Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: avoid user provisioning when user already exists #8738

Merged
merged 3 commits into from
Jun 19, 2024

Merge branch 'main' into jans-casa-issue_8734

dd66e91
Select commit
Loading
Failed to load commit list.
Merged

fix: avoid user provisioning when user already exists #8738

Merge branch 'main' into jans-casa-issue_8734
dd66e91
Select commit
Loading
Failed to load commit list.
DryRunSecurity / Authn/Authz Analyzer succeeded Jun 19, 2024 in 3s

DryRun Security

Details

Authn/Authz Analyzer Findings: 1 detected

⚠️ Potential Authn/Authz Function Used or Modified jans-casa/plugins/acct-linking/extras/agama/lib/io/jans/casa/acctlinking/UidUtils.java (click for details)
Type Potential Authn/Authz Function Used or Modified
Description The code contains a function called getUserByAttribute which appears to be part of an authentication or authorization mechanism. This function is used to look up a user based on an external attribute, which is likely used to identify the user and determine their access privileges. Additionally, the code checks if a user is found based on the external attribute, and if not, it generates a new UID based on the external ID. This suggests that the code is dealing with authentication and authorization-related functionality.
Filename jans-casa/plugins/acct-linking/extras/agama/lib/io/jans/casa/acctlinking/UidUtils.java
CodeLink

jans/jans-casa/plugins/acct-linking/extras/agama/lib/io/jans/casa/acctlinking/UidUtils.java

Lines 17 to 40 in dd66e91

public static String lookupUid(String uidRef, String uid, String extUid, String jansExtAttrName,
String jansExtUid) throws IOException {
if (uidRef == null) {
//Find if the external account is already linked to a local one
User user = CdiUtil.bean(UserService.class).getUserByAttribute(jansExtAttrName, jansExtUid, true);
if (user == null) {
boolean uidPassed = uid != null;
if (uidPassed) {
logger.debug("Using uid passed: {}", uid);
return uid;
}
logger.info("Building a uid based on external id {}", extUid);
return extUid + "-" + randSuffix(3);
}
logger.info("Using uid of the account already linked to {}", jansExtUid);
return user.getUserId();
}
View more details on DryRunSecurity