From cb15c2a413e1b74369e91c657d012d0167f32039 Mon Sep 17 00:00:00 2001 From: Rick Butterfield Date: Mon, 8 Nov 2021 12:44:01 +0000 Subject: [PATCH] Fixes #11591 --- .../Security/BackOfficeSignInManager.cs | 22 ++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) diff --git a/src/Umbraco.Web.BackOffice/Security/BackOfficeSignInManager.cs b/src/Umbraco.Web.BackOffice/Security/BackOfficeSignInManager.cs index c043cf73d2b2..96c98d80de56 100644 --- a/src/Umbraco.Web.BackOffice/Security/BackOfficeSignInManager.cs +++ b/src/Umbraco.Web.BackOffice/Security/BackOfficeSignInManager.cs @@ -193,6 +193,17 @@ private async Task AutoLinkAndSignInExternalAccount(ExternalLoginI return AutoLinkSignInResult.FailedException(ex.Message); } + var shouldSignIn = autoLinkOptions.OnExternalLogin(autoLinkUser, loginInfo); + if (shouldSignIn == false) + { + Logger.LogWarning("The AutoLinkOptions of the external authentication provider '{LoginProvider}' have refused the login based on the OnExternalLogin method. Affected user id: '{UserId}'", loginInfo.LoginProvider, autoLinkUser.Id); + return SignInResult.NotAllowed; + } + else + { + return await LinkUser(autoLinkUser, loginInfo); + } + return await LinkUser(autoLinkUser, loginInfo); } else @@ -226,7 +237,16 @@ private async Task AutoLinkAndSignInExternalAccount(ExternalLoginI } else { - return await LinkUser(autoLinkUser, loginInfo); + var shouldSignIn = autoLinkOptions.OnExternalLogin(autoLinkUser, loginInfo); + if (shouldSignIn == false) + { + Logger.LogWarning("The AutoLinkOptions of the external authentication provider '{LoginProvider}' have refused the login based on the OnExternalLogin method. Affected user id: '{UserId}'", loginInfo.LoginProvider, autoLinkUser.Id); + return SignInResult.NotAllowed; + } + else + { + return await LinkUser(autoLinkUser, loginInfo); + } } } }