From d90e78e4179fbcb3d926eaf53d97af6cfe59fb43 Mon Sep 17 00:00:00 2001
From: viehlieb <pf@pragma-shift.net>
Date: Fri, 23 Dec 2022 11:47:33 +0100
Subject: [PATCH 1/2] move logic for group routine to wekan-oidc package

---
 packages/wekan-oidc/oidc_server.js | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/packages/wekan-oidc/oidc_server.js b/packages/wekan-oidc/oidc_server.js
index aa2c09a46..38a618061 100644
--- a/packages/wekan-oidc/oidc_server.js
+++ b/packages/wekan-oidc/oidc_server.js
@@ -81,7 +81,6 @@ OAuth.registerService('oidc', 2, null, function (query) {
 
   //temporarily store data from oidc in user.services.oidc.groups to update groups
   serviceData.groups = (userinfo["groups"] && userinfo["wekanGroups"]) ? userinfo["wekanGroups"] : userinfo["groups"];
-
   // groups arriving as array of strings indicate there is no scope set in oidc privider
   // to assign teams and keep admin privileges
   // data needs to be treated  differently.
@@ -105,6 +104,9 @@ OAuth.registerService('oidc', 2, null, function (query) {
       }
     });
   }
+
+  Meteor.call('groupRoutineOnLogin',serviceData, serviceData.id);
+
   return {
     serviceData: serviceData,
     options: { profile: profile }
@@ -285,9 +287,9 @@ Meteor.methods({
     var propagateOidcData = process.env.PROPAGATE_OIDC_DATA || false;
     if (propagateOidcData)
     {
-
       users= Meteor.users;
-      user = users.findOne({'_id':  userId});
+      user = users.findOne({'services.oidc.id':  userId});
+
       if(user)
       {
         //updates/creates Groups and user admin privileges accordingly

From 1914422181421c50d28a5c7decb5943b6c2713f3 Mon Sep 17 00:00:00 2001
From: viehlieb <pf@pragma-shift.net>
Date: Fri, 23 Dec 2022 11:48:30 +0100
Subject: [PATCH 2/2] remove Meteor call for starting group routine onLogin -
 since hook is not called

---
 packages/wekan-accounts-lockout/src/knownUser.js | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/packages/wekan-accounts-lockout/src/knownUser.js b/packages/wekan-accounts-lockout/src/knownUser.js
index 9365274f8..81558e1b8 100644
--- a/packages/wekan-accounts-lockout/src/knownUser.js
+++ b/packages/wekan-accounts-lockout/src/knownUser.js
@@ -214,11 +214,6 @@ class KnownUser {
   }
 
   static onLogin(loginInfo) {
-    //get the data from oidc login and remove again?
-    if(loginInfo.type ==='oidc'){
-      Meteor.call('groupRoutineOnLogin', loginInfo.user.services.oidc, loginInfo.user._id);
-      return;
-    }
     if (loginInfo.type !== 'password') {
       return;
     }