replace userid with username in login form#39870
Conversation
|
Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes. |
|
maybe we should introduce a login_hint parameter? |
|
@butonic we need a changelog and a rebase, then we also see if CI loves you more than before 😄 |
butonic
force-pushed
the
replace-userid-with-username-in-login-form
branch
from
dce224b to
dea1717
Compare
mmattel
force-pushed
the
replace-userid-with-username-in-login-form
branch
from
dea1717 to
bb4a08a
Compare
|
@phil-davis mind to help? |
Fixed - the new code can end up calling userManager "get" twice in some cases. |
|
@DeepDiver1975 mind to have a look on it? The change you requested has been implemented and CI is green now |
|
@DeepDiver1975 sorry for pinging again, but could be a quick win as all is green. |
Signed-off-by: Jörn Friedrich Dreyer <jfd@butonic.de>
phil-davis
force-pushed
the
replace-userid-with-username-in-login-form
branch
from
93d5a0a to
d0992be
Compare
|
@jvillafanez I fixed my mistake, and rebased. CI is running. Please review and take over any needed code changes. |
|
Kudos, SonarCloud Quality Gate passed! |
phil-davis
dismissed
DeepDiver1975’s stale review
The review item has been marked as resolved, and no response to pings above.
delete-merged-branch
bot
deleted the
replace-userid-with-username-in-login-form
branch
|
Confirmed fixed in oc 10.11.0-rc.1 using user_ldap 0.16.0 and oauth2-0.5.3 No uuid identifier seen anywhere! Thanks! |
6 participants
While digging into owncloud/oauth2#326 @kulmann @TheOneRing and I pondered possible solutions to the original problem described in owncloud/oauth2#286
AFAIU the problem is that users may see the LDAP UUID of a user in the login form, which is very confusing. The solution in owncloud/oauth2#286 replaced the user id that clients picked up with the user name, but that parameter was originally only intended to be used for mounting windows network drives.
We tried various combinations of filling the
userparameter un redirect and logout URLs produced by the oauth2 app and even found a bug where a redirect URL is not urlencoded. That will be followed up as a separate issue.With this PR a
userparameter will be replaced with the user name when a user with the given user id is found.For users without a username this has no sideeffect, as the username falls back to the user id.