PacketFence - BTS - PacketFence |
| View Issue Details |
|
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0001859 | PacketFence | captive portal | public | 2015-01-19 08:04 | 2015-01-19 10:10 |
|
| Reporter | repitah | |
| Assigned To | jsemaan.inverse | |
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | fixed | |
| Platform | All | OS | All | OS Version | All |
| Product Version | 4.5.0 | |
| Target Version | | Fixed in Version | | |
| fixed in git revision | d6e278a |
| fixed in mtn revision | |
|
| Summary | 0001859: User account creation for Oauth2 Facebook users is missing identifier |
| Description | When a user registers on the Capitive portal, using their facebook account, PacketFence creates the account '@facebook', wihout any further identification of which facebook user.
This can create an issue when limiting the amount of devices a user can connect with. |
| Steps To Reproduce | Sign in to the captive portal with a facebook account.
Go to users in the administration portal and check username created for facebook login. |
| Additional Information | Suggest a patch to /html/captive-portal/lib/captiveportal/PacketFence/ControllerOauth2.pm:
--- Oauth2.pm.bak 2015-01-19 12:05:03.425793650 +0200
+++ Oauth2.pm 2015-01-19 14:41:46.346816447 +0200
@@ -196,7 +196,7 @@
if ($provider eq 'google' || $provider eq 'github') {
$pid = $json_text->{email};
} elsif ($provider eq 'facebook') {
- $pid = $json_text->{username} . '@facebook.com';
+ $pid = $json_text->{id} . '@facebook';
} elsif ($provider eq 'windowslive'){
$pid = $json_text->{emails}->{account};
}
|
| Tags | No tags attached. |
| Relationships | |
| Attached Files | |
|
| Issue History |
| Date Modified | Username | Field | Change |
| 2015-01-19 08:04 | repitah | New Issue | |
| 2015-01-19 08:14 | jsemaan.inverse | Note Added: 0003633 | |
| 2015-01-19 08:14 | jsemaan.inverse | Assigned To | => jsemaan.inverse |
| 2015-01-19 08:14 | jsemaan.inverse | Status | new => assigned |
| 2015-01-19 08:59 | repitah | Note Added: 0003634 | |
| 2015-01-19 09:00 | repitah | Note Edited: 0003634 | bug_revision_view_page.php?bugnote_id=3634#r16 |
| 2015-01-19 09:01 | repitah | Note Edited: 0003634 | bug_revision_view_page.php?bugnote_id=3634#r17 |
| 2015-01-19 09:04 | jsemaan.inverse | Note Added: 0003635 | |
| 2015-01-19 09:22 | repitah | Note Added: 0003638 | |
| 2015-01-19 10:10 | jsemaan.inverse | fixed in git revision | => d6e278a |
| 2015-01-19 10:10 | jsemaan.inverse | Note Added: 0003639 | |
| 2015-01-19 10:10 | jsemaan.inverse | Status | assigned => closed |
| 2015-01-19 10:10 | jsemaan.inverse | Resolution | open => fixed |
|
Notes |
|
|
|
It seems like the code was bugged (probably username doesn't exist in the hash).
We usually want the PID to be an e-mail address (so the user can be contacted).
Assuming id contains the username of the user, I think this would fit better :
--- Oauth2.pm.bak 2015-01-19 12:05:03.425793650 +0200
+++ Oauth2.pm 2015-01-19 14:41:46.346816447 +0200
@@ -196,7 +196,7 @@
if ($provider eq 'google' || $provider eq 'github') {
$pid = $json_text->{email};
} elsif ($provider eq 'facebook') {
- $pid = $json_text->{username} . '@facebook.com';
+ $pid = $json_text->{id} . '@facebook.com';
} elsif ($provider eq 'windowslive'){
$pid = $json_text->{emails}->{account};
}
Can you confirm that this would give : username@facebook.com and that it's a contactable e-mail address
I'll correct it in our codebase after |
|
|
|
(0003634)
|
|
repitah
|
2015-01-19 08:59
(edited on: 2015-01-19 09:01) |
|
The json I see looks like the following, which has an email field: {"id":"101XXXX5391XXXX17","email":"repXXXX\u0040XXXXil.com","first_name":"myFirstname","gender":"male","last_name":"myLastname","link":"https:\/\/www.facebook.com\/app_scoped_user_id\/101XXXX5391XXXX17\/","locale":"en_GB","name":"myFirstname myLastname","timezone":2,"updated_time":"2014-04-01T14:29:08+0000","verified":true}
Sending email directly to {userid}@facebook.com returns 550 5.1.1 RCP-P1 http://postmaster.facebook.com/response_codes?ip=209.85.XXX.54#rcp [^] Recipient address does not exist
Sending emails with regards to account creation with password, could/would perhaps fall under ticket 0001860, where the email field would become populated.
|
|
|
|
|
That means it would now be :
diff --git a/html/captive-portal/lib/captiveportal/PacketFence/Controller/Oauth2.pm b/html/captive-portal/lib/captiveportal/PacketFence/Controller/Oauth2.pm
index 568f9e1..4033eae 100644
--- a/html/captive-portal/lib/captiveportal/PacketFence/Controller/Oauth2.pm
+++ b/html/captive-portal/lib/captiveportal/PacketFence/Controller/Oauth2.pm
@@ -193,10 +193,8 @@ sub oauth2Result : Path : Args(1) {
# Grab JSON content
my $json = new JSON;
my $json_text = $json->decode($response->content());
- if ($provider eq 'google' || $provider eq 'github') {
+ if ($provider eq 'google' || $provider eq 'github' || $provider eq 'facebook') {
$pid = $json_text->{email};
- } elsif ($provider eq 'facebook') {
- $pid = $json_text->{username} . '@facebook.com';
} elsif ($provider eq 'windowslive'){
$pid = $json_text->{emails}->{account};
}
It seems they're not sending the username anymore so we can't build the facebook address. That means we need to use the real e-mail address of the user which is the same behavior as linkedin.
Can you confirm the above code works and it will be merged into the codebase. |
|
|
|
|
|
Patch works. Device registered to the email address that is linked to the Facebook account. |
|
|
|
|
Patch added to devel, maintenance/4.4 and maintenance/4.5
Closing. |
|