Remove password and 2fa options for sso controlled users #603
Conversation
| @@ -763,6 +763,11 @@ public function removeOAuth2UserConsent(OAuth2UserConsent $oAuth2UserConsent): s | |||
| return $this; | |||
| } | |||
|
|
|||
| public function isSsoControlled(): bool | |||
| { | |||
| return $this->oauthGithubId || $this->oauthGoogleId || $this->oauthFacebookId || $this->oauthKeycloakId || $this->oauthZitadelId; | |||
There was a problem hiding this comment.
this is obviously prone to getting out of date if new identity providers are added. Not sure if there's a better way, or maybe can think of one later. We could add a column on user that they are sso controlled, but that means we have to be sure to set it to true every time a new provider is added which is also possible to mess up, but perhaps less likely
|
Does it also make sense to remove the email tab since it requires a password to change?
|
|
Dang, I clearly got it wrong in the issue. I assume that means it's impossible to update an SSO controlled users email, as obviously there's no current password for them to use. I suppose I'll keep the page, but remove the form to update it, so you can see your current email value. If it ever changes upstream (downstream?) it won't update here, but at least users will be able to see that and potentially ask an admin to fix it until we have a way to resync with the SSO provider somehow |
|
It now looks like this when an SSO user
I may have gone overboard making a div to look like the input box... supposedly input can be used outside of forms but, didn't really seem like people thought it was a good idea. Maybe other styling would be more simple 🤔 |
|
So...another problem (maybe), if an SSO user wants to delete their account, should it be allowed?
|
|
Is your comment about deleting / tombstoning the account, or the fact that it requires current password (and thus isn't currently possible)? |
The latter, without a password its not possible for an SSO user to delete their account now. |
Remove the password and 2fa setting options for users that have oauth configured
If the user attempts to access the password / 2fa pages manually, gets a 403 access denied response
2fa remove/disable is still allowed in code, so admins should still be able to remove 2fa if for some reason it was or gets enabled, but enabling is not allowed
Fixes #576