Added check of provider name

Jefferson49 · Dec 31, 2024 · c954435 · c954435
1 parent 22cd501
commit c954435
Show file tree

Hide file tree

Showing 7 changed files with 56 additions and 39 deletions.
diff --git a/resources/lang/de.mo b/resources/lang/de.mo
diff --git a/resources/lang/de.po b/resources/lang/de.po
@@ -1,8 +1,8 @@
 msgid ""
 msgstr ""
 "Project-Id-Version: OAuth2Client\n"
-"POT-Creation-Date: 2024-12-30 21:43+0100\n"
-"PO-Revision-Date: 2024-12-30 21:45+0100\n"
+"POT-Creation-Date: 2024-12-31 06:03+0100\n"
+"PO-Revision-Date: 2024-12-31 06:05+0100\n"
 "Last-Translator: \n"
 "Language-Team: \n"
 "Language: de\n"
@@ -67,14 +67,18 @@ msgstr ""
 
 #: src/LoginWithAuthorizationProviderAction.php:330
 msgid ""
-"Login with the provided credentials denied. Username or email provided from "
-"authorization provider might already exist in webtrees."
+"Login with the provided user credentials denied. The username or email "
+"provided from the authorization provider might already exist in webtrees."
 msgstr ""
-"Anmeldung mit den angegebenen Anmeldeinformationen abgelehnt. Benutzername "
-"oder E-Mail vom Autorisierungsanbieter sind möglicherweise bereits in "
-"webtrees vorhanden."
+"Anmeldung mit den angegebenen Benutzeranmeldeinformationen verweigert. Der "
+"vom Autorisierungsanbieter angegebene Benutzername oder die E-Mail-Adresse "
+"ist möglicherweise bereits in Webtrees vorhanden."
 
-#: src/LoginWithAuthorizationProviderAction.php:371
+#: src/LoginWithAuthorizationProviderAction.php:337
+msgid "Login denied. Wrong authorization provider."
+msgstr "Anmeldung verweigert. Falscher Autorisierungsanbieter."
+
+#: src/LoginWithAuthorizationProviderAction.php:377
 #, php-format
 msgid ""
 "The length of the \"%s\" exceeded the maximum length of %s and was reduced "
@@ -418,9 +422,6 @@ msgstr ""
 "den Protokollfluss zwischen webtrees und dem Autorisierungsanbieter in den "
 "Website-Logs von webtrees protokolliert."
 
-#~ msgid "Sign in with authorization provider"
-#~ msgstr "Mit Autorisierungsanbieter anmelden"
-
 #~ msgid "Sign in with:"
 #~ msgstr "Anmelden mit:"
 

diff --git a/resources/lang/en-AU.mo b/resources/lang/en-AU.mo
diff --git a/resources/lang/en-AU.po b/resources/lang/en-AU.po
@@ -1,8 +1,8 @@
 msgid ""
 msgstr ""
 "Project-Id-Version: OAuth2Client\n"
-"POT-Creation-Date: 2024-12-30 20:32+0100\n"
-"PO-Revision-Date: 2024-12-30 20:33+0100\n"
+"POT-Creation-Date: 2024-12-31 06:05+0100\n"
+"PO-Revision-Date: 2024-12-31 06:06+0100\n"
 "Last-Translator: Rick Malkin <rick@alineofmalkins.com>\n"
 "Language-Team: \n"
 "Language: en_AU\n"
@@ -65,13 +65,17 @@ msgstr "Automatic user registration after sign in with authorisation provider"
 
 #: src/LoginWithAuthorizationProviderAction.php:330
 msgid ""
-"Login with the provided credentials denied. Username or email provided from "
-"authorization provider might already exist in webtrees."
+"Login with the provided user credentials denied. The username or email "
+"provided from the authorization provider might already exist in webtrees."
 msgstr ""
-"Login with the provided credentials denied. Username or email provided from "
-"authorisation provider might already exist in WebTrees."
+"Login with the provided user credentials denied. The username or email "
+"provided from the authorisation provider might already exist in webtrees."
 
-#: src/LoginWithAuthorizationProviderAction.php:371
+#: src/LoginWithAuthorizationProviderAction.php:337
+msgid "Login denied. Wrong authorization provider."
+msgstr "Login denied. Wrong authorisation provider."
+
+#: src/LoginWithAuthorizationProviderAction.php:377
 #, php-format
 msgid ""
 "The length of the \"%s\" exceeded the maximum length of %s and was reduced "
@@ -357,15 +361,19 @@ msgstr ""
 "in menu. This might be helpful if the custom module specific top menu for "
 "sign in is used instead."
 
-#: resources/views/settings.phtml:115
+#: resources/views/settings.phtml:113
+msgid "Settings for Debugging"
+msgstr ""
+
+#: resources/views/settings.phtml:119
 msgid "Debugging"
 msgstr ""
 
-#: resources/views/settings.phtml:118
+#: resources/views/settings.phtml:122
 msgid "Activate debug logs"
 msgstr ""
 
-#: resources/views/settings.phtml:120
+#: resources/views/settings.phtml:124
 msgid ""
 "By selecting this option, additional debug information about the protocol "
 "flow between webtrees and the authorization provider will be logged in the "
@@ -375,9 +383,6 @@ msgstr ""
 "flow between webtrees and the authorisation provider will be logged in the "
 "webtrees website logs."
 
