From c5d26992d48f686e6623fd78a3a065890d1fe07c Mon Sep 17 00:00:00 2001 From: Vinoth Kannan Date: Mon, 19 Mar 2018 17:10:35 +0530 Subject: [PATCH] Prefer to use primary email for new user creation over other available emails --- lib/auth/github_authenticator.rb | 2 ++ .../auth/github_authenticator_spec.rb | 26 +++++++++++++++++++ 2 files changed, 28 insertions(+) diff --git a/lib/auth/github_authenticator.rb b/lib/auth/github_authenticator.rb index 9c9d5f3c184..fa274b4e935 100644 --- a/lib/auth/github_authenticator.rb +++ b/lib/auth/github_authenticator.rb @@ -47,6 +47,8 @@ class Auth::GithubAuthenticator < Auth::Authenticator # Potentially use *any* of the emails from GitHub to find a match or # register a new user, with preference given to the primary email. all_emails = Array.new(auth_token[:extra][:all_emails]) + primary = all_emails.detect { |email| email[:primary] && email[:verified] } + all_emails.unshift(primary) if primary.present? # Only consider verified emails to match an existing user. We don't want # someone to be able to create a GitHub account with an unverified email diff --git a/spec/components/auth/github_authenticator_spec.rb b/spec/components/auth/github_authenticator_spec.rb index a80ee855566..02bcb987c77 100644 --- a/spec/components/auth/github_authenticator_spec.rb +++ b/spec/components/auth/github_authenticator_spec.rb @@ -57,6 +57,32 @@ describe Auth::GithubAuthenticator do expect(result.email_valid).to eq(true) end + it 'should use primary email for new user creation over other available emails' do + hash = { + extra: { + all_emails: [{ + email: "bob@example.com", + primary: false, + verified: true, + }, { + email: "john@example.com", + primary: true, + verified: true, + }] + }, + info: { + email: "john@example.com", + nickname: "john", + name: "John Bob", + }, + uid: "100" + } + + result = authenticator.after_authenticate(hash) + + expect(result.email).to eq("john@example.com") + end + it 'will not authenticate for already existing users with an unverified email' do hash = { extra: {