SSO avatars not being overridden

windy · December 21, 2016, 5:40pm

I know there are a few other posts about this, but none of them were able to solve my problem. Everything else in our SSO implementation works fine; this is the only thing that’s not working as expected. I’ve tried setting avatar_force_update to both true and 1 to no avail.

Code snippet w/ verbose log output: https://gist.github.com/windy1/86ee6965fbcd00036fbeae56cfa659b7

Any insight is much appreciated, thanks.

alehandrof · December 21, 2016, 6:23pm

If you’re in development, maybe it’s this:

Edit: nevermind, you’re using non-local URLs.

windy · December 23, 2016, 4:14pm

Bump (sorry)…

Falco · December 23, 2016, 4:39pm

DId you enable sso overrides avatar ?

windy · December 23, 2016, 4:51pm

Yes I did. Sorry should have mentioned that.

windy · December 27, 2016, 10:16pm

@Falco Any other possible fixes you can think of? Kind of important I work this out.

Falco · December 27, 2016, 10:47pm

In your gist avatar_force_update isn’t set, did you manage to make it true in verbose logging?

windy · December 27, 2016, 11:49pm

Yes sorry, I tried both with and without, I had another instance where it was set to true and still no update.

Falco · December 28, 2016, 12:00am

So even with verbose_logging showing avatar_force_update = true the avatar isn’t updated?

Are you runiing against a production docker instance?

windy · December 28, 2016, 12:14am

Yeah, I tested on both production and a dev instance on OS X.

EDIT: Just realized I haven’t tested avatar_force_update on prod, will try that and report back.

windy · December 28, 2016, 12:47am

Ok just tested on our production docker instance @Falco and still no update with avatar_force_update: true in verbose logging.

Falco · December 28, 2016, 1:17am

The user already exists or is he being created as part of the SSO log in?

Also is /sidekiq with a queue? Any errors regarding DownloadAvatarFromUrl?

Also try this in a rails console in a production instance:

user = User.find_by_email(AUSEREMAILHERE)
Jobs.enqueue(:download_avatar_from_url, url: 'http://mycoolavatar.png', user_id: user.id)

and watch logs.

lukegb · January 17, 2017, 1:19am

For what it’s worth, it works fine. The main problem is that sso_overrides_avatar is misleadingly named, because it won’t, in fact, override a Gravatar set on a user.

The call to download_avatar_from_url here:
https://github.com/discourse/discourse/blob/v1.8.0.beta2/app/models/discourse_single_sign_on.rb#L183

doesn’t pass override_gravatar, so:

https://github.com/discourse/discourse/blob/v1.8.0.beta2/app/jobs/regular/download_avatar_from_url.rb#L15

doesn’t pass on override_gravatar, so:

https://github.com/discourse/discourse/blob/63a88ee6e7bd9c1cabbea48afd745e20be370275/app/models/user_avatar.rb#L76

won’t set it to the avatar from SSO.

Is this intentional behavior?

zogstrip · January 17, 2017, 9:38am

No it’s not. Feel free to do a pull request

techAPJ · January 19, 2017, 5:26am

Fixed via:

lukegb · January 20, 2017, 9:23pm

Thanks! I wasn’t sure if there was an obvious edgecase I’d missed

Topic		Replies	Views
SSO Failing to Override Avatar SSO	1	734	May 9, 2022
Can't get avatar overrides to work over SSO Support	3	2426	June 8, 2024
Avatars not pulling from SSO SSO	10	2008	April 29, 2019
Sso overrides avatar WordPress	4	1925	February 2, 2017
Overwriting avatars now that they're uploaded SSO discourseconnect	2	1082	June 8, 2024

SSO avatars not being overridden

Related Topics