From 9583554d446a5d7ddc20a58bd6f540c025373a85 Mon Sep 17 00:00:00 2001
From: Dinesh <chdinesh1089@gmail.com>
Date: Sat, 4 Jul 2020 17:09:01 +0000
Subject: [PATCH] auth: Add check_config for apple auth.

Apple has some other obligatory settings other than key and secret.
To handle that this commit adds a function check_config() similar
to that of SAML.
---
 zerver/views/auth.py |  8 +++++++-
 zproject/backends.py | 13 +++++++++++++
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/zerver/views/auth.py b/zerver/views/auth.py
index d27781f71a..006d33f6ee 100644
--- a/zerver/views/auth.py
+++ b/zerver/views/auth.py
@@ -61,6 +61,7 @@ from zerver.models import (
 from zerver.signals import email_on_new_login
 from zproject.backends import (
     AUTH_BACKEND_NAME_MAP,
+    AppleAuthBackend,
     ExternalAuthDataDict,
     ExternalAuthResult,
     SAMLAuthBackend,
@@ -516,8 +517,13 @@ def start_social_login(request: HttpRequest, backend: str, extra_arg: Optional[s
             return redirect_to_config_error("saml")
         extra_url_params = {'idp': extra_arg}
 
+    if backend == "apple":
+        result = AppleAuthBackend.check_config()
+        if result is not None:
+            return result
+
     # TODO: Add AzureAD also.
-    if backend in ["github", "google", "gitlab", "apple"]:
+    if backend in ["github", "google", "gitlab"]:
         key_setting = "SOCIAL_AUTH_" + backend.upper() + "_KEY"
         secret_setting = "SOCIAL_AUTH_" + backend.upper() + "_SECRET"
         if not (getattr(settings, key_setting) and getattr(settings, secret_setting)):
diff --git a/zproject/backends.py b/zproject/backends.py
index 3fe1ff2cfd..a95b347e79 100644
--- a/zproject/backends.py
+++ b/zproject/backends.py
@@ -1553,6 +1553,19 @@ class AppleAuthBackend(SocialAuthMixin, AppleIdAuth):
 
     SCOPE_SEPARATOR = "%20"  # https://github.com/python-social-auth/social-core/issues/470
 
+    @classmethod
+    def check_config(cls) -> Optional[HttpResponse]:
+        obligatory_apple_settings_list = [
+            settings.SOCIAL_AUTH_APPLE_TEAM,
+            settings.SOCIAL_AUTH_APPLE_SERVICES_ID,
+            settings.SOCIAL_AUTH_APPLE_KEY,
+            settings.SOCIAL_AUTH_APPLE_SECRET,
+        ]
+        if any(not setting for setting in obligatory_apple_settings_list):
+            return redirect_to_config_error("apple")
+
+        return None
+
     def is_native_flow(self) -> bool:
         return self.strategy.request_data().get('native_flow', False)