Fix: oauth password is forced to be lowercase
What does this MR do and why?
The OAuth password is forced to be lowercase by this line and this will break the user creating process for OAuth if password complexity feature &8403 is enabled.
The requirements of reproducing this bug
- With Premium license
- Setup password complexity with uppercase rule enabled
- Allow login with OAuth with a new account
Propsal
Removing this downcase
chained method from the auth_hash password
method will fix this.
The reason of why we put a downcase
here is unclear according to the original commit, but it should not be required anymore and we can remove this if the pipeline is passed.
Screenshots or screen recordings
Failed Process
setup password complexity | login with GitHub | error page |
---|---|---|
Expected Result
setup password complexity | login with GitHub | user created |
---|---|---|
How to set up and validate locally
- Setup an instance with Premium license
- Setup GitHub as provider by following Use GitHub as an authentication provider
- Login as admin and check the
Require uppercase letters
box onAdmin-area -> Settings -> General -> Sign-up restrictions
- Logout and goto login page
- Click on the GitHub button and follow the auth process
- You should see it redirects to an error page
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
/cc @prajnamas
Related to #353874 (closed)
Edited by ARCHIVED - Martin Tan