Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

do not update names from OIDC #393

Merged
merged 3 commits into from
Oct 19, 2023
Merged

do not update names from OIDC #393

merged 3 commits into from
Oct 19, 2023

Conversation

jeriox
Copy link
Contributor

@jeriox jeriox commented Oct 11, 2023

closes #392

@jeriox jeriox requested a review from frcroth October 11, 2023 14:11
frcroth
frcroth reviewed Oct 11, 2023
View reviewed changes
Copy link
Contributor

@frcroth frcroth left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not completely happy approving this, since one of the big painpoints in 1327 was the constant stream of problems of people who dropped the student from their email (becoming phd students)

@jeriox
Copy link
Contributor Author

jeriox commented Oct 16, 2023

I discussed this with @dasGoogle and we thought that this PR shouldn't change anything about that, as the user with the changed mail adress wouldn't be found/authenticated in the first place

@dasGoogle
Copy link
Contributor

We will have to rewrite the whole authentication and user matching routine as soon as the new SSO is rolled out. There still is the discussion of whether to introduce an FSR SSO or directly attach to the new HPI SSO which will provide per-user UUIDs that should be static and can be used as an identifier instead of the email address.

@dasGoogle
Copy link
Contributor

Having talked to @lukasrad02 about this: The sub currently is firstname.lastname which would be static over an email address change. So there might be some value in still updating the email address on every sign in.

@frcroth
Copy link
Contributor

frcroth commented Oct 17, 2023

So update email address but do not update names? Would be fine with me. Also, add a comment with a link to this PR in the function.

@jeriox jeriox requested a review from frcroth October 18, 2023 19:57
frcroth
frcroth requested changes Oct 19, 2023
View reviewed changes
Copy link
Contributor

@frcroth frcroth left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please adjust the failing test so that it checks that email is changed and that name is not chnaged.

@jeriox jeriox requested a review from frcroth October 19, 2023 14:18
@jeriox jeriox enabled auto-merge (squash) October 19, 2023 18:22
@jeriox jeriox changed the title do not update users from OIDC do not update names from OIDC Oct 19, 2023
@jeriox jeriox merged commit c4ba9c7 into main Oct 19, 2023
8 checks passed
@jeriox jeriox deleted the no-user-update branch October 19, 2023 18:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@frcroth frcroth frcroth approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Do not override names for existing users
3 participants
@jeriox @dasGoogle @frcroth