When using a module like simpleSAMLphp Authentication to authenticate users and the option Force password change on first-time login is enabled, users are asked to update their password even when there's no way for them to do that.
Ignore those users completely since they are not using passwords in Drupal, so there's no password field for them to update.
Needs review
2.0
Code
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
In our use case, we have configured the simplesamlphp_auth module with an exception for it to allow local login for some roles and some User IDs. So I have added a check for if simplesamlphp_auth module exists to then ignore SSO users i.e. only force password change for users configured for local login. Patch is attached.