into lp:signon-keyring-extension at revision 28, scheduled for release in signon-keyring-extension, milestone 0.1-bzr8

Changed in signon-keyring-extension:
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package signon-keyring-extension - 0.5.1daily13.06.05.1-0ubuntu1

---------------
signon-keyring-extension (0.5.1daily13.06.05.1-0ubuntu1) saucy; urgency=low

  [ Ken VanDine ]
  * New upstream version

  [ Alberto Mardegan ]
  * Remove record when signond asks to remove the data for all authentication
    methods (LP: #1172710)
  * Build with Qt5 by default

  [ Ubuntu daily release ]
  * Automatic snapshot from revision 28

signon-keyring-extension (0.5bzr13.04.26daily13.05.02ubuntu.unity.next-0ubuntu1) raring; urgency=low

  [ Łukasz 'sil2100' Zemczak ]
  * debian/control:
    - Modifications related to compliance with our packaging standards

  [ Ubuntu daily release ]
  * Automatic snapshot from revision 26 (ubuntu-unity/next)

signon-keyring-extension (0.5bzr13.04.26daily13.05.01.1ubuntu.unity.next-0ubuntu1) raring; urgency=low

  [ Ken VanDine ]
  * debian/control
    - Build depend on qt5-qmake and qt5-default

  [ Ubuntu daily release ]
  * Automatic snapshot from revision 24 (ubuntu-unity/next)
 -- Ubuntu daily release <email address hidden> Wed, 05 Jun 2013 18:49:02 +0000

Changed in signon-keyring-extension (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers