| Tgr | |
| Jun 2 2016, 2:46 PM |
| F4104138: attempt1.har | |
| Jun 2 2016, 5:19 PM |
| F4104160: attempt0.har | |
| Jun 2 2016, 5:19 PM |
| F4104198: attempt0b.har | |
| Jun 2 2016, 5:19 PM |
Steps to reproduce:
Expected result: logged in via JS autologin (logged-out personal toolbar is visible for a fraction of a second but then replaced)
Actual result: not logged in, have to log in manually
It appears that the account creation POST on beta isn't redirecting to loginwiki, so the necessary session never gets created there.
Change 292369 had a related patch set uploaded (by Anomie):
Do redirect for Special:CreateAccount as well
I have suspected that signup not doing the same things as login was part of the problem, so the actual test I did was: create account on en, login on de, check on nl. That still didn't work.
After the login on beta dewiki, I find I'm already logged in on beta nlwiki without any need for the check. You'll probably want to capture the HTTP requests and responses so we can see what's going on when you're trying it.
Tried to reproduce a few time. Usually when POSTing the account creation, I got an error saying No active login attempt is in progress for your session. The flow is
The account was created but I did not get logged in even on enwiki.
One time the account creation was successful (I don't recall doing anything differently). The user was not logged in on dewiki (but after logging in manually, it was logged in on nlwiki as well): cookies got deleted in the response to the dewiki mainpage GET request, then there was a request to loginwiki's Special:CentralAutoLogin/checkLoggedIn started from JS which returned the not-logged-in JS (this is the same thing I saw earlier, although earlier I saw it for nlwiki as well). Then after doing a manaul dewiki login there was a Special:CentralLogin redirect chain and a bunch of Special:CentralAutoLogin chains and the browser got logged in on every wiki, as expected.
The edge login sequence done on enwiki on the signup landing page also seemed wrong: Special:CentralAutoLogin/start on the target wiki -> redirect to Special:CentralAutoLogin/checkLoggedIn on loginwiki, which contains X-CentralAuth-Status:Not centrally logged in, deletes the local and central session cookies and does not redirect anywhere.
Change 292410 had a related patch set uploaded (by Anomie):
AuthManager::setDefaultUserOptions shouldn't invalidate tokens
Change 292410 merged by jenkins-bot:
AuthManager::setDefaultUserOptions and LoginForm::initUser shouldn't invalidate CA tokens
Change 292479 had a related patch set uploaded (by Gergő Tisza):
AuthManager::setDefaultUserOptions and LoginForm::initUser shouldn't invalidate CA tokens
Change 292479 merged by jenkins-bot:
AuthManager::setDefaultUserOptions and LoginForm::initUser shouldn't invalidate CA tokens
I can't reproduce the bug anymore; both autologin and edge login works fine, for normal login and for account creation. (I could still reproduce it yesterday an hour or so after deploying the patch, but maybe that was just beta updating slower than usual?) Assuming it's fixed. Thanks Brad!
Change 297496 had a related patch set uploaded (by Gergő Tisza):
Do redirect for Special:CreateAccount as well