Deleting a SSO-generated user from Jellyfin prevents account from working

[jmuchovej]

Describe the bug
After creating a user using SSO, if that user is deleted, they can no longer login (even if they still have permissive access – i.e., are still allowed to access Jellyfin per roles).

To Reproduce
Steps to reproduce the behavior:

1. Setup Jellyfin SSO in the usual way.
2. Login using an SSO account.
3. As the Jellyfin admin (non-SSO account), delete the newly added SSO user.
4. Attempt to sign-in using the same SSO account.

Expected behavior
Their account would be reinstated or a new one would be created with the proper attributes.

Additional context
Much of the discussion starting at my first post in #96 could be relevant.

[basbebe]

To add in here:
For me, those users will still be able to login via LDAP.
A new account will be generated but those users will not be able to login via SSO anymore.

[basbebe]

Is there a way to 'reset' those connections without purging / reinstalling Jellyfin?

[9p4]

Yes. If you stop Jellyfin, edit the plugin configuration file config/plugins/configurations/SSO-Auth.xml and remove the item from CanonicalLinks that you want to reset and start the Jellyfin server again, that should remove the link.

[basbebe]

I deleted all entries within CanonicalLinks which resulted in not being to login as any user via SSO and the provider had disappeared from the settings.
I reentered the provider and now everything works again.

[xNinjaKittyx]

If anyone runs into this again, when you remove CanonicalLinks and you don't have any entries left, make sure it's not

<CanonicalLinks>
</CanonicalLinks>

and instead you use

<CanonicalLinks />

Otherwise your entire configuration is going to get wiped and you'll have to fill it out again.

[9p4]

That's really weird and also probably Jellyfin's fault, as we use their serializer for most of the XML stuff.