fix: check linked users before postAuthentication action (#5980)

* fix: check linked users before postAuthentication action

* fix: apply suggestions from code review

Co-authored-by: Silvan <silvan.reusser@gmail.com>

---------

Co-authored-by: Silvan <silvan.reusser@gmail.com>
This commit is contained in:
Stefan Benz 2023-06-08 00:16:02 +02:00 committed by GitHub
parent 6be41ea257
commit 0b1738dc5d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -286,17 +286,19 @@ func (l *Login) handleExternalUserAuthenticated(
callback func(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest),
) {
externalUser := mapIDPUserToExternalUser(user, provider.ID)
externalUser, externalUserChange, err := l.runPostExternalAuthenticationActions(externalUser, tokens(session), authReq, r, user, nil)
// check and fill in local linked user
externalErr := l.authRepo.CheckExternalUserLogin(setContext(r.Context(), ""), authReq.ID, authReq.AgentID, externalUser, domain.BrowserInfoFromRequest(r))
if !errors.IsNotFound(externalErr) {
l.renderError(w, r, authReq, externalErr)
return
}
externalUser, externalUserChange, err := l.runPostExternalAuthenticationActions(externalUser, tokens(session), authReq, r, user, externalErr)
if err != nil {
l.renderError(w, r, authReq, err)
return
}
err = l.authRepo.CheckExternalUserLogin(setContext(r.Context(), ""), authReq.ID, authReq.AgentID, externalUser, domain.BrowserInfoFromRequest(r))
if err != nil {
if !errors.IsNotFound(err) {
l.renderError(w, r, authReq, err)
return
}
// if action is done and no user linked then link or register
if errors.IsNotFound(externalErr) {
l.externalUserNotExisting(w, r, authReq, provider, externalUser)
return
}