From 9519d55332a1f22891e5ad8a1de1d2ba027bafc7 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Fri, 25 Jan 2019 12:36:54 +0100 Subject: [PATCH] Fix SSO authentication not working due to missing agreement boolean (#9915) Fix #9906 --- app/models/concerns/omniauthable.rb | 1 + app/models/user.rb | 2 ++ 2 files changed, 3 insertions(+) diff --git a/app/models/concerns/omniauthable.rb b/app/models/concerns/omniauthable.rb index f263fe7af0..4dd2e9383c 100644 --- a/app/models/concerns/omniauthable.rb +++ b/app/models/concerns/omniauthable.rb @@ -63,6 +63,7 @@ module Omniauthable { email: email || "#{TEMP_EMAIL_PREFIX}-#{auth.uid}-#{auth.provider}.com", password: Devise.friendly_token[0, 20], + agreement: true, account_attributes: { username: ensure_unique_username(auth.uid), display_name: display_name, diff --git a/app/models/user.rb b/app/models/user.rb index 5aa5c2b15c..fdd2741c1d 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -295,6 +295,7 @@ class User < ApplicationRecord def self.pam_get_user(attributes = {}) return nil unless attributes[:email] + resource = if Devise.check_at_sign && !attributes[:email].index('@') joins(:account).find_by(accounts: { username: attributes[:email] }) @@ -304,6 +305,7 @@ class User < ApplicationRecord if resource.blank? resource = new(email: attributes[:email], agreement: true) + if Devise.check_at_sign && !resource[:email].index('@') resource[:email] = Rpam2.getenv(resource.find_pam_service, attributes[:email], attributes[:password], 'email', false) resource[:email] = "#{attributes[:email]}@#{resource.find_pam_suffix}" unless resource[:email]