autoupdate = false not take effect

[rleal124]

Hi all,

I ahve the oauth2 configure in order to do not autoupdate the role and profile and disable the auto login.

Autoupdate its profile and roles?

autoupdate = false or autoupdate = "false"

Autologin user using SSO?

autologin = false or autologin = "false"

The problem I see, the cortex keep updating the user profiles and roles, Also I see the below message:

[DEBUG] from org.thp.cortex.services.OAuth2Srv in application-akka.actor.default-dispatcher-15 - Updating OAuth/OIDC user

Can please help?

[P1514]

We found that autoupdate and autocreate are switched in behaviour.

If we set autoupdate to false or comment no new users are created If we set autocreate to false users are no longer updated.

Anyone else experiencing this issue?

[masdeeper]

We have same issue with autoupdate, by setting autocreate to false instead, it works now.

[vaclavbartos]

Yes, I looked at source codes and it seems to be switched, indeed. I think the fix will be easy - just swap lines 28,29 (or 59,60) in OAuth2Srv.scala. However, I've never wrote anything in Scala and don't even know how to compile and test it, so I'm rather not making a pull request. If there's anyone who can test it, please do so.