New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Users unable to log in (site already exists error) #6135

Closed
0nko opened this Issue Jun 23, 2017 · 4 comments

Comments

Projects
None yet
2 participants
@0nko
Contributor

0nko commented Jun 23, 2017

  1. User opens the app
  2. User has a pure self hosted site in the app http://prologoepilogoaccion.com/xmlrpc.php, but username or password is incorrect (I guess he changed his password on his site) (see line 19 of the logs: Nombre de usuario o contraseña incorrecta.)
  3. FluxC returns AUTHENTICATE_ERROR
  4. The app shows an “incorrect password” dialog (ie. self hosted sign in screen). (line 21)
  5. User fills the sign in screen and tap “sign in”. (line 44)
  6. FluxC tries to add the “new” site, but it’s already in there so return a DUPLICATE_SITE (line 61)

The temporary solution to clear local data of the app (or uninstall/reinstall).

Logs:

WordPress - 7.5.1 - Version code: 416
Android device name: Motorola XT1063
 
01 - [Jun-22 02:10 UTILS] WordPress.onCreate
02 - [Jun-22 02:10 UTILS] App comes from background
03 - [Jun-22 02:10 UTILS] ConnectionChangeReceiver.setEnabled true
04 - [Jun-22 02:10 UTILS] Connection status changed, isConnected=true
05 - [Jun-22 02:10 API] Dispatching action: SiteAction-FETCH_SITE
06 - [Jun-22 02:10 UTILS] Deferred Initialisation
07 - [Jun-22 02:10 STATS] Number of old stats deleted : 0
08 - [Jun-22 02:10 UTILS] trackLastActivity, activityId: My Site
09 - [Jun-22 02:10 PROFILING] App Startup: begin
10 - [Jun-22 02:10 PROFILING] App Startup:      265 ms, WPLaunchActivity.onCreate
11 - [Jun-22 02:10 API] long type could be misinterpreted when sent to the WordPress XMLRPC end point
12 - [Jun-22 02:10 PROFILING] App Startup:      83 ms, WPMainActivity.onCreate
13 - [Jun-22 02:10 PROFILING] App Startup:      324 ms, WPMainActivity.onResume
14 - [Jun-22 02:10 PROFILING] App Startup: end, 672 ms
15 - [Jun-22 02:10 NOTIFS] Sending GCM token to our remote services: fuxStBBmZa4:APA91bGJqWXNMcq11NOCr1_Hr5bp7gJarQ7o_b5xau6vte2sctllIFfA7qPStc35Phz1yRGBRJxY-2JrMZoaLdgv7DSxNU3HBOJfU7REAR0tSylUCFRCJ-93kdolhpFaHBrDOHX1qTM8
16 - [Jun-22 02:10 UTILS] trackLastActivity, activityId: Login Screen
17 - [Jun-22 02:10 NUX] Google API client connected
18 - [Jun-22 02:10 NUX] Retrieved username from SmartLock: prologoe
19 - [Jun-22 02:10 API] Volley error on http://prologoepilogoaccion.com/xmlrpc.php - exception: org.wordpress.android.fluxc.network.xmlrpc.XMLRPCFault: Nombre de usuario o contraseña incorrecta.
20 - [Jun-22 02:10 API] StackTrace: com.android.volley.VolleyError: org.wordpress.android.fluxc.network.xmlrpc.XMLRPCFault: Nombre de usuario o contraseña incorrecta.
    at org.wordpress.android.fluxc.network.xmlrpc.XMLRPCRequest.parseNetworkResponse(XMLRPCRequest.java:63)
    at com.android.volley.NetworkDispatcher.run(NetworkDispatcher.java:125)
Caused by: org.wordpress.android.fluxc.network.xmlrpc.XMLRPCFault: Nombre de usuario o contraseña incorrecta.
    at org.wordpress.android.fluxc.network.xmlrpc.XMLSerializerUtils.deserialize(XMLSerializerUtils.java:84)
    at org.wordpress.android.fluxc.network.xmlrpc.XMLRPCRequest.parseNetworkResponse(XMLRPCRequest.java:60)
    ... 1 more
 
