Canonical SSO provider

A user of the API cannot retrieve a list of their own tokens

Bug #867483 reported by Stuart Langridge
28
This bug affects 4 people
Affects Status Importance Assigned to Milestone
Canonical SSO provider
Triaged
Medium
Unassigned

Bug Description

A plain user of the SSO API cannot retrieve their own list of tokens. It requires a privileged "API user". This is quite frustrating, because if I want to build an app where the user signs in with username and password, I *must* create a new token every time. If I could get the list of user tokens, I could see if I've already created a token for my app and just use it again. What this leads to is SSO holding a zillion tokens for a user, because I have to create a new one every go.

http://bazaar.launchpad.net/~canonical-isd-hackers/canonical-identity-provider/trunk/view/head:/identityprovider/api10/handlers.py#L332 shows that the list_tokens operation is restricted to API users; perhaps it would be OK for a user to list existing tokens (since I have their username and password anyway, so I can create a new token if I want).

Ricardo Kirkner (ricardokirkner)
Changed in canonical-identity-provider:
status: New → Confirmed
importance: Undecided → Medium
Stuart Metcalfe (stuartmetcalfe)
tags: added: escalated
Stuart Metcalfe (stuartmetcalfe)
description: updated
David Owen (dsowen)
tags: added: kb-feature sp-1
David Owen (dsowen)
Changed in canonical-identity-provider:
status: Confirmed → Triaged
Revision history for this message
Stuart Metcalfe (stuartmetcalfe) wrote :

De-escalating per prioritisation discussions with U1

tags: removed: escalated
description: updated
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.