From cf992ec194ef8fbcd86ad170bdc68c6075712591 Mon Sep 17 00:00:00 2001
From: Dan <djr2468@gmail.com>
Date: Mon, 3 Apr 2023 22:22:20 +0100
Subject: Block login when openid is forced

---
 src/main/java/org/traccar/api/security/LoginService.java | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'src')

diff --git a/src/main/java/org/traccar/api/security/LoginService.java b/src/main/java/org/traccar/api/security/LoginService.java
index c7482a2e3..db9ed6cff 100644
--- a/src/main/java/org/traccar/api/security/LoginService.java
+++ b/src/main/java/org/traccar/api/security/LoginService.java
@@ -43,6 +43,7 @@ public class LoginService {
 
     private final String serviceAccountToken;
     private final boolean forceLdap;
+    private final boolean forceOpenId;
 
     @Inject
     public LoginService(
@@ -53,6 +54,7 @@ public class LoginService {
         this.ldapProvider = ldapProvider;
         serviceAccountToken = config.getString(Keys.WEB_SERVICE_ACCOUNT_TOKEN);
         forceLdap = config.getBoolean(Keys.LDAP_FORCE);
+        forceOpenId = config.getBoolean(Keys.OPENID_FORCE);
     }
 
     public User login(String token) throws StorageException, GeneralSecurityException, IOException {
@@ -69,6 +71,10 @@ public class LoginService {
     }
 
     public User login(String email, String password) throws StorageException {
+        if (forceOpenId) {
+            return null;
+        }
+
         email = email.trim();
         User user = storage.getObject(User.class, new Request(
                 new Columns.All(),
-- 
cgit v1.2.3