Merge pull request #7624 from Budibase/fix-oidc-auto-user

Fix auto user creation for OIDC auth
This commit is contained in:
Rory Powell 2022-09-05 13:57:24 +01:00 committed by GitHub
commit 41e92c013d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 18 additions and 7 deletions

View File

@ -189,23 +189,34 @@ export const save = async (
const tenantId = tenancy.getTenantId() const tenantId = tenancy.getTenantId()
const db = tenancy.getGlobalDB() const db = tenancy.getGlobalDB()
let { email, _id } = user let { email, _id } = user
if (!email && !_id) {
throw new Error("_id or email is required")
}
let dbUser: User | undefined let dbUser: User | undefined
if (_id) { if (_id) {
// try to get existing user from db // try to get existing user from db
try {
dbUser = (await db.get(_id)) as User dbUser = (await db.get(_id)) as User
if (email && dbUser.email !== email) { if (email && dbUser.email !== email) {
throw "Email address cannot be changed" throw "Email address cannot be changed"
} }
email = dbUser.email email = dbUser.email
} else if (email) { } catch (e: any) {
if (e.status === 404) {
// do nothing, save this new user with the id specified - required for SSO auth
} else {
throw e
}
}
}
if (!dbUser && email) {
// no id was specified - load from email instead // no id was specified - load from email instead
dbUser = await usersCore.getGlobalUserByEmail(email) dbUser = await usersCore.getGlobalUserByEmail(email)
if (dbUser && dbUser._id !== _id) { if (dbUser && dbUser._id !== _id) {
throw `Unavailable` throw `Unavailable`
} }
} else {
throw new Error("_id or email is required")
} }
await validateUniqueUser(email, tenantId) await validateUniqueUser(email, tenantId)