diff --git a/CHANGELOG.md b/CHANGELOG.md index 1483d6cb18e..8ab08f2dbc5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -30,6 +30,7 @@ - Fixed errors that could occur on Ajax requests when deleting an inline-editable Matrix block. ([#16540](https://github.com/craftcms/cms/issues/16540)) - Fixed compatibility with the Google Authenticator app for TOTP-based authentication. ([#16466](https://github.com/craftcms/cms/issues/16466), [#16552](https://github.com/craftcms/cms/issues/16552)) - Fixed a bug where the Updates utility wasn’t showing the “Update all” button if multiple updates were available. ([#16565](https://github.com/craftcms/cms/issues/16565)) +- Fixed a bug where `craft\services\Sso::findUser()` wasn't accounting for soft-deleted users. ([#16491](https://github.com/craftcms/cms/pull/16491)) ## 5.6.1 - 2025-01-22 diff --git a/src/services/Sso.php b/src/services/Sso.php index 202588b69b4..b7103e34500 100644 --- a/src/services/Sso.php +++ b/src/services/Sso.php @@ -217,26 +217,18 @@ public function getProviderByHandle(string $handle): ProviderInterface */ public function findUser(ProviderInterface $provider, string $idpIdentifier): ?User { - $userId = (new Query()) - ->select([ - 'userId', - ]) - ->from([ - Table::SSO_IDENTITIES, - ]) - ->where( + return User::find() + ->innerJoin( + ['s_i' => Table::SSO_IDENTITIES], + '[[s_i.userId]] = [[users.id]]', + ) + ->andWhere( [ - 'provider' => $provider->getHandle(), - 'identityId' => $idpIdentifier, + 's_i.provider' => $provider->getHandle(), + 's_i.identityId' => $idpIdentifier, ] ) - ->scalar(); - - if (!$userId) { - return null; - } - - return Craft::$app->getUsers()->getUserById($userId); + ->one(); } /**