From 66151d805609839a333500248149da4cc5e9cae3 Mon Sep 17 00:00:00 2001
From: David Taylor <david@taylorhq.com>
Date: Thu, 11 Feb 2021 16:26:43 +0000
Subject: [PATCH] FIX: Handle empty email address from authentication provider
 (#12046)

If no email is provided, email_valid should be set false, so that
Discourse can prompt the user for an email and verify it.

This fixes signups via twitter for accounts with no email address.
---
 lib/auth/managed_authenticator.rb                  |  2 +-
 spec/components/auth/managed_authenticator_spec.rb | 12 ++++++++++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/lib/auth/managed_authenticator.rb b/lib/auth/managed_authenticator.rb
index b0477c5f087..7b07e063d9c 100644
--- a/lib/auth/managed_authenticator.rb
+++ b/lib/auth/managed_authenticator.rb
@@ -103,7 +103,7 @@ class Auth::ManagedAuthenticator < Auth::Authenticator
       result.name = nil
     end
     result.username = info[:nickname]
-    result.email_valid = primary_email_verified?(auth_token) if result.email
+    result.email_valid = primary_email_verified?(auth_token) if result.email.present?
     result.extra_data = {
       provider: auth_token[:provider],
       uid: auth_token[:uid]
diff --git a/spec/components/auth/managed_authenticator_spec.rb b/spec/components/auth/managed_authenticator_spec.rb
index b81e33ba0e9..f98419ac67b 100644
--- a/spec/components/auth/managed_authenticator_spec.rb
+++ b/spec/components/auth/managed_authenticator_spec.rb
@@ -53,6 +53,18 @@ describe Auth::ManagedAuthenticator do
       expect(associated.extra["raw_info"]["randominfo"]).to eq("some info")
     end
 
+    it 'only sets email valid for present strings' do
+      # (Twitter sometimes sends empty email strings)
+      result = authenticator.after_authenticate(create_hash.merge(info: { email: "email@example.com" }))
+      expect(result.email_valid).to eq(true)
+
+      result = authenticator.after_authenticate(create_hash.merge(info: { email: "" }))
+      expect(result.email_valid).to be_falsey
+
+      result = authenticator.after_authenticate(create_hash.merge(info: { email: nil }))
+      expect(result.email_valid).to be_falsey
+    end
+
     describe 'connecting to another user account' do
       fab!(:user1) { Fabricate(:user) }
       fab!(:user2) { Fabricate(:user) }