mirror of
https://github.com/zulip/zulip.git
synced 2025-11-15 19:31:58 +00:00
2a1da859ea
As detailed in the comment in the code: The upstream implementation uses the outdated /oauth2/authorize API (instead of the v2.0 API), which doesn't allow us to authenticate users with just a personal Microsoft account. v2.0 API is required. This requires us to override the default URLs to use it as well as adjust the requested scopes, to match this new API. The backend in its previous state was only able to authenticate users that were tied to an organizational directory, even if the application settings in Azure were set up to also allow personal accounts. Users trying to use a personal account would face an error from Microsoft: AADSTS500200: User account 'xxxx@example.com' is a personal Microsoft account. Personal Microsoft accounts are not supported for this application unless explicitly invited to an organization https://github.com/python-social-auth/social-core/issues/723 is a related upstream issue.
134 KiB
134 KiB