Uploaded image for project: 'phpBB3'
  1. phpBB3
  2. PHPBB3-15716

OAuth link information remains after deleting a user, causes fatal exception

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 3.2.3
    • Fix Version/s: 3.2.4-RC1
    • Component/s: None
    • Labels:
      None

      Description

      If a user is linked to any OAuth accounts, and then that user is deleted, the OAuth link associations for that user remains in the auth_provider_oauth_token_account_assoc table. If the user tries to log in again using OAuth, an exception with an AUTH_PROVIDER_OAUTH_ERROR_INVALID_ENTRY message is thrown.

      Steps to reproduce:

      1. Link a user using OAuth. A row is created in the oauth token account assoc table.
      2. Delete that user.
      3. Try to login as that user using OAuth.
      4. Exception is thrown.

        Attachments

          Issue Links

          caused

          Bug - A problem which impairs or prevents the functions of the product. PHPBB3-15911 SQL general error on DB update from 3.0 branch

          • Blocker - Blocks development and/or testing work, production could not run.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. PHPBB3-15906 Two tables not being created during upgrades

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

            Activity

              People

              • Assignee:
                Marc Marc
                Reporter:
                ghostal ghostal [X] (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: