From 635ccae144fea1e5ac934219629f87777a046d8b Mon Sep 17 00:00:00 2001
From: Stian Thorgersen <stianst@gmail.com>
Date: Mon, 8 Feb 2016 19:51:21 +0100
Subject: [PATCH] KEYCLOAK-2429 Disabled Google Identity Provider still kicks
 in when 'Authenticate by default' is enabled

---
 .../java/org/keycloak/protocol/AuthorizationEndpointBase.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/services/src/main/java/org/keycloak/protocol/AuthorizationEndpointBase.java b/services/src/main/java/org/keycloak/protocol/AuthorizationEndpointBase.java
index d5d2ccbc63..bfbf7a1468 100755
--- a/services/src/main/java/org/keycloak/protocol/AuthorizationEndpointBase.java
+++ b/services/src/main/java/org/keycloak/protocol/AuthorizationEndpointBase.java
@@ -98,7 +98,7 @@ public abstract class AuthorizationEndpointBase {
 
         List<IdentityProviderModel> identityProviders = realm.getIdentityProviders();
         for (IdentityProviderModel identityProvider : identityProviders) {
-            if (identityProvider.isAuthenticateByDefault()) {
+            if (identityProvider.isEnabled() && identityProvider.isAuthenticateByDefault()) {
                 // TODO if we are isPassive we should propagate this flag to default identity provider also if possible
                 return buildRedirectToIdentityProvider(identityProvider.getAlias(), new ClientSessionCode(realm, clientSession).getCode());
             }