From bfb698553f14a9075ca33b08232375cbb75f3fe1 Mon Sep 17 00:00:00 2001 From: Marco Bettini Date: Thu, 1 Jun 2023 10:47:50 +0000 Subject: [PATCH] auth: db-oauth2 - Handle the case for check on attribute presence only --- src/auth/db-oauth2.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/src/auth/db-oauth2.c b/src/auth/db-oauth2.c index 20418351a2..4ad350d676 100644 --- a/src/auth/db-oauth2.c +++ b/src/auth/db-oauth2.c @@ -268,9 +268,6 @@ struct db_oauth2 *db_oauth2_init(const char *config_path) db->oauth2_set.use_grant_password = db->set.use_grant_password; db->oauth2_set.scope = db->set.scope; - if (*db->set.active_attribute != '\0' && - *db->set.active_value == '\0') - i_fatal("oauth2: Cannot have empty active_value if active_attribute is set"); if (*db->set.active_attribute == '\0' && *db->set.active_value != '\0') i_fatal("oauth2: Cannot have empty active_attribute is active_value is set"); @@ -605,8 +602,7 @@ static bool db_oauth2_user_is_enabled(struct db_oauth2_request *req, enum passdb_result *result_r, const char **error_r) { - if (*req->db->set.active_attribute == '\0' || - *req->db->set.active_value == '\0') { + if (*req->db->set.active_attribute == '\0' ) { e_debug(authdb_event(req->auth_request), "oauth2 active_attribute is not configured; skipping the check"); return TRUE; @@ -624,6 +620,13 @@ db_oauth2_user_is_enabled(struct db_oauth2_request *req, return FALSE; } + if (*req->db->set.active_value == '\0') { + e_debug(authdb_event(req->auth_request), + "oauth2 active_attribute \"%s\" present; skipping the check on value", + req->db->set.active_attribute); + return TRUE; + } + if (strcmp(req->db->set.active_value, active_value) != 0) { e_debug(authdb_event(req->auth_request), "oauth2 active_attribute check failed: expected %s=\"%s\" but got \"%s\"", -- 2.47.3