I created a ticket for this https://github.com/fedora-copr/copr/issues/3659
IMHO, we should prioritize it. On Mon, Mar 3, 2025 at 6:38 PM Kevin Fenzi <ke...@scrye.com> wrote: > On Sun, Mar 02, 2025 at 10:44:40AM +0100, Jakub Kadlcik wrote: > > > I wonder if it would be possible after you are sure OIDC is working > > > well to drop the other login buttons? > > > > Sure, it doesn't make any sense to keep the old login button. Especially > > since you want to sunset that auth method completely. > > > > But now that I think about, we maybe made a mistake when introducing the > > login. We should have changed the default "log in" button to OIDC and > > introduce a new "legacy log in" or something like that, as a fallback > until > > we are sure everything works. > > > > Now we are stuck with "OIDC login" button or we get people confused when > > renaming it to "log in". > > I don't think anyone would be confused if there's just one button that > says 'log in'. > > The current situation is even more confusing, because theres: > > "log in" -> old openid > "OIDC login' -> new openid connect > "gssapi login' -> kerberos > > but... if you login with 'log in' or 'OIDC login' and have a valid > kerberos ticket, you get redirected to id.fedoraproject.org, it sees the > ticket and just auths you and redirects you back to be logged in. > > Or if you log in to something else and still have the secure auth cookie > in your browser, id.fedoraproject.org will auth you without having to do > anything. > > Anyhow, I think it would be much better to have just 'log in' and have > it be the OIDC path. Users shouldn't see or care about what OIDC is, or > gssapi is, they just want to login. :) > > kevin > -- > > > > On Wed, Feb 26, 2025 at 12:32 PM Michael J Gruber <m...@fedoraproject.org > > > > wrote: > > > > > Am Di., 25. Feb. 2025 um 20:56 Uhr schrieb Kevin Fenzi via copr-devel > > > <copr-devel@lists.fedorahosted.org>: > > > > > > > > On Tue, Feb 25, 2025 at 09:47:50AM +0100, Jakub Kadlcik via > copr-devel > > > wrote: > > > > > Copr was AFAIK the last Fedora service to switch to OIDC and now > that > > > it is > > > > > done, the Fedora Infra team will aim to sunset the previous login > > > method. > > > > > Therefore, I recommend everybody to try the new OIDC login to make > > > sure it > > > > > works for you while we still have the old method as a fallback. > > > > > > > > > > https://pagure.io/fedora-infrastructure/issue/10241 > > > > > > > > Yeah. > > > > > > > > I wonder if it would be possible after you are sure OIDC is working > > > > well to drop the other login buttons? It's a bit confusing to see > > > > several login buttons (how do you decide what to use?) and it's a bit > > > > bad for support too (I can't login! How did you try, which button did > > > > you press?). > > > > > > > > > > Without trying, I would have merely guessed that "OIDC" is what I know > > > otherwise as open ID. Especially because of the C, which seems to > > > denote an implementation detail. > > > > > > Naming matters ... > > > > > > ... and login via Fedora open ID works, fwiw. > > > > > > Michael > > > > > > > >
-- _______________________________________________ copr-devel mailing list -- copr-devel@lists.fedorahosted.org To unsubscribe send an email to copr-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/copr-devel@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
