Original issue in the Drupal queue filed and fixed by codebymikey. I've quoted the issue below and I'll submit a PR based on that patch with a few tweaks needed for the Backdrop implementation.
Problem/Motivation
simpleSAMLphp auth should be capable of merging with existing Drupal user accounts without crashing when a username/email conflict occurs.
simpleSAMLphp should be able to detect that user during the login process rather than crashing because the email or username is already in use.
Proposed resolution
Provide configuration options for administrators to decide what to do during the situation. Either merge/abort the login.
And if there's an edge case where two accounts exist (account 1 with the username, and account 2 with the email, then it should abort for the admin to clean up).
Original issue in the Drupal queue filed and fixed by codebymikey. I've quoted the issue below and I'll submit a PR based on that patch with a few tweaks needed for the Backdrop implementation.
Problem/Motivation
simpleSAMLphp auth should be capable of merging with existing Drupal user accounts without crashing when a username/email conflict occurs.
It throws the following:
<?php PDOException: SQLSTATE[23000]: Integrity constraint violation: 1062 Duplicate entry 'my-username' for key 'name': INSERT INTO {users} (uid, name, pass, created, access, status, init, uuid) VALUES (:db_insert_placeholder_0, :db_insert_placeholder_1, :db_insert_placeholder_2, :db_insert_placeholder_3, :db_insert_placeholder_4, :db_insert_placeholder_5, :db_insert_placeholder_6, :db_insert_placeholder_7); Array ( [:db_insert_placeholder_0] => 16602 [:db_insert_placeholder_1] => redacted [:db_insert_placeholder_2] => redacted [:db_insert_placeholder_3] => 1610106922 [:db_insert_placeholder_4] => 1610106922 [:db_insert_placeholder_5] => 1 [:db_insert_placeholder_6] => redacted [:db_insert_placeholder_7] => redacted ) in drupal_write_record() (line 7460 of /app/application/web/includes/common.inc). ?>
Steps to reproduce
Example use case:
usera
and email code>usera@example.com</code.Proposed resolution
Provide configuration options for administrators to decide what to do during the situation. Either merge/abort the login.
And if there's an edge case where two accounts exist (account 1 with the username, and account 2 with the email, then it should abort for the admin to clean up).
Remaining tasks
Provide a patch/PR.