sureshanaparti commented on code in PR #12702:
URL: https://github.com/apache/cloudstack/pull/12702#discussion_r3147205806
##########
plugins/user-authenticators/oauth2/src/main/java/org/apache/cloudstack/oauth2/api/command/OauthLoginAPIAuthenticatorCmd.java:
##########
@@ -138,6 +139,18 @@ public String authenticate(String command, Map<String,
Object[]> params, HttpSes
final String[] domainName = (String[])params.get(ApiConstants.DOMAIN);
String domain = getDomainName(auditTrailSb, domainName);
+ final Domain userDomain =
_domainService.findDomainByIdOrPath(domainId, domain);
+ if (Objects.nonNull(userDomain)) {
+ domainId = userDomain.getId();
+ }
+
+ boolean oauthEnabled = domainId == null
+ ? Boolean.TRUE.equals(OAuth2IsPluginEnabled.value())
+ :
Boolean.TRUE.equals(OAuth2IsPluginEnabled.valueInScope(ConfigKey.Scope.Domain,
domainId, true));
+ if (!oauthEnabled) {
+ throw new CloudAuthenticationException("OAuth is not enabled,
users cannot login using OAuth");
Review Comment:
```suggestion
logger.debug(String.format("OAuth is not enabled %s, users
cannot login using OAuth", domainId == null ? "globally" : "in domain " +
domainId))
throw new CloudAuthenticationException("You are not allowed to
login, please contact your administrator.");
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
