Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

social auth: Validate email in backends without get_verified_emails. 

If the social backend doesn't have get_verified_emails emails, and we
simply grab kwargs["details"].get("email") for the email, we should
still validate it is correct.
Needed for SAML. This will get covered by tests in upcoming commits that
add SAML support.
This commit is contained in:
Mateusz Mandera 2019-09-28 01:51:36 +02:00 committed by Tim Abbott
parent 7171a0a842
commit 82f923c27a
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
zproject/backends.py
View File

@ -725,8 +725,12 @@ def social_associate_user_helper(backend: BaseAuth, return_data: Dict[str, Any],
return None return None
validated_email = chosen_email validated_email = chosen_email
else: # nocoverage else:
# This code path isn't used by GitHubAuthBackend try:
validate_email(kwargs["details"].get("email"))
except ValidationError:
return_data['invalid_email'] = True
return None
validated_email = kwargs["details"].get("email") validated_email = kwargs["details"].get("email")
if not validated_email: # nocoverage if not validated_email: # nocoverage