feat: onlyCreateInvited option is not applied on coreIdProviders

data-fair · Dec 13, 2024 · 4135e17 · 4135e17
1 parent bf9a0da
commit 4135e17
Showing 1 changed file with 4 additions and 5 deletions.
diff --git a/server/routers/auth.js b/server/routers/auth.js
@@ -831,9 +831,12 @@ const oauthCallback = asyncWrap(async (req, res, next) => {
   let user = await storage.getUserByEmail(userInfo.user.email, req.site)
   logContext.user = user
 
-  if (!user && !invit && config.onlyCreateInvited) {
+  if (!user && !invit && config.onlyCreateInvited && !provider.coreIdProvider) {
     return returnError('onlyCreateInvited', 400)
   }
+  if (!user && storage.readonly) {
+    return returnError('userUnknown', 403)
+  }
 
   // Re-create a user that was never validated.. first clean temporary user
   if (user && user.emailConfirmed === false) {
@@ -851,10 +854,6 @@ const oauthCallback = asyncWrap(async (req, res, next) => {
   if (invit && memberInfo.create) throw new Error('Cannot create a member from a identity provider and accept an invitation at the same time')
 
   if (!user) {
-    if ((!invit && config.onlyCreateInvited) || storage.readonly) {
-      return returnError('userUnknown', 403)
-    }
-
     if (provider.coreIdProvider) {
       oauthInfo.coreId = true
       userInfo.user.coreIdProvider = { type: provider.type || 'oauth', id: provider.id }