From 0ce1f349579ee9b30748af01960163aa883b188f Mon Sep 17 00:00:00 2001
From: Aki Tuomi <aki.tuomi@open-xchange.com>
Date: Thu, 29 Oct 2020 11:37:22 +0200
Subject: [PATCH] auth: db-oauth2 - If active attribute is present in request,
 check it

If the attribute is missing, do not assume it's false.
---
 src/auth/db-oauth2.c | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/src/auth/db-oauth2.c b/src/auth/db-oauth2.c
index 7a3a8ed461..463e4555c8 100644
--- a/src/auth/db-oauth2.c
+++ b/src/auth/db-oauth2.c
@@ -540,11 +540,12 @@ static bool
 db_oauth2_user_is_enabled(struct db_oauth2_request *req,
 			  enum passdb_result *result_r, const char **error_r)
 {
-	if (*req->db->set.active_attribute != '\0') {
-		const char *active_value = auth_fields_find(req->fields, req->db->set.active_attribute);
-		if (active_value == NULL ||
-		    (*req->db->set.active_value != '\0' &&
-		     strcmp(req->db->set.active_value, active_value) != 0)) {
+	if (*req->db->set.active_attribute != '\0' &&
+	    *req->db->set.active_value != '\0') {
+		const char *active_value =
+			auth_fields_find(req->fields, req->db->set.active_attribute);
+		if (active_value != NULL &&
+		    strcmp(req->db->set.active_value, active_value) != 0) {
 			*error_r = "Provided token is not valid";
 			*result_r = PASSDB_RESULT_PASSWORD_MISMATCH;
 			return FALSE;
-- 
2.47.3