SSO avatars not being overridden


(Walker Crouse) #1

I know there are a few other posts about this, but none of them were able to solve my problem. Everything else in our SSO implementation works fine; this is the only thing that’s not working as expected. I’ve tried setting avatar_force_update to both true and 1 to no avail.

Code snippet w/ verbose log output: SSO.scala · GitHub

Any insight is much appreciated, thanks.


(Alex Armstrong) #2

If you’re in development, maybe it’s this:

Edit: nevermind, you’re using non-local URLs.


(Walker Crouse) #3

Bump (sorry)…


(Rafael dos Santos Silva) #4

DId you enable sso overrides avatar ?


(Walker Crouse) #5

Yes I did. Sorry should have mentioned that.


(Walker Crouse) #6

@Falco Any other possible fixes you can think of? Kind of important I work this out.


(Rafael dos Santos Silva) #7

In your gist avatar_force_update isn’t set, did you manage to make it true in verbose logging?


(Walker Crouse) #8

Yes sorry, I tried both with and without, I had another instance where it was set to true and still no update.


(Rafael dos Santos Silva) #9

So even with verbose_logging showing avatar_force_update = true the avatar isn’t updated?

Are you runiing against a production docker instance?


(Walker Crouse) #10

Yeah, I tested on both production and a dev instance on OS X.

EDIT: Just realized I haven’t tested avatar_force_update on prod, will try that and report back.


(Walker Crouse) #11

Ok just tested on our production docker instance @Falco and still no update with avatar_force_update: true in verbose logging.


(Rafael dos Santos Silva) #12

The user already exists or is he being created as part of the SSO log in?

Also is /sidekiq with a queue? Any errors regarding DownloadAvatarFromUrl?

Also try this in a rails console in a production instance:

user = User.find_by_email(AUSEREMAILHERE)
Jobs.enqueue(:download_avatar_from_url, url: 'http://mycoolavatar.png', user_id: user.id)

and watch logs.


Does anyone have tips or tricks for debugging SSO avatar downloading?
(Luke Granger Brown) #13

For what it’s worth, it works fine. The main problem is that sso_overrides_avatar is misleadingly named, because it won’t, in fact, override a Gravatar set on a user.

The call to download_avatar_from_url here:

doesn’t pass override_gravatar, so:

doesn’t pass on override_gravatar, so:

won’t set it to the avatar from SSO.

Is this intentional behavior?


(Régis Hanol) #14

No it’s not. Feel free to do a pull request :wink:


Sso overrides avatar
(Arpit Jalan) #15

Fixed via:


(Luke Granger Brown) #16

Thanks! I wasn’t sure if there was an obvious edgecase I’d missed :slight_smile:


(Jeff Atwood) #17