From 53ec794e5398dfc7b62d4a5c8138af41597784b6 Mon Sep 17 00:00:00 2001 From: Dan Brown Date: Sat, 26 Sep 2020 16:43:06 +0100 Subject: [PATCH] Fixed issue where SAML login not notifiy on existing user Added testing to cover Fixes #2263 --- app/Auth/Access/RegistrationService.php | 2 +- tests/Auth/Saml2Test.php | 27 +++++++++++++++++++++++++ 2 files changed, 28 insertions(+), 1 deletion(-) diff --git a/app/Auth/Access/RegistrationService.php b/app/Auth/Access/RegistrationService.php index b85f7ffd8..ecc92c117 100644 --- a/app/Auth/Access/RegistrationService.php +++ b/app/Auth/Access/RegistrationService.php @@ -57,7 +57,7 @@ class RegistrationService // Ensure user does not already exist $alreadyUser = !is_null($this->userRepo->getByEmail($userEmail)); if ($alreadyUser) { - throw new UserRegistrationException(trans('errors.error_user_exists_different_creds', ['email' => $userEmail])); + throw new UserRegistrationException(trans('errors.error_user_exists_different_creds', ['email' => $userEmail]), '/login'); } // Create the user diff --git a/tests/Auth/Saml2Test.php b/tests/Auth/Saml2Test.php index 7303d4bd8..d58162497 100644 --- a/tests/Auth/Saml2Test.php +++ b/tests/Auth/Saml2Test.php @@ -319,6 +319,33 @@ class Saml2Test extends TestCase $homeGet->assertRedirect('/register/confirm/awaiting'); } + public function test_login_where_existing_non_saml_user_shows_warning() + { + $this->post('/saml2/login'); + config()->set(['saml2.onelogin.strict' => false]); + + // Make the user pre-existing in DB with different auth_id + User::query()->forceCreate([ + 'email' => 'user@example.com', + 'external_auth_id' => 'old_system_user_id', + 'email_confirmed' => false, + 'name' => 'Barry Scott' + ]); + + $this->withPost(['SAMLResponse' => $this->acsPostData], function () { + $acsPost = $this->post('/saml2/acs'); + $acsPost->assertRedirect('/login'); + $this->assertFalse($this->isAuthenticated()); + $this->assertDatabaseHas('users', [ + 'email' => 'user@example.com', + 'external_auth_id' => 'old_system_user_id', + ]); + + $loginGet = $this->get('/login'); + $loginGet->assertSee("A user with the email user@example.com already exists but with different credentials"); + }); + } + protected function withGet(array $options, callable $callback) { return $this->withGlobal($_GET, $options, $callback);