action #167266
closed
openQA log reports "Failed to login" with no details in logs size:S
Added by okurz 3 months ago.
Updated 3 months ago.
Category:
Feature requests
Description
Observation¶
OpenQA logreport for ariel.suse-dmz.opensuse.org tells us this from time to time:
[2024-09-24T11:49:23.471863Z] [error] OpenID: Failed to login: OpenID provider returned invalid data. Please retry again
Suggestions¶
- Consider improving the log message with more details but not revealing potentially sensitive information
- Consider to reduce the severity of the log message if we can ensure there is a retry or know it is temporary
Related issues
1 (1 open — 0 closed)
- Copied from action #167263: OpenQA logreport regularly reports Failed to login in email size:M added
- Status changed from Workable to In Progress
- Assignee set to ybonatakis
- Due date set to 2024-10-10
Setting due date based on mean cycle time of SUSE QE Tools
I tried to reproduce it in a couple of ways. Changing the provider URI or passing random consumer_secret but our code looks solid and catch all of those issues.
I checked the upstream code and it seems that the not_openqa is considered invalid when the args in https://github.com/gugu/net-openid-consumer/blob/master/lib/Net/OpenID/IndirectMessage.pm object does not have the openqa.mode properly assigned. (All the requests should have it apparently.
Then I thought to manipulate the params of the auth_response. The one that worked of all was the one with missing mode value.
To reproduce: add $params{'openid.mode'} = '' and try to authenticate.
i will provide a small PR changing the sting in the logs
- Status changed from In Progress to Feedback
- Status changed from Feedback to Resolved
Also available in: Atom
PDF