mirror of https://github.com/zulip/zulip.git
533a6cb1c6
As detailed in the comment in the code:
The upstream implementation uses the outdated /oauth2/authorize
API (instead of the v2.0 API), which doesn't allow us to authenticate
users with just a personal Microsoft account. v2.0 API is required.
This requires us to override the default URLs to use it as well
as adjust the requested scopes, to match this new API.
The backend in its previous state was only able to authenticate users
that were tied to an organizational directory, even if the application
settings in Azure were set up to also allow personal accounts. Users
trying to use a personal account would face an error from Microsoft:
AADSTS500200: User account 'xxxx@example.com' is a
personal Microsoft account. Personal Microsoft accounts are not
supported for this application unless explicitly invited to an
organization
https://github.com/python-social-auth/social-core/issues/723 is a
related upstream issue.
(cherry picked from commit
|
||
|---|---|---|
| .. | ||
| jinja2 | ||
| __init__.py | ||
| backends.py | ||
| computed_settings.py | ||
| config.py | ||
| configured_settings.py | ||
| default_settings.py | ||
| dev_settings.py | ||
| dev_urls.py | ||
| email_backends.py | ||
| prod_settings.pyi | ||
| prod_settings_template.py | ||
| sentry.py | ||
| settings.py | ||
| settings_types.py | ||
| template_loaders.py | ||
| test_extra_settings.py | ||
| test_settings.py | ||
| urls.py | ||
| wsgi.py | ||