Content
Bug OP-9005: Expired enterprise edition locking users out of OpenProject and all enterprise features
View differences
Updated by Markus Kahl over 4 years ago
### **Environment**:
Your OpenProject Version: 11.3
### **Steps to reproduce:**
1. Activate Enterprise Edition
2. Setup OpenID Connect provider (e.g. Google)
3. Use that provider to login with all users
4. Update EE token with expired one
5. Log out
6. Be locked out, since OpenID Connect providers are now disabled
### **Actual Behavior**
Users can't login in anymore, say, to **update the enterprise token**.
### **Expected Behavior**
Users should still be able to login, at least for a certain amount of time after the token has expired.
## Implications
Being locked out of OpenProject is merely the worst of the consequences. But at the same time, this also **disables all Enterprise features** in general. So even if not logged out it may render OpenProject unusable for the intended purposes.
Your OpenProject Version: 11.3
### **Steps to reproduce:**
1. Activate Enterprise Edition
2. Setup OpenID Connect provider (e.g. Google)
3. Use that provider to login with all users
4. Update EE token with expired one
5. Log out
6. Be locked out, since OpenID Connect providers are now disabled
### **Actual Behavior**
Users can't login in anymore, say, to **update the enterprise token**.
### **Expected Behavior**
Users should still be able to login, at least for a certain amount of time after the token has expired.
## Implications
Being locked out of OpenProject is merely the worst of the consequences. But at the same time, this also **disables all Enterprise features** in general. So even if not logged out it may render OpenProject unusable for the intended purposes.