New env variable: SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED + fixes #6533 (#6538)

author: Ghislain Loaec <gloaec@cadoles.com> 2018-02-22 23:31:25 +0100
committer: Eugen Rochko <eugen@zeonfederated.com> 2018-02-22 23:31:25 +0100
commit: 3084fe49595f44152e9835bded7490bf84d8edef (patch)
tree: 528ad7c8fece6f5049361572011db050645107f2 /app/models/concerns/omniauthable.rb
parent: b8535ad4df089166f1cae2cf61e55060223a2671 (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/app/models/concerns/omniauthable.rb b/app/models/concerns/omniauthable.rb
index a3d55108d..7a396e301 100644
--- a/app/models/concerns/omniauthable.rb
+++ b/app/models/concerns/omniauthable.rb
@@ -53,8 +53,10 @@ module Omniauthable
     private
 
     def user_params_from_auth(auth)
-      email_is_verified = auth.info.email && (auth.info.verified || auth.info.verified_email)
-      email             = auth.info.email if email_is_verified && !User.exists?(email: auth.info.email)
+      assume_verified   = Devise.omniauth_configs[:saml].strategy.security.assume_email_is_verified
+      email_is_verified = auth.info.verified || auth.info.verified_email || assume_verified
+      email             = auth.info.verified_email || auth.info.email
+      email             = email_is_verified && !User.exists?(email: auth.info.email) && email
 
       {
         email: email ? email : "#{TEMP_EMAIL_PREFIX}-#{auth.uid}-#{auth.provider}.com",
author	Ghislain Loaec <gloaec@cadoles.com>	2018-02-22 23:31:25 +0100
committer	Eugen Rochko <eugen@zeonfederated.com>	2018-02-22 23:31:25 +0100
commit	3084fe49595f44152e9835bded7490bf84d8edef (patch)
tree	528ad7c8fece6f5049361572011db050645107f2 /app/models/concerns/omniauthable.rb
parent	b8535ad4df089166f1cae2cf61e55060223a2671 (diff)