search

publiclab / spectral-workbench

Web-based tools for collecting, analyzing, and sharing data from a DIY spectrometer
http://spectralworkbench.org
GNU General Public License v3.0
125 stars 157 forks source link

Failure to login with Publiclab OpenID #416

Open icarito opened 5 years ago

icarito commented 5 years ago

Hi, When attempting to log into SW, showing the 500 error instead of logging in. It remains possible to log in when starting a private browsing window.

Here's an example log from plots2 when this fails:

[11ee2390-14a4-4a9d-8a3f-2b0a086d990d] Started POST "/openid" for 104.130.174.245 at 2018-11-01 16:35:16 +0000
[bcc443cc-02fa-4892-a6d0-5a6ebbb74fb5]   Rendered users/profile.html.erb within layouts/application (1102.3ms)
[bcc443cc-02fa-4892-a6d0-5a6ebbb74fb5]   Rendered layouts/_social_icons.html.erb (0.1ms)
[bcc443cc-02fa-4892-a6d0-5a6ebbb74fb5]   Rendered layouts/_alerts.html.erb (0.4ms) [cache hit]                                                                                     [bcc443cc-02fa-4892-a6d0-5a6ebbb74fb5]   Rendered layouts/_header.html.erb (5.4ms) [cache hit]                                                                                     [bcc443cc-02fa-4892-a6d0-5a6ebbb74fb5]   Rendered layouts/_footer.html.erb (0.5ms) [cache hit]                                                                                     [bcc443cc-02fa-4892-a6d0-5a6ebbb74fb5]   Rendered layouts/application.html.erb (1124.0ms)                                                                                          [bcc443cc-02fa-4892-a6d0-5a6ebbb74fb5] Completed 200 OK in 2952ms (Views: 541.7ms | ActiveRecord: 1309.8ms)                                                                        [11ee2390-14a4-4a9d-8a3f-2b0a086d990d] Processing by OpenidController#index as */*                                                                                                 [11ee2390-14a4-4a9d-8a3f-2b0a086d990d]   Parameters: {"authenticity_token"=>"9kaWep6J7x5bFUyfLQOoQfgt+K4QOLf4yOQTW93lg0M=", "back_to"=>"/", "open_id"=>"icarito", "openid.assoc_handle"=>"{HMAC-SHA1}{5bdb2b43}{JNwUUA==}", "openid.claimed_id"=>"https://publiclab.org/openid/icarito", "openid.identity"=>"https://publiclab.org/openid/icarito", "openid.mode"=>"check_authentication", "openid.ns"=>"http://specs.openid.net/auth/2.0", "openid.ns.sreg"=>"http://openid.net/extensions/sreg/1.1", "openid.op_endpoint"=>"https://publiclab.org/openid", "openid.response_nonce"=>"2018-11-01T16:35:15Zz5zOtl", "openid.return_to"=>"https://spectralworkbench.org/session/new?authenticity_token=9kaWep6J7x5bFUyfLQOoQfgt%2BK4QOLf4yOQTW93lg0M%3D&back_to=%2F&open_id=icarito&return_to=%2F", "openid.sig"=>"4L3ulc5NbZvV8C15X1NC/1a+W/0=", "openid.signed"=>"assoc_handle,claimed_id,identity,mode,ns,ns.sreg,op_endpoint,response_nonce,return_to,signed,sreg.email,sreg.nickname", "openid.sreg.email"=>"sebastian@fuentelibre.org", "openid.sreg.nickname"=>"icarito", "return_to"=>"/"}                 [11ee2390-14a4-4a9d-8a3f-2b0a086d990d] Can't verify CSRF token authenticity.                                                                                                       [11ee2390-14a4-4a9d-8a3f-2b0a086d990d]   Rendering text template
[11ee2390-14a4-4a9d-8a3f-2b0a086d990d]   Rendered text template (0.1ms)
[11ee2390-14a4-4a9d-8a3f-2b0a086d990d] Completed 200 OK in 6ms (Views: 0.8ms | ActiveRecord: 0.0ms)

This was reported by felix-publiclab on #publiclab on Nov 1.

jywarren commented 5 years ago

Could this be related to recent OpenID changes via Dependabot? https://github.com/publiclab/plots2/pull/3778

On Thu, Nov 1, 2018 at 1:01 PM Sebastian Silva notifications@github.com wrote:

Hi, When attempting to log into SW, showing the 500 error instead of logging in. It remains possible to log in when starting a private browsing window.

Here's an example log from plots2 when this fails:

[11ee2390-14a4-4a9d-8a3f-2b0a086d990d] Started POST "/openid" for 104.130.174.245 at 2018-11-01 16:35:16 +0000 [bcc443cc-02fa-4892-a6d0-5a6ebbb74fb5] Rendered users/profile.html.erb within layouts/application (1102.3ms) [bcc443cc-02fa-4892-a6d0-5a6ebbb74fb5] Rendered layouts/_social_icons.html.erb (0.1ms) [bcc443cc-02fa-4892-a6d0-5a6ebbb74fb5] Rendered layouts/_alerts.html.erb (0.4ms) [cache hit] [bcc443cc-02fa-4892-a6d0-5a6ebbb74fb5] Rendered layouts/_header.html.erb (5.4ms) [cache hit] [bcc443cc-02fa-4892-a6d0-5a6ebbb74fb5] Rendered layouts/_footer.html.erb (0.5ms) [cache hit] [bcc443cc-02fa-4892-a6d0-5a6ebbb74fb5] Rendered layouts/application.html.erb (1124.0ms) [bcc443cc-02fa-4892-a6d0-5a6ebbb74fb5] Completed 200 OK in 2952ms (Views: 541.7ms | ActiveRecord: 1309.8ms) [11ee2390-14a4-4a9d-8a3f-2b0a086d990d] Processing by OpenidController#index as / [11ee2390-14a4-4a9d-8a3f-2b0a086d990d] Parameters: {"authenticity_token"=>"9kaWep6J7x5bFUyfLQOoQfgt+K4QOLf4yOQTW93lg0M=", "back_to"=>"/", "open_id"=>"icarito", "openid.assoc_handle"=>"{HMAC-SHA1}{5bdb2b43}{JNwUUA==}", "openid.claimed_id"=>"https://publiclab.org/openid/icarito", "openid.identity"=>"https://publiclab.org/openid/icarito", "openid.mode"=>"check_authentication", "openid.ns"=>"http://specs.openid.net/auth/2.0", "openid.ns.sreg"=>"http://openid.net/extensions/sreg/1.1", "openid.op_endpoint"=>"https://publiclab.org/openid", "openid.response_nonce"=>"2018-11-01T16:35:15Zz5zOtl", "openid.return_to"=>"https://spectralworkbench.org/session/new?authenticity_token=9kaWep6J7x5bFUyfLQOoQfgt%2BK4QOLf4yOQTW93lg0M%3D&back_to=%2F&open_id=icarito&return_to=%2F", "openid.sig"=>"4L3ulc5NbZvV8C15X1NC/1a+W/0=", "openid.signed"=>"assoc_handle,claimed_id,identity,mode,ns,ns.sreg,op_endpoint,response_nonce,return_to,signed,sreg.email,sreg.nickname", "openid.sreg.email"=>"sebastian@fuentelibre.org", "openid.sreg.nickname"=>"icarito", "return_to"=>"/"} [11ee2390-14a4-4a9d-8a3f-2b0a086d990d] Can't verify CSRF token authenticity. [11ee2390-14a4-4a9d-8a3f-2b0a086d990d] Rendering text template [11ee2390-14a4-4a9d-8a3f-2b0a086d990d] Rendered text template (0.1ms) [11ee2390-14a4-4a9d-8a3f-2b0a086d990d] Completed 200 OK in 6ms (Views: 0.8ms | ActiveRecord: 0.0ms)

This was reported by felix-publiclab on #publiclab on Nov 1.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/publiclab/spectral-workbench/issues/416, or mute the thread https://github.com/notifications/unsubscribe-auth/AABfJ4BiNB6Cl0qNvLEvUUaqRNacWbkFks5uqyjlgaJpZM4YHbd6 .