feat: Add the possibitily to not authorize the login against the external store - EXO-67969 - Meeds-io/meeds#1417

rdenarie · rdenarie · commit 710589e20467 · 2023-12-06T14:56:57.000+01:00
In some case, when the platform is configured with an external user store AND SSO like OIDC, the IDP have security rules for the login like MFA.
But, as the user is present in the external store, he can logs with the eXo login form, bypassing security rules
This commit add a property to refused the connection for a user in the external store by the exo login form.
He have to use the IDP login form
diff --git a/exo.core.component.organization.api/src/main/java/org/exoplatform/services/organization/externalstore/IDMExternalStoreService.java b/exo.core.component.organization.api/src/main/java/org/exoplatform/services/organization/externalstore/IDMExternalStoreService.java
@@ -56,10 +56,12 @@ public interface IDMExternalStoreService {
 
   public static final String            USER_PROFILE_ADDED_FROM_EXTERNAL_STORE  = "exo.idm.externalStore.user.profile.new";
 
+  public static final String             AUTHORIZE_LOGIN_PARAM = "exo.idm.externalStore.authorizelogin";
+
   /**
    * Authenticates user using external store only
    * 
-   * @param username
+   * @param usernamece
    * @param password
    * @return
    * @throws Exception
