From c82cfcc86efa93863de8229a0d6b836ad16275b6 Mon Sep 17 00:00:00 2001 From: Lukasz Jarocki Date: Thu, 1 Jul 2021 16:20:08 +0200 Subject: [PATCH] SONAR-15074 allow users without an email in database to login with a new email --- .../server/authentication/UserRegistrarImpl.java | 16 ++++++++-------- .../authentication/UserRegistrarImplTest.java | 11 +++++------ 2 files changed, 13 insertions(+), 14 deletions(-) diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/UserRegistrarImpl.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/UserRegistrarImpl.java index ef61f3ee8e9..c02b8b9c9a4 100644 --- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/UserRegistrarImpl.java +++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/UserRegistrarImpl.java @@ -117,17 +117,17 @@ public class UserRegistrarImpl implements UserRegistrar { } private static void validateEmailToAvoidLoginRecycling(UserIdentity userIdentity, UserDto user, AuthenticationEvent.Source source) { - String userEmail = user.getEmail(); + String dbEmail = user.getEmail(); - if (userEmail == null) { - LOGGER.warn("User with login '{}' tried to login with email '{}' but we don't have a email on record", - userIdentity.getProviderLogin(), userIdentity.getEmail()); - throw loginAlreadyUsedException(userIdentity, source); + if (dbEmail == null) { + return; } - if (!userEmail.equals(userIdentity.getEmail())) { + String externalEmail = userIdentity.getEmail(); + + if (!dbEmail.equals(externalEmail)) { LOGGER.warn("User with login '{}' tried to login with email '{}' which doesn't match the email on record '{}'", - userIdentity.getProviderLogin(), userIdentity.getEmail(), userEmail); + userIdentity.getProviderLogin(), externalEmail, dbEmail); throw loginAlreadyUsedException(userIdentity, source); } } @@ -278,7 +278,7 @@ public class UserRegistrarImpl implements UserRegistrar { } private static UserDto[] toArray(Optional userDto) { - return userDto.map(u -> new UserDto[] {u}).orElse(new UserDto[] {}); + return userDto.map(u -> new UserDto[]{u}).orElse(new UserDto[]{}); } private static AuthenticationException generateExistingEmailError(UserRegistration authenticatorParameters, String email) { diff --git a/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/UserRegistrarImplTest.java b/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/UserRegistrarImplTest.java index 6276d1ba27f..e9ac84f8095 100644 --- a/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/UserRegistrarImplTest.java +++ b/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/UserRegistrarImplTest.java @@ -447,7 +447,7 @@ public class UserRegistrarImplTest { } @Test - public void do_not_authenticate_and_update_existing_user_matching_external_login_if_email_is_missing() { + public void authenticate_and_update_existing_user_matching_external_login_if_email_is_missing() { db.users().insertUser(u -> u .setLogin("Old login") .setName("Old name") @@ -456,12 +456,11 @@ public class UserRegistrarImplTest { .setExternalLogin(USER_IDENTITY.getProviderLogin()) .setExternalIdentityProvider(IDENTITY_PROVIDER.getKey())); - assertThatThrownBy(() -> underTest.register(newUserRegistration())) - .isInstanceOf(AuthenticationException.class) - .hasMessage(String.format("Login '%s' is already used", USER_IDENTITY.getProviderLogin())); + underTest.register(newUserRegistration()); - assertThat(logTester.logs()).contains(String.format("User with login '%s' tried to login with email '%s' but we don't have a email on record", - USER_IDENTITY.getProviderLogin(), USER_IDENTITY.getEmail())); + Optional user = db.users().selectUserByLogin("Old login"); + assertThat(user).isPresent(); + assertThat(user.get().getEmail()).isEqualTo(USER_IDENTITY.getEmail()); } @Test -- 2.39.5