SpecialK
Well-known member
We are migrating a forum from vBulletin 4. In this installation, users were forced to log in via a third party API (The vBulletin login process was hijacked by our plugin, to authenticate the submitted user/pass combination with the third party, then starting the vBulletin session if the auth was successful).
In XF, we have upgraded this third party integration to work with OAuth and XF Connected Accounts. This new OAuth integration is working fine.
Now here is the problem: The users MUST be forced to log in via our custom OAuth provider. They cannot be allowed to log in via XF user/pass combination. We have this part working fine. The problem that arises is that in order to connect a third party account, the user must first be logged in to XF. Otherwise, they will receive an error response upon attempting to log in - The email address linked to this {Provider} account belongs to another member's account on {Site}. Please log into that {Site} account to associate with {Provider}.
So I'm looking for some bright ideas on how we can handle this. Should we simply override that error and allow the connected account process to complete, or should we deal with this in some other way? The key here is that users don't even know their XF passwords, because in the database, it's stored as a random string. And allowing the users to log in via XF Auth completely bypasses the connected account login, which is no good. They must only be able to log in via our single OAuth provider.
Hoping someone has a bright idea on how to seamlessly get this implemented.
In XF, we have upgraded this third party integration to work with OAuth and XF Connected Accounts. This new OAuth integration is working fine.
Now here is the problem: The users MUST be forced to log in via our custom OAuth provider. They cannot be allowed to log in via XF user/pass combination. We have this part working fine. The problem that arises is that in order to connect a third party account, the user must first be logged in to XF. Otherwise, they will receive an error response upon attempting to log in - The email address linked to this {Provider} account belongs to another member's account on {Site}. Please log into that {Site} account to associate with {Provider}.
So I'm looking for some bright ideas on how we can handle this. Should we simply override that error and allow the connected account process to complete, or should we deal with this in some other way? The key here is that users don't even know their XF passwords, because in the database, it's stored as a random string. And allowing the users to log in via XF Auth completely bypasses the connected account login, which is no good. They must only be able to log in via our single OAuth provider.
Hoping someone has a bright idea on how to seamlessly get this implemented.