}
credentials = getCredentials();
// check if we have a pre authenticated login from a previous login module
final String userId;
final PreAuthenticatedLogin preAuthLogin = getSharedPreAuthLogin();
if (preAuthLogin != null) {
userId = preAuthLogin.getUserId();
} else {
userId = credentials instanceof SimpleCredentials ? ((SimpleCredentials) credentials).getUserID() : null;
}
if (userId == null && credentials == null) {
log.debug("No credentials found for external login module. ignoring.");
return false;
}
try {
SyncedIdentity sId = null;
if (userId != null) {
sId = syncHandler.findIdentity(getUserManager(), userId);
// if there exists an authorizable with the given userid but is not an external one or if it belongs to
// another IDP, we just ignore it.
if (sId != null) {
if (sId.getExternalIdRef() == null) {
log.debug("ignoring local user: {}", sId.getId());
return false;
}
if (!sId.getExternalIdRef().getProviderName().equals(idp.getName())) {
if (log.isDebugEnabled()) {
log.debug("ignoring foreign identity: {} (idp={})", sId.getExternalIdRef().getString(), idp.getName());
}
return false;
}
}
}
if (preAuthLogin != null) {
externalUser = idp.getUser(preAuthLogin.getUserId());
} else {
externalUser = idp.authenticate(credentials);
}
if (externalUser != null) {