Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.

Bug 336699

Summary: [user] Should be able to use the same Orion profile when logged using Orion credentials and OpenID
Product: [ECD] Orion Reporter: Szymon Brandys <Szymon.Brandys>
Component: ServerAssignee: Malgorzata Janczarska <malgorzata.tomczyk>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: P3 CC: john.arthorne, Szymon.Brandys
Version: unspecified   
Target Milestone: 0.3 M1   
Hardware: All   
OS: All   
Whiteboard:
Bug Depends on: 334102, 350715    
Bug Blocks: 336212    

Description Szymon Brandys CLA 2011-02-09 07:10:17 EST 
Right now, if a user wants to authenticate using form and some OpenID and be mapped to the same profile, he can't do it.
Comment 1 Malgorzata Janczarska CLA 2011-07-11 12:32:58 EDT 
My proposal for the first step:
When user logs in with OpenId we generate an Orion account without a password. This OpenId account is mapped to the user profile. Next time user logs in with this OpenId we'll find this Orion account by mapped OpenId. User may set password for the account and change login and then use regular form authentication.

Next step will be adding and removing OpenId accounts to the existing user profile.
Comment 2 Szymon Brandys CLA 2011-07-12 03:01:06 EDT 
Maybe it was not recorded yet in Bugzilla, but yes, this is what we need. Important thing is to not add any OpenId specific API to our IOrionCredentialService. I imagine that the authentication mechanism (like OpenId, LDAP or something else) just sets some extra properties on the user account that are later used to map OpenID or LDAP id to the internal Orion account.
Comment 3 Malgorzata Janczarska CLA 2011-07-13 11:30:23 EDT 
First step made. Now when user loggs in via OpenId we create a profile for him. He me set a password and change login. Next time he loggs in with the same OpenId his profile is found.
Comment 4 Malgorzata Janczarska CLA 2011-08-02 08:09:21 EDT 
Second step made.
I created an iframe plugin that adds a list of connected OpenId identifiers and allows to add and remove them. The only problem is that the plugin needs to be provided by the server because server only knows anything about openid providers and authentication in general. The problem is that the iframe provides UI that is (just like the login dialog) independent from the client.
Comment 5 Malgorzata Janczarska CLA 2011-08-11 06:58:33 EDT 
the feature is done
Comment 6 John Arthorne CLA 2011-08-11 16:59:27 EDT 
I couldn't find this feature anywhere. Is it on the profile page? I'm looking for the place where I can add/remove OpenIDs on my Orion account. I wanted a screen shot for New & Noteworthy.
Comment 7 John Arthorne CLA 2011-08-11 17:12:06 EDT 
(In reply to comment #6)
> I couldn't find this feature anywhere. Is it on the profile page? I'm looking
> for the place where I can add/remove OpenIDs on my Orion account. I wanted a
> screen shot for New & Noteworthy.

Never mind, I had to restart my server to see this change. Ignore me.