mirror of
https://github.com/zulip/zulip.git
synced 2025-11-04 22:13:26 +00:00
oidc: Add auto_signup configuration option.
This commit is contained in:
Mateusz Mandera
committed by
Tim Abbott
Tim Abbott
parent
fb3ddf50d4
commit
50e9169680
@@ -3102,6 +3102,38 @@ class GenericOpenIdConnectTest(SocialAuthBase):
|
|||||||
family_name=name.split(" ")[1],
|
family_name=name.split(" ")[1],
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@override_settings(TERMS_OF_SERVICE=None)
|
||||||
|
def test_social_auth_registration_auto_signup(self) -> None:
|
||||||
|
"""
|
||||||
|
The analogue of the auto_signup test for SAML.
|
||||||
|
"""
|
||||||
|
email = "newuser@zulip.com"
|
||||||
|
name = "Full Name"
|
||||||
|
subdomain = "zulip"
|
||||||
|
realm = get_realm("zulip")
|
||||||
|
account_data_dict = self.get_account_data_dict(email=email, name=name)
|
||||||
|
|
||||||
|
oidc_setting_dict = copy.deepcopy(settings.SOCIAL_AUTH_OIDC_ENABLED_IDPS)
|
||||||
|
idp_settings_dict = list(oidc_setting_dict.values())[0]
|
||||||
|
idp_settings_dict["auto_signup"] = True
|
||||||
|
with mock.patch.object(GenericOpenIdConnectBackend, "settings_dict", new=idp_settings_dict):
|
||||||
|
result = self.social_auth_test(
|
||||||
|
account_data_dict,
|
||||||
|
expect_choose_email_screen=True,
|
||||||
|
subdomain=subdomain,
|
||||||
|
is_signup=False,
|
||||||
|
)
|
||||||
|
self.stage_two_of_registration(
|
||||||
|
result,
|
||||||
|
realm,
|
||||||
|
subdomain,
|
||||||
|
email,
|
||||||
|
name,
|
||||||
|
name,
|
||||||
|
self.BACKEND_CLASS.full_name_validated,
|
||||||
|
expect_confirm_registration_page=False,
|
||||||
|
)
|
||||||
|
|
||||||
def test_social_auth_no_key(self) -> None:
|
def test_social_auth_no_key(self) -> None:
|
||||||
"""
|
"""
|
||||||
Requires overriding because client key/secret are configured
|
Requires overriding because client key/secret are configured
|
||||||
|
|||||||
@@ -2407,6 +2407,9 @@ class GenericOpenIdConnectBackend(SocialAuthMixin, OpenIdConnectAuth):
|
|||||||
)
|
)
|
||||||
]
|
]
|
||||||
|
|
||||||
|
def should_auto_signup(self) -> bool:
|
||||||
|
return self.settings_dict.get("auto_signup", False)
|
||||||
|
|
||||||
|
|
||||||
def validate_otp_params(
|
def validate_otp_params(
|
||||||
mobile_flow_otp: Optional[str] = None, desktop_flow_otp: Optional[str] = None
|
mobile_flow_otp: Optional[str] = None, desktop_flow_otp: Optional[str] = None
|
||||||
|
|||||||
@@ -366,6 +366,11 @@ SOCIAL_AUTH_OIDC_ENABLED_IDPS = {
|
|||||||
## reads the secret with the specified name from zulip-secrets.conf.
|
## reads the secret with the specified name from zulip-secrets.conf.
|
||||||
"client_id": "<your client id>",
|
"client_id": "<your client id>",
|
||||||
"secret": get_secret("social_auth_oidc_secret"),
|
"secret": get_secret("social_auth_oidc_secret"),
|
||||||
|
## Determines whether "Log in with OIDC" will automatically
|
||||||
|
## register a new account if one does not already exist. By
|
||||||
|
## default, Zulip asks the user whether they want to create an
|
||||||
|
## account or try to log in again using another method.
|
||||||
|
# "auto_signup": False,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user