fix: Externallogin on existing session (#990)

* fix: existing session with external login * fix: existing session with external login * fix: return in login
2024-12-13 03:24:26 +00:00 · 2020-11-20 09:00:49 +01:00 · 2020-11-20 09:00:49 +01:00 · 7c6fd2b51e
commit 7c6fd2b51e
parent 85d2be2e8c
3 changed files with 7 additions and 1 deletions
--- a/internal/auth/repository/eventsourcing/handler/user_session.go
+++ b/internal/auth/repository/eventsourcing/handler/user_session.go
@ -76,7 +76,9 @@ func (u *UserSession) Reduce(event *models.Event) (err error) {
 		es_model.HumanMFAOTPRemoved,
 		es_model.HumanProfileChanged,
 		es_model.DomainClaimed,
-		es_model.UserUserNameChanged:
+		es_model.UserUserNameChanged,
+		es_model.HumanExternalIDPRemoved,
+		es_model.HumanExternalIDPCascadeRemoved:
 		sessions, err := u.view.UserSessionsByUserID(event.AggregateID)
 		if err != nil {
 			return err
--- a/internal/ui/login/handler/external_login_handler.go
+++ b/internal/ui/login/handler/external_login_handler.go
@ -45,6 +45,7 @@ func (l *Login) handleExternalLoginStep(w http.ResponseWriter, r *http.Request,
 	for _, idp := range authReq.AllowedExternalIDPs {
 		if idp.IDPConfigID == selectedIDPConfigID {
 			l.handleIDP(w, r, authReq, selectedIDPConfigID)
+			return
 		}
 	}
 	l.renderLogin(w, r, authReq, errors.ThrowInvalidArgument(nil, "VIEW-Fsj7f", "Errors.User.ExternalIDP.NotAllowed"))
--- a/internal/user/repository/view/model/user_session.go
+++ b/internal/user/repository/view/model/user_session.go
@ -116,5 +116,8 @@ func (v *UserSessionView) AppendEvent(event *models.Event) {
 		v.SecondFactorVerification = time.Time{}
 		v.ExternalLoginVerification = time.Time{}
 		v.State = int32(req_model.UserSessionStateTerminated)
+	case es_model.HumanExternalIDPRemoved, es_model.HumanExternalIDPCascadeRemoved:
+		v.ExternalLoginVerification = time.Time{}
+		v.SelectedIDPConfigID = ""
 	}
 }