21 - [Jun-22 02:10 API] Dispatching action: AuthenticationAction-AUTHENTICATE_ERROR
22 - [Jun-22 02:10 API] Dispatching action: SiteAction-UPDATE_SITE
23 - [Jun-22 02:10 API] onAuthenticationChanged has error: NOT_AUTHENTICATED - 
24 - [Jun-22 02:10 API] onSiteChanged has error: GENERIC_ERROR - org.wordpress.android.fluxc.store.SiteStore$SiteError@3f7457c
25 - [Jun-22 02:10 NUX] User tapped forgot password link: https://wordpress.com/wp-login.php?action=lostpassword
26 - [Jun-22 02:10 UTILS] App goes to background
27 - [Jun-22 02:10 UTILS] ConnectionChangeReceiver.setEnabled false
28 - [Jun-22 02:10 UTILS] App comes from background
29 - [Jun-22 02:10 UTILS] ConnectionChangeReceiver.setEnabled true
30 - [Jun-22 02:10 UTILS] Connection status changed, isConnected=true
31 - [Jun-22 02:10 NUX] Google API client connected
32 - [Jun-22 02:10 UTILS] App goes to background
33 - [Jun-22 02:10 UTILS] ConnectionChangeReceiver.setEnabled false
34 - [Jun-22 02:11 UTILS] App comes from background
35 - [Jun-22 02:11 UTILS] ConnectionChangeReceiver.setEnabled true
36 - [Jun-22 02:11 UTILS] Connection status changed, isConnected=true
37 - [Jun-22 02:11 NUX] Google API client connected
38 - [Jun-22 02:11 UTILS] App goes to background
39 - [Jun-22 02:11 UTILS] ConnectionChangeReceiver.setEnabled false
40 - [Jun-22 02:13 UTILS] App comes from background
41 - [Jun-22 02:13 UTILS] ConnectionChangeReceiver.setEnabled true
42 - [Jun-22 02:13 UTILS] Connection status changed, isConnected=true
43 - [Jun-22 02:13 NUX] Google API client connected
44 - [Jun-22 02:14 NUX] User tries to sign in on Self Hosted: prologoepilogoaccion.com with username: prologoe
45 - [Jun-22 02:14 API] Dispatching action: AuthenticationAction-DISCOVER_ENDPOINT
46 - [Jun-22 02:14 NUX] Calling system.listMethods on the following URLs: [https://prologoepilogoaccion.com/xmlrpc.php, http://prologoepilogoaccion.com/xmlrpc.php, https://prologoepilogoaccion.com, http://prologoepilogoaccion.com, prologoepilogoaccion.com]
47 - [Jun-22 02:14 NUX] Trying system.listMethods on the following URL: https://prologoepilogoaccion.com/xmlrpc.php
48 - [Jun-22 02:14 API] Volley error on https://prologoepilogoaccion.com/xmlrpc.php - exception: javax.net.ssl.SSLPeerUnverifiedException: Hostname prologoepilogoaccion.com not verified:
    certificate: sha256/q5Kb32qAFj3boz+1GPBsiEgkKoHJAp3HLLk+d/xgEvI=
    DN: CN=*.webempresa.eu,OU=Domain Control Validated - RapidSSL(R),OU=See www.rapidssl.com/resources/cps (c)14,OU=GT88639753
    subjectAltNames: [*.webempresa.eu, webempresa.eu]
49 - [Jun-22 02:14 API] StackTrace: com.android.volley.NoConnectionError: javax.net.ssl.SSLPeerUnverifiedException: Hostname prologoepilogoaccion.com not verified:
    certificate: sha256/q5Kb32qAFj3boz+1GPBsiEgkKoHJAp3HLLk+d/xgEvI=
    DN: CN=*.webempresa.eu,OU=Domain Control Validated - RapidSSL(R),OU=See www.rapidssl.com/resources/cps (c)14,OU=GT88639753
    subjectAltNames: [*.webempresa.eu, webempresa.eu]
    at com.android.volley.toolbox.BasicNetwork.performRequest(BasicNetwork.java:158)
    at com.android.volley.NetworkDispatcher.run(NetworkDispatcher.java:114)
Caused by: javax.net.ssl.SSLPeerUnverifiedException: Hostname prologoepilogoaccion.com not verified:
    certificate: sha256/q5Kb32qAFj3boz+1GPBsiEgkKoHJAp3HLLk+d/xgEvI=
    DN: CN=*.webempresa.eu,OU=Domain Control Validated - RapidSSL(R),OU=See www.rapidssl.com/resources/cps (c)14,OU=GT88639753
    subjectAltNames: [*.webempresa.eu, webempresa.eu]
    at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.java:250)
    at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.java:198)
    at okhttp3.internal.connection.RealConnection.buildConnection(RealConnection.java:174)
    at okhttp3.internal.connection.RealConnection.connect(RealConnection.java:114)
    at okhttp3.internal.connection.StreamAllocation.findConnection(StreamAllocation.java:193)
    at okhttp3.internal.connection.StreamAllocation.findHealthyConnection(StreamAllocation.java:129)
    at okhttp3.internal.connection.StreamAllocation.newStream(StreamAllocation.java:98)
    at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:42)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67)
    at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:109)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67)
    at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92)
    at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:124)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92)
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67)
    at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:170)
    at okhttp3.RealCall.execute(RealCall.java:60)
    at org.wordpress.android.fluxc.network.OkHttpStack.performRequest(OkHttpStack.java:66)
    at com.android.volley.toolbox.BasicNetwork.performRequest(BasicNetwork.java:97)
    ... 1 more
 
