Details
-
Bug
-
Resolution: Unresolved
-
Medium
-
3.3.12
-
None
-
Yes
Description
After first login user with oAuth, and try to log in without oAuth user is redirected to forgot-password/migration
Steps to reproduce
- Install IBEXA DXP 3.3
- Configure OAuth - https://doc.ibexa.co/en/latest/guide/user_management/oauth/
- Log in via oAuth - a user need user/password permission
- Try to log in without oAuth
Result
A user is redirected to /forgot-password/migration and can change his own password, after this can log in without oAuth
Expected result
A user created with OAuth should only be able to log in using OAuth
Note
This redirect is because our provider RepositoryAuthenticationProvider throws a PasswordInUnsupportedFormatException exception, this exception is thrown by PasswordHashService
Designs
Attachments
Issue Links
- relates to
-
EZP-31462 Removed password hash types break login
- Closed