OmniAuth against existing users
Created by: Ikstar
Issue: Omniauth will not map to existing users, instead it tries to create new users accounts and fails.
Tested: 2.9.1 Stable , 2.6->2.9.1 Upgrade
Scenario:
- Existing Gitlab install enables Omniauth for google.
omniauth:
# Enable ability for users
# to login via twitter, google ..
enabled: true
# IMPORTANT!
# It allows user to login without having user account
allow_single_sign_on: true
block_auto_created_users: true
# Auth providers
providers:
- { name: 'google_oauth2', app_id: 'NUMERICALID.apps.googleusercontent.com',
app_secret: 'MY_APP_SECRET',
args: { access_type: 'online', approval_prompt: '' } }- There are existing users [email protected]
- Login Process
- New User (no email registered in gitlab) logs in via Omniauth. Account is created and blocked. (aka works as intended)
- Existing user logs in via Omniauth. 422 error page is displayed and the following log results
Started GET "/users/auth/google_oauth2/callback?state=e5fd77f54b8d5fdb347e&code=Ih0uQG5TAeMYuJJVnL49Cc-UzMZNdAI" for xxx.xxx.xxx.xxx at 2012-10-03$
Processing by OmniauthCallbacksController#google_oauth2 as HTML
Parameters: {"state"=>"e5fd77f54b8d5fdb347", "code"=>"Ih0uQG5TAeMYuJJVnL49Cc-UzMZNdAI"}
Completed 500 Internal Server Error in 171ms
ActiveRecord::RecordInvalid (Validation failed: Email has already been taken):
lib/gitlab/auth.rb:45:in `create_from_omniauth'
lib/gitlab/auth.rb:56:in `find_or_new_for_omniauth'
app/models/user.rb:94:in `find_or_new_for_omniauth'
app/controllers/omniauth_callbacks_controller.rb:40:in `handle_omniauth'
app/controllers/omniauth_callbacks_controller.rb:4:in `block (2 levels) in <class:OmniauthCallbacksController>'
Removed IP, and parts of state/code variables as this is a production log.