50 - [Jun-22 02:14 NUX] The response of system.listMethods was empty for https://prologoepilogoaccion.com/xmlrpc.php
51 - [Jun-22 02:14 NUX] Trying system.listMethods on the following URL: http://prologoepilogoaccion.com/xmlrpc.php
52 - [Jun-22 02:14 NUX] system.listMethods replied with XML-RPC objects for http://prologoepilogoaccion.com/xmlrpc.php
53 - [Jun-22 02:14 NUX] Validating the XML-RPC response...
54 - [Jun-22 02:14 NUX] Validation ended with success! Endpoint found!
55 - [Jun-22 02:14 API] Dispatching action: AuthenticationAction-DISCOVERY_RESULT
56 - [Jun-22 02:14 NUX] Discovery succeeded, endpoint: http://prologoepilogoaccion.com/xmlrpc.php
57 - [Jun-22 02:14 API] Dispatching action: SiteAction-FETCH_SITES_XML_RPC
58 - [Jun-22 02:14 API] Dispatching action: SiteAction-UPDATE_SITES
59 - [Jun-22 02:14 DB] Site found using XML-RPC url: http://prologoepilogoaccion.com/xmlrpc.php
60 - [Jun-22 02:14 DB] Site is a duplicate
61 - [Jun-22 02:14 API] onSiteChanged has error: DUPLICATE_SITE - org.wordpress.android.fluxc.store.SiteStore$SiteError@a8605b8
62 - [Jun-22 02:14 UTILS] trackLastActivity, activityId: Help Screen
@aforcier

This comment has been minimized.

Show comment
Hide comment
@aforcier

aforcier Jun 23, 2017

Contributor

In general we should just update the existing site in the DB and 'log in' rather than show a DUPLICATE_ERROR. There are a few issues in our DB lookup I'm seeing that can prevent this:

  1. Site URLs from wp.getOptions (stored) and wp.getUsersBlogs (newly fetched during sign-in) don't match - we knew about this possibility already, but it can happen that the only difference is a trailing slash, which we should account for in the code
  2. A Jetpack-connected site (that was added as a self-hosted site) will have a SITE_ID, but only once wp.getOptions have been fetched. When logging back in in this case, the stored site has a SITE_ID > 0, but the newly fetched site has SITE_ID == 0. This check fails. We can refine this check to account for the ORIGIN field we've since added, since all we're worried about is overwriting a WP.com REST Jetpack site with its self-hosted version (or adding them both as duplicates)
Contributor

aforcier commented Jun 23, 2017

In general we should just update the existing site in the DB and 'log in' rather than show a DUPLICATE_ERROR. There are a few issues in our DB lookup I'm seeing that can prevent this:

  1. Site URLs from wp.getOptions (stored) and wp.getUsersBlogs (newly fetched during sign-in) don't match - we knew about this possibility already, but it can happen that the only difference is a trailing slash, which we should account for in the code
  2. A Jetpack-connected site (that was added as a self-hosted site) will have a SITE_ID, but only once wp.getOptions have been fetched. When logging back in in this case, the stored site has a SITE_ID > 0, but the newly fetched site has SITE_ID == 0. This check fails. We can refine this check to account for the ORIGIN field we've since added, since all we're worried about is overwriting a WP.com REST Jetpack site with its self-hosted version (or adding them both as duplicates)

@aforcier aforcier self-assigned this Jun 23, 2017

@aforcier

This comment has been minimized.

Show comment
Hide comment
@aforcier

aforcier Jun 23, 2017

Contributor

Opened an issue in FluxC for the fixes to duplicate detection outlined above: wordpress-mobile/WordPress-FluxC-Android#479.

Leaving this issue open for now as I'm not sure that's the whole story - it's still not clear if/why users are trapped at the login screen when they already have a self-hosted site in the database, for one.

Contributor

aforcier commented Jun 23, 2017

Opened an issue in FluxC for the fixes to duplicate detection outlined above: wordpress-mobile/WordPress-FluxC-Android#479.

Leaving this issue open for now as I'm not sure that's the whole story - it's still not clear if/why users are trapped at the login screen when they already have a self-hosted site in the database, for one.

@aforcier

This comment has been minimized.

Show comment
Hide comment
@aforcier

aforcier Jun 28, 2017

Contributor

Opened wordpress-mobile/WordPress-FluxC-Android#486 to address the two issues outlined in my above comment.

Contributor

aforcier commented Jun 28, 2017

Opened wordpress-mobile/WordPress-FluxC-Android#486 to address the two issues outlined in my above comment.

@aforcier

This comment has been minimized.

Show comment
Hide comment
@aforcier

aforcier Jul 5, 2017

Contributor

The issue with getting a 'duplicate site' error when re-adding a self-hosted site should be resolved as of wordpress-mobile/WordPress-FluxC-Android#486.

We don't sign the user out or show them the login screen if we detect an authentication error with a self-hosted site, so it's still unclear if/how users are being sent to the self-hosted screen and stuck there.

Closing this issue - if we get more reports of users stuck at the self-hosted login screen with a 'duplicate site' error we'll open a new ticket.

Contributor

aforcier commented Jul 5, 2017

The issue with getting a 'duplicate site' error when re-adding a self-hosted site should be resolved as of wordpress-mobile/WordPress-FluxC-Android#486.

We don't sign the user out or show them the login screen if we detect an authentication error with a self-hosted site, so it's still unclear if/how users are being sent to the self-hosted screen and stuck there.

Closing this issue - if we get more reports of users stuck at the self-hosted login screen with a 'duplicate site' error we'll open a new ticket.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment