mirror of
https://github.com/flarum/core.git
synced 2025-07-25 18:51:40 +02:00
31b925164c
The change introduced in #1033 transformed any identification attribute returned from an OAuth provider to just a default value. When the identification attribute used by the provider is the email or username, this allowed the user to supply a different email or username and still getting an already-enabled account with the credentials he entered. Skipping attributes with an existing value makes no sense here because it's a always a fresh user and values from AbstractOAuth2Controller::getIdentification() should always be enforced.