Uploaded image for project: 'phpBB3'
  1. phpBB3
  2. PHPBB3-15716

OAuth link information remains after deleting a user, causes fatal exception

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Fixed
    • 3.2.3
    • 3.2.4-RC1
    • None
    • None

    Description

      If a user is linked to any OAuth accounts, and then that user is deleted, the OAuth link associations for that user remains in the auth_provider_oauth_token_account_assoc table. If the user tries to log in again using OAuth, an exception with an AUTH_PROVIDER_OAUTH_ERROR_INVALID_ENTRY message is thrown.

      Steps to reproduce:

      1. Link a user using OAuth. A row is created in the oauth token account assoc table.
      2. Delete that user.
      3. Try to login as that user using OAuth.
      4. Exception is thrown.

      Attachments

        Issue Links

          caused

          Bug - A problem which impairs or prevents the functions of the product. PHPBB3-15911 SQL general error on DB update from 3.0 branch

          • Blocker - Blocks development and/or testing work, production could not run.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. PHPBB3-15906 Two tables not being created during upgrades

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Activity

            People

              Marc Marc
              ghostal ghostal [X] (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: