From a4eac000c475bc2dd1d69bd6c54dbcdd418ce504 Mon Sep 17 00:00:00 2001 From: Juan Antonio Osorio Date: Thu, 8 Feb 2024 16:00:50 +0100 Subject: [PATCH] Fix user deletion logic (first minder then keycloak) This changes the user deletion logic to first delete a user and the relevant project information in minder and only after that doing the deletion in keycloak. This would address issues where the deletion gets interrupted thus leaving a user's project in minder whereas keycloak would provision an entirely new user. --- internal/controlplane/handlers_user.go | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/internal/controlplane/handlers_user.go b/internal/controlplane/handlers_user.go index 64f2a9738e..113576099b 100644 --- a/internal/controlplane/handlers_user.go +++ b/internal/controlplane/handlers_user.go @@ -141,6 +141,11 @@ func (s *Server) DeleteUser(ctx context.Context, return nil, status.Errorf(codes.Internal, "failed to parse issuer URL: %v", err) } + err = DeleteUser(ctx, s.store, s.authzClient, subject) + if err != nil { + return nil, status.Errorf(codes.Internal, "failed to delete user from database: %v", err) + } + tokenUrl := parsedURL.JoinPath("realms/stacklok/protocol/openid-connect/token") clientSecret, err := s.cfg.Identity.Server.GetClientSecret() @@ -176,11 +181,6 @@ func (s *Server) DeleteUser(ctx context.Context, return nil, status.Errorf(codes.Internal, "unexpected status code when deleting account: %d", resp.StatusCode) } - err = DeleteUser(ctx, s.store, s.authzClient, subject) - if err != nil { - return nil, status.Errorf(codes.Internal, "failed to delete user from database: %v", err) - } - return &pb.DeleteUserResponse{}, nil }