From ae6bee7b0b13368ac5e103ea5565b665fee8049f Mon Sep 17 00:00:00 2001
From: Nikolaj Geisle <70372949+Zeegaan@users.noreply.github.com>
Date: Wed, 5 Oct 2022 07:19:22 +0100
Subject: [PATCH] V10: Dont delete member on failed autolink (#12996)

* Disapprove member instead of delete if failed autolink

* Update to not disable the member when external login fails, but move the logic to protected method, to make it easy to extend.

Co-authored-by: Zeegaan <nge@umbraco.dk>
Co-authored-by: Bjarke Berg <mail@bergmania.dk>
---
 .../Security/MemberSignInManager.cs           | 23 ++++++++-----------
 1 file changed, 10 insertions(+), 13 deletions(-)

diff --git a/src/Umbraco.Web.Common/Security/MemberSignInManager.cs b/src/Umbraco.Web.Common/Security/MemberSignInManager.cs
index a624129bab..4517a0d865 100644
--- a/src/Umbraco.Web.Common/Security/MemberSignInManager.cs
+++ b/src/Umbraco.Web.Common/Security/MemberSignInManager.cs
@@ -303,19 +303,16 @@ public class MemberSignInManager : UmbracoSignInManager<MemberIdentityUser>, IMe
             return await SignInOrTwoFactorAsync(autoLinkUser, false, loginInfo.LoginProvider);
         }
 
-        // If this fails, we should really delete the user since it will be in an inconsistent state!
-        IdentityResult? deleteResult = await UserManager.DeleteAsync(autoLinkUser);
-        if (deleteResult.Succeeded)
-        {
-            var errors = linkResult.Errors.Select(x => x.Description).ToList();
-            return AutoLinkSignInResult.FailedLinkingUser(errors);
-        }
-        else
-        {
-            // DOH! ... this isn't good, combine all errors to be shown
-            var errors = linkResult.Errors.Concat(deleteResult.Errors).Select(x => x.Description).ToList();
-            return AutoLinkSignInResult.FailedLinkingUser(errors);
-        }
+        // If this fails, we should disapprove the member,as it is now in an inconsistent state.
+        return await HandleFailedLinkingUser(autoLinkUser, linkResult);
+    }
+
+    protected Task<AutoLinkSignInResult> HandleFailedLinkingUser(MemberIdentityUser autoLinkUser, IdentityResult linkResult)
+    {
+        var errors = linkResult.Errors.Select(x => x.Description).ToList();
+
+        Logger.LogError("Failed to external link user. The following errors happened: {errors}", errors);
+        return Task.FromResult(AutoLinkSignInResult.FailedLinkingUser(errors));
     }
 
     private void LogFailedExternalLogin(ExternalLoginInfo loginInfo, MemberIdentityUser user) =>