search

neos / Neos.IdNeosIo

The id.neos.io website
2 stars 6 forks source link

BUG: verify new email link throws 500 internal server error #26

Closed crydotsnake closed 1 year ago

crydotsnake commented 1 year ago

I tried to change my email address to id.neos.io. This has also worked so far. However, when I click on the verification link of my new email address, I get a 500 Internal Server Error as a response.

I tried it with my neos.io email, and even with my private email. Both didnt work.

error-log.txt

bwaidelich commented 1 year ago

@crydotsnake you should have access to the error logs, did you check those already?

crydotsnake commented 1 year ago

@crydotsnake you should have access to the error logs, did you check those already?

Thanks for the reminder! @bwaidelich 😅

Log says:

23-10-11 06:39:36 1525449    INFO                           Session: Started session with id dvqHQWm83pkKkaCpQSqDjjAlTN6XU5Il.
23-10-11 06:39:46 1525449    INFO                           Token with hash d562e2e0525bc20d10f1938b0c8402f93852144943b2b371eb646af53649b6f0 generated for identifier crydotsnake (valid until 2023-10-12 06:39:46) [id.neos.io change email]
23-10-11 06:39:46 1525449    INFO                           Activation link built for token with hash d562e2e0525bc20d10f1938b0c8402f93852144943b2b371eb646af53649b6f0 (id: crydotsnake)
23-10-11 06:40:03 1525700    INFO                           Session: Started session with id 9a2c2NNaO1bZYnxF5rpjZLIQVvxvw4pW.
23-10-11 06:40:14 1525700    INFO                           Validated token hash d562e2e0525bc20d10f1938b0c8402f93852144943b2b371eb646af53649b6f0 for identifier crydotsnake
23-10-11 06:40:14 1525700    INFO                           Validated token hash d562e2e0525bc20d10f1938b0c8402f93852144943b2b371eb646af53649b6f0 for identifier crydotsnake
23-10-11 06:40:14 1525700    CRITICAL                       Exception #403 in line 69 of /application/Packages/Libraries/guzzlehttp/guzzle/src/Middleware.php: Client error: `PUT https://crowd.neos.io/rest/usermanagement/1/user?username=crydotsnake` resulted in a `403 Forbidden` response:
{"reason":"APPLICATION_PERMISSION_DENIED","message":"External applications are not allowed to change user emails"}
bwaidelich commented 1 year ago

So that seems to be a (new?) limitation of Atlassian Crowd

bwaidelich commented 1 year ago

See https://jira.atlassian.com/browse/CWD-5792

crydotsnake commented 1 year ago

Hm Yes, it looks like that's the problem.

kdambekalns commented 1 year ago

The fix should be:

I confirm that setting up JVM parameter -Dcrowd.email.change.by.external.apps=true is a working solution

So, somone at netlogix can hopefully fix this…

kdambekalns commented 1 year ago

@crydotsnake Can you try again, to see if it's fixed?

crydotsnake commented 1 year ago

@crydotsnake Can you try again, to see if it's fixed?

Tested it again, and its working 👍🏽