Show error on failed OAuth account link

f8d54913 · James Edwards-Jones · f10c999b · f8d54913 · f8d54913 · f8d54913
Commit f8d54913 authored Apr 22, 2018 by James Edwards-Jones
4 changed files
--- a/app/controllers/omniauth_callbacks_controller.rb
+++ b/app/controllers/omniauth_callbacks_controller.rb
@@ -84,6 +84,8 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController

      if identity_linker.created?
        redirect_identity_linked
+      elsif identity_linker.error_message.present?
+        redirect_identity_link_failed(identity_linker.error_message)
      else
        redirect_identity_exists
      end
@@ -96,6 +98,10 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
    redirect_to after_sign_in_path_for(current_user)
  end

+  def redirect_identity_link_failed(error_message)
+    redirect_to profile_account_path, notice: "Authentication failed: #{error_message}"
+  end
+
  def redirect_identity_linked
    redirect_to profile_account_path, notice: 'Authentication method updated'
  end

--- a/lib/gitlab/auth/o_auth/identity_linker.rb
+++ b/lib/gitlab/auth/o_auth/identity_linker.rb
@@ -3,11 +3,23 @@ module Gitlab
    module OAuth
      class IdentityLinker < OmniauthIdentityLinkerBase
        def create_or_update
-          current_user.identities
-                      .with_extern_uid(oauth['provider'], oauth['uid'])
-                      .first_or_create(extern_uid: oauth['uid'])
+          if identity.new_record?
+            @created = identity.save
+          end
+        end
+
+        def error_message
+          identity.validate

-          @created = true
+          identity.errors.full_messages.join(', ')
+        end
+
+        private
+
+        def identity
+          @identity ||= current_user.identities
+                        .with_extern_uid(oauth['provider'], oauth['uid'])
+                        .first_or_initialize(extern_uid: oauth['uid'])
        end
      end
    end

--- a/lib/gitlab/auth/omniauth_identity_linker_base.rb
+++ b/lib/gitlab/auth/omniauth_identity_linker_base.rb
@@ -13,6 +13,10 @@ module Gitlab
        @created
      end

+      def error_message
+        ''
+      end
+
      def create_or_update
        raise NotImplementedError
      end

--- a/spec/lib/gitlab/auth/o_auth/identity_linker_spec.rb
+++ b/spec/lib/gitlab/auth/o_auth/identity_linker_spec.rb
@@ -14,6 +14,26 @@ describe Gitlab::Auth::OAuth::IdentityLinker do
    it "doesn't create new identity" do
      expect { subject.create_or_update }.not_to change { Identity.count }
    end
+
+    it "#created? returns false" do
+      subject.create_or_update
+
+      expect(subject).not_to be_created
+    end
+  end
+
+  context 'identity already linked to different user' do
+    let!(:identity) {  create(:identity, provider: provider, extern_uid: uid) }
+
+    it "#created? returns false" do
+      subject.create_or_update
+
+      expect(subject).not_to be_created
+    end
+
+    it 'exposes error message' do
+      expect(subject.error_message).to eq 'Extern uid has already been taken'
+    end
  end

  context 'identity needs to be created' do