Fix verified check when signing in with Google

The Google response contains an `email_verified` field instead of a
`verified_email` field, and so we weren't treating verified Google
accounts as verified.

app/models/user.rb

@@ -131,7 +131,8 @@ class User < ApplicationRecord
   # Get the existing user by email if the provider gives us a verified email.
   def self.first_or_initialize_for_oauth(auth)
     oauth_email           = auth.info.email
-    oauth_email_confirmed = oauth_email.present? && (auth.info.verified || auth.info.verified_email)
+    oauth_verified        = auth.info.verified || auth.info.verified_email || auth.info.email_verified
+    oauth_email_confirmed = oauth_email.present? && oauth_verified
     oauth_user            = User.find_by(email: oauth_email) if oauth_email_confirmed
 
     oauth_user || User.new(

spec/system/users_auth_spec.rb

@@ -479,6 +479,31 @@ describe "Users" do
       end
     end
 
+    context "Google" do
+      let(:google_hash) do
+        {
+          uid: "12345",
+          info: {
+            name: "manuela",
+            email: "manuelacarmena@example.com",
+            email_verified: "1"
+          }
+        }
+      end
+
+      before { Setting["feature.google_login"] = true }
+
+      scenario "Sign in with an already registered user using a verified google account" do
+        OmniAuth.config.add_mock(:google_oauth2, google_hash)
+        create(:user, username: "manuela", email: "manuelacarmena@example.com")
+
+        visit new_user_session_path
+        click_link "Sign in with Google"
+
+        expect_to_be_signed_in
+      end
+    end
+
     context "Wordpress" do
       let(:wordpress_hash) do
         {