Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New accounts on new IdP without any identifyable attributes get ghost account #1

Open
dnmvisser opened this issue Sep 25, 2014 · 0 comments
Open

New accounts on new IdP without any identifyable attributes get ghost account #1

dnmvisser opened this issue Sep 25, 2014 · 0 comments

Comments

@dnmvisser
Copy link
Member

User logs in from unknown IdP.
IdP entityID gets added, default identifyable attributes get inserted.
IdP does not send any of them, so login should fail with message "service needs at least one of ... etc", but instead user is given a valid ID:

Aug 15 15:29:23 simplesamlphp.wayf DEBUG [84eaa19fb8] AccountLinker: === BEGIN ===
Aug 15 15:29:23 simplesamlphp.wayf DEBUG [84eaa19fb8] AccountLinker: entityid does not exist, adding it
Aug 15 15:29:23 simplesamlphp.wayf DEBUG [84eaa19fb8] AccountLinker: adding default id attributes for entityid_id: 179
Aug 15 15:29:23 simplesamlphp.wayf DEBUG [84eaa19fb8] AccountLinker: entityid does not exist, adding account
Aug 15 15:29:23 simplesamlphp.wayf DEBUG [84eaa19fb8] AccountLinker: Inserting attributes
Aug 15 15:29:23 simplesamlphp.wayf DEBUG [84eaa19fb8] AccountLinker: Inserting eduPersonEntitlement => 'urn:mace:dir:entitlement:common-lib-terms'
Aug 15 15:29:23 simplesamlphp.wayf DEBUG [84eaa19fb8] AccountLinker: Inserting eduPersonScopedAffiliation => 'member@dfn.de'
Aug 15 15:29:23 simplesamlphp.wayf DEBUG [84eaa19fb8] AccountLinker: Inserting eduPersonScopedAffiliation => 'student@dfn.de'
Aug 15 15:29:23 simplesamlphp.wayf DEBUG [84eaa19fb8] AccountLinker: Inserting fname => 'first_name'
Aug 15 15:29:23 simplesamlphp.wayf DEBUG [84eaa19fb8] AccountLinker: Inserting lname => 'last_name'
Aug 15 15:29:23 simplesamlphp.wayf DEBUG [84eaa19fb8] AccountLinker: Inserting fullname => 'first_name last_name'
Aug 15 15:29:23 simplesamlphp.wayf DEBUG [84eaa19fb8] AccountLinker: Inserting idpname => 'German National Research and Education Network, DFN'
Aug 15 15:29:23 simplesamlphp.wayf DEBUG [84eaa19fb8] AccountLinker: Inserting organisation => 'German National Research and Education Network, DFN'
Aug 15 15:29:23 simplesamlphp.wayf DEBUG [84eaa19fb8] AccountLinker: Inserting email => 'invalid_email_needs_updating'
Aug 15 15:29:23 simplesamlphp.wayf DEBUG [84eaa19fb8] AccountLinker: Inserting country => '0'
Aug 15 15:29:23 simplesamlphp.wayf DEBUG [84eaa19fb8] AccountLinker: Returning user_id 1635
Aug 15 15:29:23 simplesamlphp.wayf DEBUG [84eaa19fb8] AccountLinker: === END ===

Looks like some issues with rare combination of new idp, new user, and no proper attributes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dnmvisser