From 67b917db136e8e29ace87074dcaeb1ff658eba1e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javi=20Mart=C3=ADn?= Date: Mon, 10 Oct 2022 16:07:57 +0200 Subject: [PATCH] Fix verified check when signing in with Google The Google response contains an `email_verified` field instead of a `verified_email` field, and so we weren't treating verified Google accounts as verified. --- app/models/user.rb | 3 ++- spec/system/users_auth_spec.rb | 25 +++++++++++++++++++++++++ 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/app/models/user.rb b/app/models/user.rb index 31d85328e..d19072fe5 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -131,7 +131,8 @@ class User < ApplicationRecord # Get the existing user by email if the provider gives us a verified email. def self.first_or_initialize_for_oauth(auth) oauth_email = auth.info.email - oauth_email_confirmed = oauth_email.present? && (auth.info.verified || auth.info.verified_email) + oauth_verified = auth.info.verified || auth.info.verified_email || auth.info.email_verified + oauth_email_confirmed = oauth_email.present? && oauth_verified oauth_user = User.find_by(email: oauth_email) if oauth_email_confirmed oauth_user || User.new( diff --git a/spec/system/users_auth_spec.rb b/spec/system/users_auth_spec.rb index 3180c6e57..8a4b93497 100644 --- a/spec/system/users_auth_spec.rb +++ b/spec/system/users_auth_spec.rb @@ -479,6 +479,31 @@ describe "Users" do end end + context "Google" do + let(:google_hash) do + { + uid: "12345", + info: { + name: "manuela", + email: "manuelacarmena@example.com", + email_verified: "1" + } + } + end + + before { Setting["feature.google_login"] = true } + + scenario "Sign in with an already registered user using a verified google account" do + OmniAuth.config.add_mock(:google_oauth2, google_hash) + create(:user, username: "manuela", email: "manuelacarmena@example.com") + + visit new_user_session_path + click_link "Sign in with Google" + + expect_to_be_signed_in + end + end + context "Wordpress" do let(:wordpress_hash) do {