-#~ msgid "Sign in with authorization provider"
-#~ msgstr "Sign in with authorisation provider"
-
 #, fuzzy
 #~| msgid "Signed in in with"
 #~ msgid "Sign in with:"

diff --git a/resources/lang/en-GB.mo b/resources/lang/en-GB.mo
diff --git a/resources/lang/en-GB.po b/resources/lang/en-GB.po
@@ -1,8 +1,8 @@
 msgid ""
 msgstr ""
 "Project-Id-Version: OAuth2Client\n"
-"POT-Creation-Date: 2024-12-30 20:33+0100\n"
-"PO-Revision-Date: 2024-12-30 20:34+0100\n"
+"POT-Creation-Date: 2024-12-31 06:06+0100\n"
+"PO-Revision-Date: 2024-12-31 06:07+0100\n"
 "Last-Translator: Rick Malkin <rick@alineofmalkins.com>\n"
 "Language-Team: \n"
 "Language: en_GB\n"
@@ -65,13 +65,17 @@ msgstr "Automatic user registration after sign in with authorisation provider"
 
 #: src/LoginWithAuthorizationProviderAction.php:330
 msgid ""
-"Login with the provided credentials denied. Username or email provided from "
-"authorization provider might already exist in webtrees."
+"Login with the provided user credentials denied. The username or email "
+"provided from the authorization provider might already exist in webtrees."
 msgstr ""
-"Login with the provided credentials denied. Username or email provided from "
-"authorisation provider might already exist in WebTrees."
+"Login with the provided user credentials denied. The username or email "
+"provided from the authorisation provider might already exist in webtrees."
 
-#: src/LoginWithAuthorizationProviderAction.php:371
+#: src/LoginWithAuthorizationProviderAction.php:337
+msgid "Login denied. Wrong authorization provider."
+msgstr "Login denied. Wrong authorisation provider."
+
+#: src/LoginWithAuthorizationProviderAction.php:377
 #, php-format
 msgid ""
 "The length of the \"%s\" exceeded the maximum length of %s and was reduced "
@@ -357,15 +361,19 @@ msgstr ""
 "in menu. This might be helpful if the custom module specific top menu for "
 "sign in is used instead."
 
-#: resources/views/settings.phtml:115
+#: resources/views/settings.phtml:113
+msgid "Settings for Debugging"
+msgstr ""
+
+#: resources/views/settings.phtml:119
 msgid "Debugging"
 msgstr ""
 
-#: resources/views/settings.phtml:118
+#: resources/views/settings.phtml:122
 msgid "Activate debug logs"
 msgstr ""
 
-#: resources/views/settings.phtml:120
+#: resources/views/settings.phtml:124
 msgid ""
 "By selecting this option, additional debug information about the protocol "
 "flow between webtrees and the authorization provider will be logged in the "
@@ -375,9 +383,6 @@ msgstr ""
 "flow between webtrees and the authorisation provider will be logged in the "
 "webtrees website logs."
 
-#~ msgid "Sign in with authorization provider"
-#~ msgstr "Sign in with authorisation provider"
-
 #~ msgid "Sign out"
 #~ msgstr "Sign out"
 

diff --git a/src/LoginWithAuthorizationProviderAction.php b/src/LoginWithAuthorizationProviderAction.php
@@ -326,10 +326,16 @@ private function doLogin(string $identifyer, string $provider_name, string $oaut
 
             //If time stamp is different from 0 (i.e. user already logged in at least once before)
             if ($user->getPreference(UserInterface::PREF_TIMESTAMP_ACTIVE) !== '0') {
-                Log::addAuthenticationLog($oauth_log_prefix . ': ' . 'Login denied (provided user/email from authorization provider is identical to an existing webtrees user, who has already logged in before): ' . $identifyer);
-                throw new Exception(I18N::translate('Login with the provided credentials denied. Username or email provided from authorization provider might already exist in webtrees.'));
+                Log::addAuthenticationLog($oauth_log_prefix . ': ' . 'Login denied. The provided username/email from the authorization provider is identical to an existing webtrees user, who has already logged in before: ' . $identifyer);
+                throw new Exception(I18N::translate('Login with the provided user credentials denied. The username or email provided from the authorization provider might already exist in webtrees.'));
             }
         }
+        //Check if the user logs in with the same provider as before
+        elseif ($user->getPreference(OAuth2Client::USER_PREF_PROVIDER_NAME, '') !== $provider_name) {
+
+            Log::addAuthenticationLog($oauth_log_prefix . ': ' . 'Login denied. Wrong authorization provider for user: ' . $identifyer);
+            throw new Exception(I18N::translate('Login denied. Wrong authorization provider.'));
+        }
 
         Auth::login($user);
         Log::addAuthenticationLog('Login: ' . Auth::user()->userName() . '/' . Auth::user()->realName());