My favorites | Sign in
Project Home Downloads Wiki Issues Source
New issue   Search
for
  Advanced search   Search tips   Subscriptions
Issue 4: Email address not set when logging in with Google Account
  Back to list
Status:  WontFix
Owner:  code-rev...@gtempaccount.com
Closed:  Sep 2009

Blocking:
issue 3
issue 34


Sign in to add a comment
 
Reported by code-rev...@gtempaccount.com, Sep 24, 2009
Reported by Shawn Pearce <sop@google.com> on Mon Jan 12 09:52:56 PST 2009
Source: JIRA GERRIT-4
Affected Version: 2.0

Web Identities/Email Address - I don't know why but when I logged with Google
Account info this field was not set. That causes Gerrit to refuse my git-
pushes with message "invalid committer".
Sep 24, 2009
#1 code-rev...@gtempaccount.com
Comment by Shawn Pearce <sop@google.com> on Thu Jan 15 12:24:03 PST 2009

Its set if Google supplies it to us.  We certainly are asking for it and
getting it back in.

Users can now also define their own addresses, but they need to confirm them
by getting an email and clicking on the activation link.
Sep 24, 2009
#2 code-rev...@gtempaccount.com
Update by Shawn Pearce <sop@google.com> on Thu Jan 15 12:24:03 PST 2009

Fixed in version 2.0.
Status: Fixed
Sep 24, 2009
#3 code-rev...@gtempaccount.com
Comment by Shawn Pearce <sop@google.com> on Thu Jan 22 15:17:22 PST 2009

See comment just posted to GERRIT-34 regarding Google Accounts not sending the
email address.
Sep 24, 2009
#4 code-rev...@gtempaccount.com
Comment by Shawn Pearce <sop@google.com> on Tue Jan 27 20:39:59 PST 2009

I'm now suspecting this can be caused by logging in for the first time and
immediately checking the "remember me" box on the google accounts confirm sign
in page.

I'll test that theory in the morning and either re-close this, or bring it up
with the Google Account group.
Sep 24, 2009
#5 code-rev...@gtempaccount.com
Update by Shawn Pearce <sop@google.com> on Tue Jan 27 20:39:59 PST 2009
Status: New
Sep 24, 2009
#6 code-rev...@gtempaccount.com
Update by Shawn Pearce <sop@google.com> on Tue Jan 27 20:40:20 PST 2009
Labels: -Priority-Major Priority-Critical
Sep 24, 2009
#7 code-rev...@gtempaccount.com
Comment by Shawn Pearce <sop@google.com> on Fri Mar 06 09:14:06 PST 2009

My conclusion after testing this and talking with the Google Accounts OpenID
developers is the following:

- *NEW* accounts who have never registered with a Gerrit server always get the
email supplied, even if the user clicks "Remember Me".

- Legacy accounts, imported from Google App Engine, don't supply the email if
the user clicks "Remember Me".  There is some sort of interaction occurring
between GAE and the OpenID engine such that the OpenID engine assumes we
already know the user, but *only* if the "Remember Me" box was checked.  My
assumption here is that way back when were were on Google App Engine user
logins were stored as OpenID tokens in the background, where we couldn't see
them.  Since the domain name is the same for "review.source.android.com" the
OpenID provider thinks we already know the token, and thus already know the
email.

Long story short, we can't fix this in Gerrit, and Google Accounts folks say
its working as intended on their side.


When/if we support PAPE, we can issue a request forcing the user to re-
authenticate and then Google Accounts will also force display of the approval
page, which will have the side-effect of sending the email (without affecting
the long term effect of the 'remember me' flag). So if we get a new account
without email we can allow the user to click on a button to "recover
account".  This requires adding PAPE support, and making user's consider "did
I already register here before?".


As of Mar 6 2009, 115 legacy users have "recovered" their accounts already,
and 1369 have not.

Of the 1369 who have not yet recovered accounts, only 7 were granted
permissions to code review/submit in any project.  These can be easily cleaned
up by hand as those users register with the site.

Of the 1369 who have not yet recovered accounts, only 17 have corporate
contributor agreements that can't be re-completed with just the click-through
CLA.  These can be easily corrected by hand as those users register with the
site.

At this point, its not worth trying to code a fix.  We're unlikely to see
1300+ of those accounts again, they were most probably just half-interested
slashdotters who came upon the site when AOSP was announced, and signed-in to
see what cool information they might get by doing so.
Sep 24, 2009
#8 code-rev...@gtempaccount.com
Update by Shawn Pearce <sop@google.com> on Fri Mar 06 09:14:06 PST 2009
Status: WontFix
Sign in to add a comment

Powered by Google Project Hosting