diff --git a/controller/EmbeddedNetworkController.cpp b/controller/EmbeddedNetworkController.cpp index d228a3685..9a4a09844 100644 --- a/controller/EmbeddedNetworkController.cpp +++ b/controller/EmbeddedNetworkController.cpp @@ -1361,14 +1361,13 @@ void EmbeddedNetworkController::_request( bool networkSSOEnabled = OSUtils::jsonBool(network["ssoEnabled"], false); bool memberSSOExempt = OSUtils::jsonBool(member["ssoExempt"], false); std::string authenticationURL; - if (networkSSOEnabled && !memberSSOExempt) { authenticationURL = _db.getSSOAuthURL(member, _ssoRedirectURL); std::string memberId = member["id"]; fprintf(stderr, "ssoEnabled && !ssoExempt %s-%s\n", nwids, memberId.c_str()); uint64_t authenticationExpiryTime = (int64_t)OSUtils::jsonInt(member["authenticationExpiryTime"], 0); fprintf(stderr, "authExpiryTime: %lld\n", authenticationExpiryTime); - if (authenticationExpiryTime >= now) { + if (authenticationExpiryTime < now) { if (!authenticationURL.empty()) { Dictionary<3072> authInfo; authInfo.add("aU", authenticationURL.c_str()); @@ -1376,8 +1375,8 @@ void EmbeddedNetworkController::_request( DB::cleanMember(member); _db.save(member,true); _sender->ncSendError(nwid,requestPacketId,identity.address(),NetworkController::NC_ERROR_AUTHENTICATION_REQUIRED, authInfo.data(), authInfo.sizeBytes()); + return; } - return; } else if (authorized) { _db.memberWillExpire(authenticationExpiryTime, nwid, identity.address().toInt()); }