FIX: GitHub auth always asking to verify email for new users (#5487)

2018-01-12 09:47:29 +05:30 · 2018-01-12 09:47:29 +05:30 · 988b13ac77
parent 7e3543d96f
commit 988b13ac77
2 changed files with 3 additions and 11 deletions
--- a/lib/auth/github_authenticator.rb
+++ b/lib/auth/github_authenticator.rb
@ -42,13 +42,11 @@ class Auth::GithubAuthenticator < Auth::Authenticator
      # need to know.
      user = user_info.user
      result.email = data[:email],
-      result.email_valid = !!data[:email_verified]
+      result.email_valid = data[:email].present?
    else
      # Potentially use *any* of the emails from GitHub to find a match or
      # register a new user, with preference given to the primary email.
      all_emails = Array.new(auth_token[:extra][:all_emails])
-      all_emails.unshift(email: data[:email],
-                         verified: !!data[:email_verified])

      # Only consider verified emails to match an existing user.  We don't want
      # someone to be able to create a GitHub account with an unverified email
--- a/spec/components/auth/github_authenticator_spec.rb
+++ b/spec/components/auth/github_authenticator_spec.rb
@ -17,7 +17,6 @@ def auth_token_for(user)
    },
    info: {
      email: user.email,
-      email_verified: true,
      nickname: user.username,
      name: user.name,
      image: "https://avatars3.githubusercontent.com/u/#{user.username}",
@ -43,7 +42,6 @@ describe Auth::GithubAuthenticator do
        },
        info: {
          email: user.email,
-          email_verified: true,
          nickname: user.username,
          name: user.name,
        },
@ -70,7 +68,6 @@ describe Auth::GithubAuthenticator do
        },
        info: {
          email: user.email,
-          email_verified: false,
          nickname: user.username,
          name: user.name,
        },
@ -97,7 +94,6 @@ describe Auth::GithubAuthenticator do
        },
        info: {
          email: "person@example.com",
-          email_verified: true,
          nickname: "person",
          name: "Person Lastname",
        },
@ -110,7 +106,7 @@ describe Auth::GithubAuthenticator do
      expect(result.username).to eq(hash[:info][:nickname])
      expect(result.name).to eq(hash[:info][:name])
      expect(result.email).to eq(hash[:info][:email])
-      expect(result.email_valid).to eq(hash[:info][:email_verified])
+      expect(result.email_valid).to eq(hash[:info][:email].present?)
    end

    it 'will skip blacklisted domains for non existing users' do
@ -128,7 +124,6 @@ describe Auth::GithubAuthenticator do
        },
        info: {
          email: "not_allowed@blacklist.com",
-          email_verified: true,
          nickname: "person",
          name: "Person Lastname",
        },
@ -154,7 +149,7 @@ describe Auth::GithubAuthenticator do
            verified: true,
          }, {
            email: "not_allowed@blacklist.com",
-            primary: true,
+            primary: false,
            verified: true,
          }, {
            email: "allowed@whitelist.com",
@ -164,7 +159,6 @@ describe Auth::GithubAuthenticator do
        },
        info: {
          email: "person@example.com",
-          email_verified: true,
          nickname: "person",
          name: "Person Lastname",
        },