From ab61fe5922098b5c7dcd1921a11e18c837c8fc4a Mon Sep 17 00:00:00 2001
From: Tim Abbott <tabbott@zulipchat.com>
Date: Wed, 23 Aug 2017 20:42:32 -0700
Subject: [PATCH] auth: Fix Google auth to not assume SUBDOMAINS_HOMEPAGE.

Previously, Google auth would redirect you back to the login page on
this code path.
---
 zerver/tests/test_auth_backends.py | 6 ++++--
 zerver/views/auth.py               | 3 ++-
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/zerver/tests/test_auth_backends.py b/zerver/tests/test_auth_backends.py
index d7d7d9321c..6a2cdba251 100644
--- a/zerver/tests/test_auth_backends.py
+++ b/zerver/tests/test_auth_backends.py
@@ -1118,15 +1118,17 @@ class GoogleLoginTest(GoogleOAuthTest):
         self.assertEqual(result.status_code, 302)
         self.assertEqual(result.url, "http://testserver/")
 
-    def test_google_oauth2_wrong_subdomain(self):
+    def test_google_oauth2_subdomains_homepage(self):
         # type: () -> None
         token_response = ResponseMock(200, {'access_token': "unique_token"})
         account_data = dict(name=dict(formatted="Full Name"),
                             emails=[dict(type="account",
                                          value=self.example_email("hamlet"))])
         account_response = ResponseMock(200, account_data)
-        with self.settings(REALMS_HAVE_SUBDOMAINS=True):
+        with self.settings(REALMS_HAVE_SUBDOMAINS=True,
+                           SUBDOMAINS_HOMEPAGE=True):
             result = self.google_oauth2_test(token_response, account_response)
+            self.assertEqual(result.status_code, 302)
             self.assertIn('subdomain=1', result.url)
 
     def test_google_oauth2_400_token_response(self):
diff --git a/zerver/views/auth.py b/zerver/views/auth.py
index 1b1c04755e..38c2b5dc0e 100644
--- a/zerver/views/auth.py
+++ b/zerver/views/auth.py
@@ -270,7 +270,8 @@ def send_oauth_request_to_google(request):
     mobile_flow_otp = request.GET.get('mobile_flow_otp', '0')
 
     if settings.REALMS_HAVE_SUBDOMAINS:
-        if not subdomain or not Realm.objects.filter(string_id=subdomain).exists():
+        if ((settings.SUBDOMAINS_HOMEPAGE and subdomain == '') or
+                not Realm.objects.filter(string_id=subdomain).exists()):
             return redirect_to_subdomain_login_url()
 
     google_uri = 'https://accounts.google.com/o/oauth2/auth?'