Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OIDC relink fails when trying to link to an OIDC realm_admin account #12901

Open
RaggedStaff opened this issue Oct 10, 2024 · 1 comment
Open

OIDC relink fails when trying to link to an OIDC realm_admin account #12901

RaggedStaff opened this issue Oct 10, 2024 · 1 comment
Labels
bug-s3 The bug is stopping a critical or non-critical feature but there is a usable workaround.

Comments

@RaggedStaff
Copy link
Collaborator

Description

When adjusting an Enterprise OIDC user, if I attempt to use my OIDC realm_admin account, I encounter a 500, "No Grow" slug.

NB A normal OIDC user account seems to work ok. Contact @RaggedStaff for more details/an appropriate account for testing.

Expected Behavior

The system normally allows a different OIDC account to be linked to an Enterprise user account that has previously disconnected from OIDC. When I try to reconnect to my OIDC realm_admin account, it fails.

Actual Behaviour

When attempting to connect to a different lescommuns account, the linkage fails & the Enterprise User remains disconnected from OIDC.

Steps to Reproduce

  1. In Enterprise > OIDC Settings : "Link your Les Communs OIDC Account"
  2. Once successfully linked (screen should display "This account is linked to [email protected]" ), us "Disconnect from lescommuns" button to delink accounts
  3. Go to lescommuns.org & sign out of account 1.
  4. Return to OIDC Settings & click "Link you Les Communs OIDC Account"
  5. Log in to OIDC realm_admin account
  6. 500 "No Grow" slug error is returned.

Animated Gif/Screenshot

Screencast.2024-10-10.07.50.48.mp4

Workaround

Don't use a realm-admin OIDC account to link to OFN.

Severity

Your Environment

  • Version used: uk-staging, latest patch (2024-10-10)
  • Browser name and version: Firefox
  • Operating System and version (desktop or mobile): Ubuntu 22.04

Possible Fix

Not sure, may be to do with 2FA being enabled on the OIDC account, but I can use it if it's the first account I link to an Enterprise user.
@github-project-automation github-project-automation bot moved this to All the things 💤 in OFN Delivery board Oct 10, 2024
@RachL RachL added the bug-s3 The bug is stopping a critical or non-critical feature but there is a usable workaround. label Oct 10, 2024
@RaggedStaff
Copy link
Collaborator Author

Update - I've encountered the same error on Staging, with an account that's been linked to testdfc@p... for a while (potentially since initial testing of the OIDC work last year) and I get the slug when I attempt to change to my non-admin OIDC account (gar...@food...tion.org.uk). 😖

I'm wondering if it could be something to do with the old account setup, some settings lurking in users (OIDC or OFN) that have been setup for a while? 🤔

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug-s3 The bug is stopping a critical or non-critical feature but there is a usable workaround.
Projects
OFN Delivery board
Status: All the things 💤
Milestone
No milestone
Development

No branches or pull requests
2 participants
@RachL @RaggedStaff