FIX: When creating a SSO user via sync, do not user the IP address.

app/controllers/admin/users_controller.rb

@@ -273,7 +273,7 @@ class Admin::UsersController < Admin::AdminController
     return render nothing: true, status: 404 unless SiteSetting.enable_sso
 
     sso = DiscourseSingleSignOn.parse("sso=#{params[:sso]}&sig=#{params[:sig]}")
-    user = sso.lookup_or_create_user(request.remote_ip)
+    user = sso.lookup_or_create_user
 
     render_serialized(user, AdminDetailedUserSerializer, root: false)
   end

app/models/discourse_single_sign_on.rb

@@ -42,7 +42,7 @@ class DiscourseSingleSignOn < SingleSignOn
     "SSO_NONCE_#{nonce}"
   end
 
-  def lookup_or_create_user(ip_address)
+  def lookup_or_create_user(ip_address=nil)
     sso_record = SingleSignOnRecord.find_by(external_id: external_id)
 
     if sso_record && user = sso_record.user

spec/controllers/admin/users_controller_spec.rb

@@ -499,7 +499,7 @@ describe Admin::UsersController do
     sso.external_id = "1"
 
     user = DiscourseSingleSignOn.parse(sso.payload)
-                                .lookup_or_create_user('127.0.0.1')
+                                .lookup_or_create_user
 
 
     sso.name = "Bill"
@@ -514,6 +514,20 @@ describe Admin::UsersController do
     expect(user.name).to eq("Bill")
     expect(user.username).to eq("Hokli")
 
+    # It can also create new users
+    sso = SingleSignOn.new
+    sso.sso_secret = "sso secret"
+    sso.name = "Dr. Claw"
+    sso.username = "dr_claw"
+    sso.email = "dr@claw.com"
+    sso.external_id = "2"
+    xhr :post, :sync_sso, Rack::Utils.parse_query(sso.payload)
+    expect(response).to be_success
+
+    user = User.where(email: 'dr@claw.com').first
+    expect(user).to be_present
+    expect(user.ip_address).to be_blank
+
   end
 
 end