chicken or egg problem.

member must exist in the database before we can generate a nonce & SSO URL

controller/EmbeddedNetworkController.cpp

@@ -1338,12 +1338,10 @@ void EmbeddedNetworkController::_request(
 		int64_t authenticationExpiryTime = (int64_t)OSUtils::jsonInt(member["authenticationExpiryTime"], 0);
 		fprintf(stderr, "authExpiryTime: %lld\n", authenticationExpiryTime);
 		if ((authenticationExpiryTime == 0) || (authenticationExpiryTime < now)) {
-
-			Dictionary<1024> authInfo;
 			std::string authenticationURL = _db.getSSOAuthURL(member);
 			if (!authenticationURL.empty()) {
+				Dictionary<1024> authInfo;
 				authInfo.add("aU", authenticationURL.c_str());
-			}
 				fprintf(stderr, "sending auth URL: %s\n", authenticationURL.c_str());
 				DB::cleanMember(member);
 				_db.save(member,true);
@@ -1351,6 +1349,7 @@ void EmbeddedNetworkController::_request(
 				return;
 			}
 		}
+	}
 
 	if (authorized) {
 		// Update version info and meta-data if authorized and if this is a genuine request

controller/PostgreSQL.cpp

@@ -330,6 +330,9 @@ std::string PostgreSQL::getSSOAuthURL(const nlohmann::json &member)
 
 		std::string nonce = "";
 
+		// check if the member exists first.
+		pqxx::row count = w.exec_params1("SELECT count(id) FROM ztc_member WHERE id = $1 AND network_id = $2", memberId, networkId);
+		if (count[0].as<int>() == 1) {
 			// find an unused nonce, if one exists.
 			pqxx::result r = w.exec_params("SELECT nonce FROM ztc_sso_expiry "
 				"WHERE network_id = $1 AND member_id = $2 "
@@ -389,11 +392,11 @@ std::string PostgreSQL::getSSOAuthURL(const nlohmann::json &member)
 					state_hex,
 					client_id.c_str());
 			} 
+		}
 
 		_pool->unborrow(c);
 	} catch (std::exception &e) {
 		fprintf(stderr, "ERROR: Error updating member on load: %s\n", e.what());
-		exit(-1);
 	}
 
 	return std::string(authenticationURL);