1 files changed, 42 insertions, 10 deletions
diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php
index 8809a0c6b4..93419d2915 100644
--- a/phpBB/phpbb/auth/provider/oauth/oauth.php
+++ b/phpBB/phpbb/auth/provider/oauth/oauth.php
@@ -191,7 +191,7 @@ class oauth extends \phpbb\auth\provider\base
 			return $provider->login($username, $password);
 		}
 
-		// Requst the name of the OAuth service
+		// Request the name of the OAuth service
 		$service_name_original = $this->request->variable('oauth_service', '', false);
 		$service_name = 'auth.provider.oauth.service.' . strtolower($service_name_original);
 		if ($service_name_original === '' || !array_key_exists($service_name, $this->service_providers))
@@ -221,24 +221,33 @@ class oauth extends \phpbb\auth\provider\base
 				'provider'	=> $service_name_original,
 				'oauth_provider_id'	=> $unique_id
 			);
+
 			$sql = 'SELECT user_id FROM ' . $this->auth_provider_oauth_token_account_assoc . '
 				WHERE ' . $this->db->sql_build_array('SELECT', $data);
 			$result = $this->db->sql_query($sql);
 			$row = $this->db->sql_fetchrow($result);
 			$this->db->sql_freeresult($result);
 
+			$redirect_data = array(
+				'auth_provider'				=> 'oauth',
+				'login_link_oauth_service'	=> $service_name_original,
+			);
+
 			/**
 			* Event is triggered before check if provider is already associated with an account
 			*
 			* @event core.oauth_login_after_check_if_provider_id_has_match
-			* @var	array									row		User row
-			* @var	array									data	Provider data
-			* @var	\OAuth\Common\Service\ServiceInterface	service	OAuth service
+			* @var	array									row				User row
+			* @var	array									data			Provider data
+			* @var	array									redirect_data	Data to be appended to the redirect url
+			* @var	\OAuth\Common\Service\ServiceInterface	service			OAuth service
 			* @since 3.2.3-RC1
+			* @changed 3.2.6-RC1 Added redirect_data
 			*/
 			$vars = array(
 				'row',
 				'data',
+				'redirect_data',
 				'service',
 			);
 			extract($this->dispatcher->trigger_event('core.oauth_login_after_check_if_provider_id_has_match', compact($vars)));
@@ -250,10 +259,7 @@ class oauth extends \phpbb\auth\provider\base
 					'status'		=> LOGIN_SUCCESS_LINK_PROFILE,
 					'error_msg'		=> 'LOGIN_OAUTH_ACCOUNT_NOT_LINKED',
 					'user_row'		=> array(),
-					'redirect_data'	=> array(
-						'auth_provider'				=> 'oauth',
-						'login_link_oauth_service'	=> $service_name_original,
-					),
+					'redirect_data'	=> $redirect_data,
 				);
 			}
 
@@ -270,11 +276,36 @@ class oauth extends \phpbb\auth\provider\base
 				throw new \Exception('AUTH_PROVIDER_OAUTH_ERROR_INVALID_ENTRY');
 			}
 
+			/**
+			 * Check if the user is banned.
+			 * The fourth parameter, return, has to be true,
+			 * otherwise the OAuth login is still called and
+			 * an uncaught exception is thrown as there is no
+			 * token stored in the database.
+			 */
+			$ban = $this->user->check_ban($row['user_id'], $row['user_ip'], $row['user_email'], true);
+			if (!empty($ban))
+			{
+				$till_date = !empty($ban['ban_end']) ? $this->user->format_date($ban['ban_end']) : '';
+				$message = !empty($ban['ban_end']) ? 'BOARD_BAN_TIME' : 'BOARD_BAN_PERM';
+
+				$contact_link = phpbb_get_board_contact_link($this->config, $this->phpbb_root_path, $this->php_ext);
+				$message = $this->user->lang($message, $till_date, '<a href="' . $contact_link . '">', '</a>');
+				$message .= !empty($ban['ban_give_reason']) ? '<br /><br />' . $this->user->lang('BOARD_BAN_REASON', $ban['ban_give_reason']) : '';
+				$message .= !empty($ban['ban_triggered_by']) ? '<br /><br /><em>' . $this->user->lang('BAN_TRIGGERED_BY_' . strtoupper($ban['ban_triggered_by'])) . '</em>' : '';
+
+				return array(
+					'status'	=> LOGIN_BREAK,
+					'error_msg'	=> $message,
+					'user_row'	=> $row,
+				);
+			}
+
 			// Update token storage to store the user_id
 			$storage->set_user_id($row['user_id']);
 
 			/**
-			* Event is triggered after user is successfuly logged in via OAuth.
+			* Event is triggered after user is successfully logged in via OAuth.
 			*
 			* @event core.auth_oauth_login_after
 			* @var    array    row    User row
@@ -674,6 +705,7 @@ class oauth extends \phpbb\auth\provider\base
 						'oauth_service' => $actual_name,
 					),
 
+					'SERVICE_ID'	=> $actual_name,
 					'SERVICE_NAME'	=> $this->user->lang['AUTH_PROVIDER_OAUTH_SERVICE_' . strtoupper($actual_name)],
 					'UNIQUE_ID'		=> (isset($oauth_user_ids[$actual_name])) ? $oauth_user_ids[$actual_name] : null,
 				);
@@ -707,7 +739,7 @@ class oauth extends \phpbb\auth\provider\base
 				AND user_id = " . (int) $user_id;
 		$this->db->sql_query($sql);
 
-		// Clear all tokens belonging to the user on this servce
+		// Clear all tokens belonging to the user on this service
 		$service_name = 'auth.provider.oauth.service.' . strtolower($link_data['oauth_service']);
 		$storage = new \phpbb\auth\provider\oauth\token_storage($this->db, $this->user, $this->auth_provider_oauth_token_storage_table, $this->auth_provider_oauth_state_table);
 		$storage->clearToken($service_name);