Hi!
The wikimedia installation I maintain is using this great plugin for integrating Azure AD in our systems. It has been using the plugin since 1.31. It is configured to use migration of users from the previous SSO (Keycloak) by matching via username. This was working fine in 1.31. In 1.35 the code looks like this: (for matching already existing username with preferred username):
/**
* @param string $username
* @return string|null
*/
public function getMigratedIdByUserName( string $username ): ?string {
$dbr = wfGetDB( DB_REPLICA );
$row = $dbr->selectRow(
[
'user',
'openid_connect'
],
[
'user_id'
],
[
'user_name' => $username,
'oidc_user' => null
],
__METHOD__,
[],
[
'openid_connect' => [ 'LEFT JOIN', [ 'user_id=oidc_user' ] ]
]
);
if ( $row !== false ) {
return $row->user_id;
}
return null;
}I believe the condition:
'oidc_user' => null
Is bogus and is making the code not do what it is intended to do. I removed this condition and now the migration of users is working properly.
Thanks in advance, Diego