Unable to create a GitHub-backed account after failing with Persona

RESOLVED FIXED

Status

RESOLVED FIXED
2 years ago
2 years ago

People

(Reporter: jwhitlock, Assigned: jwhitlock)

Tracking

({in-triage})

Details

(Whiteboard: [specification][type:bug])

(Assignee)

Description

2 years ago
What did you do?
================
As reported in bug 1291057, and again in IRC:

1) Sign in with Persona, get the "can't create accounts with Persona" message.
2) Sign in with GitHub

What happened?
==============
Get the localized error "Could not find profile matching that account."

What should have happened?
==========================
Account creation with the new GitHub account should have started.

Is there anything else we should know?
======================================
There is code that is meant to detect that a user is adding a second social login, perhaps to avoid creating a second account.  This is resulting in the error message:

https://github.com/mozilla/kuma/blob/6a601785794334b16ab8a7e7848de046491b89e8/kuma/users/adapters.py#L133-L148

Some options:
1) This code could detect login versus connecting
2) The code that rejects Persona signups could clear the session data
Either this code needs to detect
(Assignee)

Updated

2 years ago
Blocks: 1291057
(Assignee)

Updated

2 years ago
See Also: → bug 1063830
Assignee: nobody → jwhitlock
Status: NEW → ASSIGNED
Keywords: in-triage

Comment 1

2 years ago
Commits pushed to master at https://github.com/mozilla/kuma

https://github.com/mozilla/kuma/commit/c7388008c517e74c569c7d13843bb428902afcbe
bug 1291892 - Branch tests for pre_social_login

KumaSocialAccountAdapter.pre_social_login will have more uncovered
branches when is_open_for_signup cleans up the session.

https://github.com/mozilla/kuma/commit/d55e926bfac348fa26c6db7fc20a1bf48bb09483
bug 1291892 - Clear the session on failed signup

Clear the session keys socialaccount_sociallogin and
sociallogin_provider when closed for signup, to prevent a failed
signup being confused with a failed account connection.

https://github.com/mozilla/kuma/commit/a131c8162c9c5e463df604ed98cb29b60d545bbc
bug 1291892 - Cleanup session on account creation

After a user account is successfully created from a social login, clear
the initial signin data from the session, so that the user can connect
a second account immediately without triggering the 'invalid account
connection' logic in pre_social_login.

https://github.com/mozilla/kuma/commit/b75b6dd69e1c2b726b80d569bda81cc2fe8b48fd
Merge pull request #3931 from mozilla/github_after_persona_1291892

bug 1291892 - Clear session on Persona signup fail
(Assignee)

Comment 2

2 years ago
I've pushed this code to staging and production.  However, I saw some strange behavior in Safari on staging:

1) Disassociate GitHub
2) Attempt to create an account with Persona, told "Can't create account with Persona" 
3) Clicked the link to try GitHub, get back to the "Can't create account with Persona"

I tested with Chrome, after deleting the social account records in the staging database, and the test worked as planned.  Back in Safari, it still gave me problems.

My best guess is that GitHub is caching data around me being logged in in the browser, and I'd have to sign out of GitHub as well for a clean test in Safari.  Or maybe the production load balancers are caching something they shouldn't. This shouldn't affect new users, who don't have existing signing with any of their accounts. Maybe.

Social accounts are hard. Authentication is hard. Still marking as fixed, but I'm ready to try something else if people have problems.
Status: ASSIGNED → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.