Skip to content
Snippets Groups Projects
Unverified Commit 6b46931e authored by Ahmad Farhat's avatar Ahmad Farhat Committed by GitHub
Browse files

Make changes to openid_connect uid field (#5523)

* Make changes to openid_connect uid field

* Clean up
parent 233d836e
No related branches found
No related tags found
No related merge requests found
...@@ -70,7 +70,7 @@ Metrics/ClassLength: ...@@ -70,7 +70,7 @@ Metrics/ClassLength:
# A calculated magnitude based on number of assignments, # A calculated magnitude based on number of assignments,
# branches, and conditions. # branches, and conditions.
Metrics/AbcSize: Metrics/AbcSize:
Max: 65 Max: 75
Metrics/ParameterLists: Metrics/ParameterLists:
CountKeywordArgs: false CountKeywordArgs: false
...@@ -82,7 +82,7 @@ Metrics/CyclomaticComplexity: ...@@ -82,7 +82,7 @@ Metrics/CyclomaticComplexity:
Max: 16 Max: 16
Metrics/PerceivedComplexity: Metrics/PerceivedComplexity:
Max: 15 Max: 17
Rails/Exit: Rails/Exit:
Exclude: Exclude:
......
...@@ -16,8 +16,6 @@ ...@@ -16,8 +16,6 @@
# frozen_string_literal: true # frozen_string_literal: true
# rubocop:disable Metrics/PerceivedComplexity
module Api module Api
module V1 module V1
module Migrations module Migrations
...@@ -276,4 +274,3 @@ module Api ...@@ -276,4 +274,3 @@ module Api
end end
end end
end end
# rubocop:enable Metrics/PerceivedComplexity
...@@ -30,7 +30,15 @@ class ExternalController < ApplicationController ...@@ -30,7 +30,15 @@ class ExternalController < ApplicationController
user_info = build_user_info(credentials) user_info = build_user_info(credentials)
user = User.find_by(external_id: credentials['uid'], provider:) || User.find_by(email: credentials['info']['email'], provider:) user = User.find_by(external_id: credentials['uid'], provider:)
# Fallback mechanism to search by email
if user.blank?
user = User.find_by(email: credentials['info']['email'], provider:)
# Update the user's external id to the latest value to avoid using the fallback
user.update(external_id: credentials['uid']) if user.present? && credentials['uid'].present?
end
new_user = user.blank? new_user = user.blank?
registration_method = SettingGetter.new(setting_name: 'RegistrationMethod', provider: current_provider).call registration_method = SettingGetter.new(setting_name: 'RegistrationMethod', provider: current_provider).call
......
...@@ -29,7 +29,7 @@ Rails.application.config.middleware.use OmniAuth::Builder do ...@@ -29,7 +29,7 @@ Rails.application.config.middleware.use OmniAuth::Builder do
env['omniauth.strategy'].options[:issuer] = issuer_url env['omniauth.strategy'].options[:issuer] = issuer_url
env['omniauth.strategy'].options[:scope] = %i[openid email profile] env['omniauth.strategy'].options[:scope] = %i[openid email profile]
env['omniauth.strategy'].options[:uid_field] = ENV.fetch('OPENID_CONNECT_UID_FIELD', 'preferred_username') env['omniauth.strategy'].options[:uid_field] = ENV.fetch('OPENID_CONNECT_UID_FIELD', 'sub')
env['omniauth.strategy'].options[:discovery] = true env['omniauth.strategy'].options[:discovery] = true
env['omniauth.strategy'].options[:client_options].identifier = ENV.fetch('OPENID_CONNECT_CLIENT_ID') env['omniauth.strategy'].options[:client_options].identifier = ENV.fetch('OPENID_CONNECT_CLIENT_ID')
env['omniauth.strategy'].options[:client_options].secret = secret env['omniauth.strategy'].options[:client_options].secret = secret
...@@ -46,7 +46,7 @@ Rails.application.config.middleware.use OmniAuth::Builder do ...@@ -46,7 +46,7 @@ Rails.application.config.middleware.use OmniAuth::Builder do
provider :openid_connect, provider :openid_connect,
issuer:, issuer:,
scope: %i[openid email profile], scope: %i[openid email profile],
uid_field: ENV.fetch('OPENID_CONNECT_UID_FIELD', 'preferred_username'), uid_field: ENV.fetch('OPENID_CONNECT_UID_FIELD', 'sub'),
discovery: true, discovery: true,
client_options: { client_options: {
identifier: ENV.fetch('OPENID_CONNECT_CLIENT_ID'), identifier: ENV.fetch('OPENID_CONNECT_CLIENT_ID'),
......
...@@ -44,6 +44,7 @@ REDIS_URL= ...@@ -44,6 +44,7 @@ REDIS_URL=
#OPENID_CONNECT_CLIENT_SECRET= #OPENID_CONNECT_CLIENT_SECRET=
#OPENID_CONNECT_ISSUER= #OPENID_CONNECT_ISSUER=
#OPENID_CONNECT_REDIRECT= #OPENID_CONNECT_REDIRECT=
#OPENID_CONNECT_UID_FIELD=
# To enable hCaptcha on the user sign up and sign in, define these 2 keys # To enable hCaptcha on the user sign up and sign in, define these 2 keys
#HCAPTCHA_SITE_KEY= #HCAPTCHA_SITE_KEY=
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment