From: Aki Tuomi <aki.tuomi@open-xchange.com>
Date: Tue, 20 Feb 2024 12:52:03 +0000 (+0200)
Subject: db-oauth2: Mark passdb_success already here
X-Git-Tag: 2.4.1~1021
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ba959c56dbf9ab9b6ec75cb6ae73559d687e6cff;p=thirdparty%2Fdovecot%2Fcore.git

db-oauth2: Mark passdb_success already here

Allows setting auth fields without passdb.
---

diff --git a/src/auth/db-oauth2.c b/src/auth/db-oauth2.c
index 77e86dd3b1..06ebfb73c1 100644
--- a/src/auth/db-oauth2.c
+++ b/src/auth/db-oauth2.c
@@ -600,9 +600,18 @@ static void db_oauth2_process_fields(struct db_oauth2_request *req,
 
 	if (db_oauth2_user_is_enabled(req, result_r, error_r) &&
 	    db_oauth2_validate_username(req, result_r, error_r) &&
-	    db_oauth2_token_in_scope(req, result_r, error_r) &&
-	    db_oauth2_template_export(req, result_r, error_r)) {
+	    db_oauth2_token_in_scope(req, result_r, error_r)) {
+		/* The user has now been successfully authenticated,
+		   mark the request as such. This allows having no
+		   passdb in config. */
+		req->auth_request->passdb_success = TRUE;
 		*result_r = PASSDB_RESULT_OK;
+		auth_fields_snapshot(req->auth_request->fields.extra_fields);
+		if (!db_oauth2_template_export(req, result_r, error_r)) {
+			auth_fields_rollback(req->auth_request->fields.extra_fields);
+			req->auth_request->passdb_success = FALSE;
+			*result_r = PASSDB_RESULT_INTERNAL_FAILURE;
+		}
 	} else {
 		i_assert(*result_r != PASSDB_RESULT_OK && *error_r != NULL);
 	}