Merge pull request dbeaver#1094 from dbeaver/CB-2386-cb-aws-the-changed-admin-in-the-easy-config-lost-the-admin-role-after-another-user-login

CB-2386 fix multi auth in easy config

Author: alexander-skoblikov

server/bundles/io.cloudbeaver.model/src/io/cloudbeaver/model/session/WebSessionAuthProcessor.java

@@ -82,9 +82,15 @@ public List<WebAuthInfo> authenticateSession() throws DBException {
     @SuppressWarnings("unchecked")
     private List<WebAuthInfo> finishWebSessionAuthorization(SMAuthInfo authInfo) throws DBException {
         boolean configMode = WebAppUtils.getWebApplication().isConfigurationMode();
-        boolean resetUserStateOnError = webSession.getUser() == null;
+        boolean alreadyLoggedIn = webSession.getUser() != null;
+        boolean resetUserStateOnError = !alreadyLoggedIn;
 
         try {
+            if (configMode && alreadyLoggedIn) {
+                for (String providerId : authInfo.getAuthData().keySet()) {
+                    webSession.removeAuthInfo(providerId);
+                }
+            }
             webSession.updateSMAuthInfo(authInfo);
             WebUser curUser = webSession.getUser();
             if (curUser == null) {
@@ -117,18 +123,11 @@ private List<WebAuthInfo> finishWebSessionAuthorization(SMAuthInfo authInfo) thr
                 }
 
                 SMSession authSession;
-                if (configMode) {
-                    if (webSession.getUser() != null) {
-                        // Already logged in - remove auth token
-                        webSession.removeAuthInfo(providerId);
-                        webSession.resetAuthToken();
-                    }
-                } else {
-                    if (authProviderExternal != null) {
-                        // We may need to associate new credentials with active user
-                        if (linkWithActiveUser) {
-                            securityController.setUserCredentials(userId, authProviderDescriptor.getId(), userCredentials);
-                        }
+
+                if (authProviderExternal != null && !configMode && !alreadyLoggedIn) {
+                    // We may need to associate new credentials with active user
+                    if (linkWithActiveUser) {
+                        securityController.setUserCredentials(userId, authProviderDescriptor.getId(), userCredentials);
                     }
                 }
 

server/bundles/io.cloudbeaver.service.auth/src/io/cloudbeaver/service/auth/impl/WebServiceAuthImpl.java

@@ -66,7 +66,10 @@ public WebAuthStatus authLogin(
             authParameters = Map.of();
         }
         SMController securityController = webSession.getSecurityController();
-        String currentSmSessionId = webSession.getUser() == null ? null : webSession.getUserContext().getSmSessionId();
+        String currentSmSessionId = (webSession.getUser() == null || CBApplication.getInstance().isConfigurationMode())
+            ? null
+            : webSession.getUserContext().getSmSessionId();
+
         try {
             var smAuthInfo = securityController.authenticate(
                 webSession.getSessionId(),