mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-12 02:54:20 +00:00
fix: update linking users if action changed values (#6024)
Co-authored-by: Livio Spring <livio.a@gmail.com>
This commit is contained in:
parent
855d6b1bd5
commit
2d13d412a2
@ -292,14 +292,14 @@ func (l *Login) handleExternalUserAuthenticated(
|
||||
l.renderError(w, r, authReq, externalErr)
|
||||
return
|
||||
}
|
||||
externalUser, externalUserChange, err := l.runPostExternalAuthenticationActions(externalUser, tokens(session), authReq, r, user, externalErr)
|
||||
externalUser, externalUserChange, err := l.runPostExternalAuthenticationActions(externalUser, tokens(session), authReq, r, user, nil)
|
||||
if err != nil {
|
||||
l.renderError(w, r, authReq, err)
|
||||
return
|
||||
}
|
||||
// if action is done and no user linked then link or register
|
||||
if errors.IsNotFound(externalErr) {
|
||||
l.externalUserNotExisting(w, r, authReq, provider, externalUser)
|
||||
l.externalUserNotExisting(w, r, authReq, provider, externalUser, externalUserChange)
|
||||
return
|
||||
}
|
||||
if provider.IsAutoUpdate || len(externalUser.Metadatas) > 0 || externalUserChange {
|
||||
@ -334,7 +334,7 @@ func (l *Login) handleExternalUserAuthenticated(
|
||||
// * external not found overview:
|
||||
// - creation by user
|
||||
// - linking to existing user
|
||||
func (l *Login) externalUserNotExisting(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, provider *query.IDPTemplate, externalUser *domain.ExternalUser) {
|
||||
func (l *Login) externalUserNotExisting(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, provider *query.IDPTemplate, externalUser *domain.ExternalUser, changed bool) {
|
||||
resourceOwner := authz.GetInstance(r.Context()).DefaultOrganisationID()
|
||||
|
||||
if authReq.RequestedOrgID != "" && authReq.RequestedOrgID != resourceOwner {
|
||||
@ -360,6 +360,12 @@ func (l *Login) externalUserNotExisting(w http.ResponseWriter, r *http.Request,
|
||||
l.renderExternalNotFoundOption(w, r, authReq, orgIAMPolicy, human, idpLink, err)
|
||||
return
|
||||
}
|
||||
if changed {
|
||||
if err := l.authRepo.SetLinkingUser(r.Context(), authReq, externalUser); err != nil {
|
||||
l.renderError(w, r, authReq, err)
|
||||
return
|
||||
}
|
||||
}
|
||||
l.autoCreateExternalUser(w, r, authReq)
|
||||
}
|
||||
|
||||
|
@ -17,6 +17,7 @@ type AuthRequestRepository interface {
|
||||
CheckLoginName(ctx context.Context, id, loginName, userAgentID string) error
|
||||
CheckExternalUserLogin(ctx context.Context, authReqID, userAgentID string, user *domain.ExternalUser, info *domain.BrowserInfo) error
|
||||
SetExternalUserLogin(ctx context.Context, authReqID, userAgentID string, user *domain.ExternalUser) error
|
||||
SetLinkingUser(ctx context.Context, request *domain.AuthRequest, externalUser *domain.ExternalUser) error
|
||||
SelectUser(ctx context.Context, id, userID, userAgentID string) error
|
||||
SelectExternalIDP(ctx context.Context, authReqID, idpConfigID, userAgentID string) error
|
||||
VerifyPassword(ctx context.Context, id, userID, resourceOwner, password, userAgentID string, info *domain.BrowserInfo) error
|
||||
|
@ -278,6 +278,16 @@ func (repo *AuthRequestRepo) SetExternalUserLogin(ctx context.Context, authReqID
|
||||
return repo.AuthRequests.UpdateAuthRequest(ctx, request)
|
||||
}
|
||||
|
||||
func (repo *AuthRequestRepo) SetLinkingUser(ctx context.Context, request *domain.AuthRequest, externalUser *domain.ExternalUser) error {
|
||||
for i, user := range request.LinkingUsers {
|
||||
if user.ExternalUserID == externalUser.ExternalUserID {
|
||||
request.LinkingUsers[i] = externalUser
|
||||
return repo.AuthRequests.UpdateAuthRequest(ctx, request)
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (repo *AuthRequestRepo) setLinkingUser(ctx context.Context, request *domain.AuthRequest, externalUser *domain.ExternalUser) error {
|
||||
request.LinkingUsers = append(request.LinkingUsers, externalUser)
|
||||
return repo.AuthRequests.UpdateAuthRequest(ctx, request)
|
||||
|
Loading…
Reference in New Issue
Block a user