feat: allow openId to choose an unactive email if there are none active#6041
feat: allow openId to choose an unactive email if there are none active#6041rjsparks merged 3 commits intoietf-tools:mainfrom
Conversation
Codecov Report
@@ Coverage Diff @@
## main #6041 +/- ##
==========================================
- Coverage 88.67% 88.66% -0.01%
==========================================
Files 288 290 +2
Lines 40001 40195 +194
==========================================
+ Hits 35471 35640 +169
- Misses 4530 4555 +25
|
|
I am not familiar with what is done with the openid claims, but is it a problem to be handing back an email address that someone inactivated? If the other end of the exchange can be changed to handle the empty claim I'd think that's preferable to propagating an address that was deactivated. If not, maybe better to transmit a canned and identifiable "not-an-address"? Also, why "unactive" rather than "inactive"? |
|
We currently use claims.email from Datatracker as the email address and unique (DT related) identifier of the registration, used when calling DT APIs. An empty or generic string would break this. |
|
Handing the inactive address is going to do less harm than returning an empty string. There's no promise to openId that that email address still works - it's just the best email address we have from someone. |
|
Thanks for the explanations. |
jennifer-richards
left a comment
There was a problem hiding this comment.
Assuming you'll change the "u" to "i" in the names and approving.
No description provided.