From 2cbecaa55287b4e9d95d8c6dca217a8a77920bb0 Mon Sep 17 00:00:00 2001
From: wh1te909 <7434746+wh1te909@users.noreply.github.com>
Date: Wed, 30 Oct 2024 05:13:35 +0000
Subject: [PATCH] don't show providers list on login screen if sso is disabled
 globally

---
 api/tacticalrmm/ee/sso/adapter.py | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/api/tacticalrmm/ee/sso/adapter.py b/api/tacticalrmm/ee/sso/adapter.py
index d649ab34..8937f0eb 100644
--- a/api/tacticalrmm/ee/sso/adapter.py
+++ b/api/tacticalrmm/ee/sso/adapter.py
@@ -6,21 +6,35 @@ For details, see: https://license.tacticalrmm.com/ee
 
 from allauth.socialaccount.adapter import DefaultSocialAccountAdapter
 from allauth.socialaccount.models import SocialApp
+from django.core.exceptions import PermissionDenied
 
 from accounts.models import Role
+from core.utils import token_is_valid
+from tacticalrmm.logger import logger
+from tacticalrmm.utils import get_core_settings
 
 
 class TacticalSocialAdapter(DefaultSocialAccountAdapter):
 
     def populate_user(self, request, sociallogin, data):
+        _, valid = token_is_valid()
+        if not valid:
+            raise PermissionDenied()
 
         user = super().populate_user(request, sociallogin, data)
         try:
             provider = sociallogin.account.get_provider()
             provider_settings = SocialApp.objects.get(provider_id=provider).settings
             user.role = Role.objects.get(pk=provider_settings["role"])
-        except:
-            print(
+        except Exception:
+            logger.debug(
                 "Provider settings or Role not found. Continuing with blank permissions."
             )
         return user
+
+    def list_providers(self, request):
+        core_settings = get_core_settings()
+        if not core_settings.sso_enabled:
+            return []
+
+        return super().list_providers(request)