Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

Difficulty switching identities during badge acceptance #162

restlessbee opened this Issue May 14, 2012 · 3 comments


None yet
2 participants

There seem to be big issues with having different accounts with BrowserID and trying to switch between them when accepting a badge. I'm not sure if this is more a BrowserID or Backpack issue, but here's the scenario:

I have two backpacks/BrowserID's I've been using for testing, one associated with erik@restlessbee.com and one for krrraft@gmail.com. krrraft@gmail.com was apparently the last account I used to sign in with BrowserID. This morning, I'm trying to transfer badges from P2PU, where I'm signed up as erik@restlessbee.com, to my backpack.

On P2PU's "Share Badges" screen, I click Send, invoking the first modal window, and get the message, "Hi! You are about to submit 2 badges to the Mozilla Open Badge Backpack at beta.openbadges.org as krrraft@gmail.com." I want to transfer as erik@restlessbee.com, so I click the "I am not krrraft@gmail.com" button, invoking the second modal window for BrowserID sign in.

BrowserID recognizes me as erik@restlessbee.com--cool. So I click sign in, enter my password, and am taken back to the stage.openbadges.org modal, here I have two error messages (trying to transfer two badges): "It appears that the [x] badge was not awarded to you (krrraft@gmail.com)."

So, for whatever reason, the badge acceptance system is hanging tenaciously on to krrraft@gmail.com despite my being logged in to BrowserID as erik@restlessbee.com.

I went through the same process in Firefox trying to accept a badge from mouse.org, and ran into the same problem.


brianloveswords commented May 22, 2012

Related to issue #174, there were some caching issues. Because all of the data comes in through postMessages, /issuer/frame looks static and the caching layers were doing what caching layers do best. This would cause stale pages to be sent (and those stale pages would include old CSRF tokens and old identities).


brianloveswords commented May 22, 2012

Erik, I'm going to close this for now -- I just tested it with the new cache-busting implemented in 4bde5e3 and seemed to be working okay. If it's still broken, feel free to re-open it!

Hey Brian,

Sorry for taking approx. forever to reply to this. I just retested and,
indeed, things seem better now! I was able to successfully change my login
identity through BrowserID. Huzzah.

Thanks for checking on this,


On Tue, May 22, 2012 at 2:05 PM, Brian J Brennan <


Erik, I'm going to close this for now -- I just tested it and seemed to be
working okay. If it's still broken, feel free to re-open it!

Reply to this email directly or view it on GitHub:
mozilla#162 (comment)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment