Skip to content

Fix: oauth password is forced to be lowercase

What does this MR do and why?

The OAuth password is forced to be lowercase by this line and this will break the user creating process for OAuth if password complexity feature &8403 is enabled.

The requirements of reproducing this bug

  1. With Premium license
  2. Setup password complexity with uppercase rule enabled
  3. Allow login with OAuth with a new account

Propsal

Removing this downcase chained method from the auth_hash password method will fix this.

The reason of why we put a downcase here is unclear according to the original commit, but it should not be required anymore and we can remove this if the pipeline is passed.

Screenshots or screen recordings

Failed Process

setup password complexity login with GitHub error page
image image image

Expected Result

setup password complexity login with GitHub user created
image image image

How to set up and validate locally

  1. Setup an instance with Premium license
  2. Setup GitHub as provider by following Use GitHub as an authentication provider
  3. Login as admin and check the Require uppercase letters box on Admin-area -> Settings -> General -> Sign-up restrictions
  4. Logout and goto login page
  5. Click on the GitHub button and follow the auth process
  6. You should see it redirects to an error page

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

/cc @prajnamas

Related to #353874 (closed)

Edited by ARCHIVED - Martin Tan

Merge request reports

Loading