Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Problematic multiple google connections with the same userId #71

Open
jacekzwroclawia opened this issue Jul 21, 2015 · 0 comments
Open

Comments

@jacekzwroclawia
Copy link

In my database I have multiple google connections with the same userid but different rank and provideruserid

userid providerid provideruserid rank displayname profileurl imageurl accesstoken secret refreshtoken expiretime
29 google 104391962410215825345 1 XXXXX YYYYY https://plus.google.com/xxx1 https://... ya29.TQEy37Ypml31-LgvDLEwOOkxwpAuBlQh6 1428337107183
29 google 108434014353919743523 2 ZZZZZ AAAAAA https://plus.google.com/xxx2 https://... ya29.VAGDujJcoIHwswyaZT3xl4h-T2ILsZ6Vc 1428961038353
29 google 117213370471581543231 3 WWWWWW QQQQQQ https://plus.google.com/xxx3 https://... ya29.eQGXUhTkluETXWrHbCUcYtwGefRapFkYC 1432149279612
29 google 111041386111351234312 4 ZZZZZ PPPPPP https://... ya29.twGXsBMyyh3dG3USlV8paCkrL3Li9qdfQ 1437475355906

(4 rows)

Test Case:
I try to connect with the user with provideruserid 111041386111351234312 (rank 4), so the method ProviderSignInController::handleSignIn is invoked and it updates only the account with the provideruserid: 104391962410215825345 (among others it updates the "expiretime").

Now, when I am trying to get the authorized person:

Person profile = google.plusOperations().getPerson("29");

I am getting the ExpiredAuthorizationException.

It is because it takes expiretime for other user that I updated it before.

Explanation:

I made SocialConfig like in the example (https://github.com/GabiAxel/spring-social-google-example/blob/master/src/main/java/org/springframework/social/example/config/SocialConfig.java).
But getPrimaryConnection (doesn't get the user with my provideduserid - rank 4, but with userid 29 and rank 1). So that is wrong profile.

(...)
    @Bean
    @Scope(value="request", proxyMode=ScopedProxyMode.INTERFACES)
    public ConnectionRepository connectionRepository() {
        User user = SecurityContext.getCurrentUser();
        return usersConnectionRepository().createConnectionRepository(user.getId());
    }

    @Bean
    @Scope(value="request", proxyMode=ScopedProxyMode.INTERFACES)   
    public Google google() {
        return connectionRepository().getPrimaryConnection(Google.class).getApi();
    }
(...)

I tried to use other method, for example connectionRepository().getConnection(Google.class, "[providedUserId]").getApi(), however in this context I dont have provideduserid, because User in context has only userid (https://github.com/GabiAxel/spring-social-google-example/blob/master/src/main/java/org/springframework/social/example/user/User.java).

What do you think about this problem? :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant