SSO 500 Error: Failed to create or lookup user: no implicit conversion of Array into String


(Michael Wransky) #1

We have been experiencing a persistent but elusive bug for some of our forum users. The bug prevents users from accessing the forums and only gives them the lovely: “There is a problem with your account. Please contact the site’s administrator”. Needless to say, our users get very frustrated with this.

Here is a sample env:


hostname	tiefighter32-udacity
process_id	13943
application_version	3af5b19002d921e5d9c8c0ac2b0b2ec01f682703
HTTP_HOST	discussions.udacity.com
REQUEST_URI	/session/sso_login?sso=dXNlcm5hbWU9YW5hXzUzNDExNDYyNzUxNjkxNzYmbm9uY2U9NzYzY2EwNjZkMjQ4MjVhNzk0YTRl%0AM2M1YTkzZDFlYTEmZXh0ZXJuYWxfaWQ9NDM0MTAzNzUxNiZuYW1lPWFuYV81MzQxMTQ2Mjc1MTY5%0AMTc2JmVtYWlsPW1pbnR5c3RhdGUyMDEyJTQwZ21haWwuY29t%0A&sig=17665547f99255a7f3aae98de90eddf54eb4bf5b43da17d482bb441467efa6a6
REQUEST_METHOD	GET
HTTP_USER_AGENT	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36
HTTP_ACCEPT	text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
HTTP_X_FORWARDED_FOR	23.28.142.9
HTTP_X_REAL_IP	23.28.142.9
params	
sso	dXNlcm5hbWU9YW5hXzUzNDExNDYyNzUxNjkxNzYmbm9uY2U9NzYzY2EwNjZkMjQ4MjVhNzk0YTRl M2M1YTkzZDFlYTEmZXh0ZXJu
sig	17665547f99255a7f3aae98de90eddf54eb4bf5b43da17d482bb441467efa6a6

Following the backtrace the issue appears to be here:

/usr/local/lib/ruby/2.3.0/logger.rb:507:in `error'
/var/www/discourse/app/controllers/session_controller.rb:148:in `rescue in sso_login'
/var/www/discourse/app/controllers/session_controller.rb:95:in `sso_login'

Looking at those files in the discourse repos doesn’t make it clear but I am wondering if the error is being thrown because a to_s or to_url is being called on an array and if a .first needs to be called to avoid the error.

Like I stated above this has been a persistent and annoying error for our users so a fix would be greatly appreciated!


(Leah Kramer) #2

For what it’s worth. We’ve had a few members encounter this lately as well and I was able to make it happen once myself but it’s not consistently reproducible for us.


(Sam Saffron) #3

Sorry about that, it was a bug in the cake day plugin, I deployed a fix


(Jeff Atwood) #4

@tgxworld cakeday is causing us so much pain. What can be done about this? I’ve seen more bugs with this plugin than the last 5 we built combined. Something is very wrong here.


(Jeff Atwood) #5

(Alan Tan) #7

There are two problems here:

  1. Accessing a plugin custom fields may return a String or an Array and there isn’t any protection for plugin authors here. If I do user_custom_fields["date_of_birth"] = "2016-05-02" I should ideally always get back a String if I retrieve the custom fields again. Currently, accessing custom fields may return an Array if custom fields with the same name and user_id is somehow set around the same time. This is not ideal IMO as either all access to a plugin custom fields will have to be accompanied by a check to see if it is an Array or String or a lock has to be used when setting any custom field.

  2. Maintaining a valid date as a String is not ideal. Initially when I started working on the plugin, we decided to store the date in a UserCustomField instead of User#date_of_birth because the requirements for the plugin was simple and we can get away with it even if the date_of_birth is invalid. Right now, we use the date of birth field in more places and an invalid format will just blow things up. I’ll look to see if I can migrate custom fields into User#date_of_birth to ensure consistency in the date format.