Details

      Description

      Adding OpenId to existing users does not work.
      Steps to reproduce:
      1) Start a vanila Liferay bundle (tested with Tomcat, but should affect others as well)
      2) Disable "Allow strangers to create accounts?" in Control panel/Portal Settings/Authentication/General
      3) As Administrator create an account with a @gmail.com email address (or any other email that works as OpenId account), e.g. "john.doe@gmail.com"
      4) John Doe can login with his email and password.

      So far so good. Now John decides he wants to switch to OpenId.

      5) In the login portlet click on OpenId
      6) Use "https://www.google.com/accounts/o8/id" as your OpenId provider (or the url of your OpenId provider if you don't use gmail)
      7) Get redirected to gmail - John Doe uses his gmail account to log in
      8) Gmail (or the OpenId provider) generates an authentication URL: https://www.google.com/accounts/o8/id?id=AItOawlPq...
      9) Get redirected back to your portal

      What should happen:
      10a) Liferay finds the user with OpenId url https://www.google.com/accounts/o8/id?id=AItOawlPq... -> user is logged in
      10b) Liferay sees that there is no user with such OpenId URL.
      11) Get the email address from the OpenId response
      12) Find user by email - john.doe@gmail.com
      13) Update John's user account and set his OpenId URL to https://www.google.com/accounts/o8/id?id=AItOawlPq...
      14) Joe is now logged in

      What actually happens:

      between 6) and 7) Liferay tries to find the user with the general OpenId URL ("https://www.google.com/accounts/o8/id") and then by screen name (by somehow converting the general OpenId URL to "www.google.com.accounts.o8.id") which of course fails. The matching of users (by OpenId authentication URL or email or screen name) must happen AFTER step 9) when the user finished the authentication.

      Attached is a patch that fixes OpenIdAction.java

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Days since last comment:
                3 years, 32 weeks, 2 days ago