rhbz1007106 - Correct error when signing up with open where the open …

…id username is the same as an existing Zanata user name. Also remove some default values for username and email when using open id as they might be invalid.
zanata · Sep 12, 2013 · dbd196f · dbd196f
1 parent 57f8743
commit dbd196f
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 4 deletions.
diff --git a/zanata-war/src/main/java/org/zanata/action/ProfileAction.java b/zanata-war/src/main/java/org/zanata/action/ProfileAction.java
@@ -130,11 +130,14 @@ public void verifyUsernameAvailable(ValueChangeEvent e)
    @Create
    public void onCreate()
    {
-      username = identity.getCredentials().getUsername();
+      if( identity.getCredentials().getAuthType() != AuthenticationType.OPENID )
+      {
+         // Open id user names are url's so they don't make good defaults
+         username = identity.getCredentials().getUsername();
+      }
       newUser = identityStore.isNewUser(username);
       if (newUser)
       {
-         name = identity.getCredentials().getUsername();
          String domain = applicationConfiguration.getDomainName();
          if( domain == null )
          {

diff --git a/zanata-war/src/main/java/org/zanata/security/ZanataJpaIdentityStore.java b/zanata-war/src/main/java/org/zanata/security/ZanataJpaIdentityStore.java
@@ -20,6 +20,7 @@
  */
 package org.zanata.security;
 
+import org.jboss.seam.Component;
 import org.jboss.seam.annotations.Create;
 import org.jboss.seam.annotations.Install;
 import org.jboss.seam.annotations.Name;
@@ -34,6 +35,7 @@
 import org.jboss.seam.security.management.IdentityManagementException;
 import org.jboss.seam.security.management.JpaIdentityStore;
 import org.jboss.seam.util.AnnotatedBeanProperty;
+import org.zanata.dao.AccountDAO;
 import org.zanata.model.type.UserApiKey;
 
 import static org.jboss.seam.ScopeType.APPLICATION;
@@ -164,6 +166,12 @@ public boolean authenticate(String username, String password)
    public boolean isNewUser(String username)
    {
       Object user = lookupUser(username);
+      // also look in the credentials table
+      if(user == null)
+      {
+         AccountDAO accountDAO = (AccountDAO)Component.getInstance(AccountDAO.class);
+         user = accountDAO.getByCredentialsId(username);
+      }
       return user == null;
    }
 

diff --git a/zanata-war/src/main/java/org/zanata/security/ZanataOpenId.java b/zanata-war/src/main/java/org/zanata/security/ZanataOpenId.java
@@ -325,14 +325,17 @@ public void afterOpenIdAuth(OpenIdAuthenticationResult result)
 
          identity.setPreAuthenticated(true);
 
-         // If the user hasn't been registered, there is no authenticated account
          if( authenticatedAccount != null && authenticatedAccount.isEnabled() )
          {
             credentials.setUsername(authenticatedAccount.getUsername());
             Identity.instance().acceptExternallyAuthenticatedPrincipal((new OpenIdPrincipal(result.getAuthenticatedId())));
             this.loginImmediate();
          }
-
+         // If the user hasn't been registered yet
+         else if( authenticatedAccount == null )
+         {
+            credentials.setUsername(result.getAuthenticatedId()); // this is the full open id
+         }
       }
    }