Google Git
Sign in
gerrit/gerrit/refs/tags/v2.13.2^!/.
commit
35af4064439c3a2202afcce780f0906d1630a063
[log]
author
David Ostrovsky <david@ostrovsky.org>
Thu Oct 20 20:16:31 2016 +0200
committer
David Ostrovsky <david@ostrovsky.org>
Thu Oct 20 20:19:59 2016 +0200
tree
b9e5360c7107a9d5095b74ce8bca7cd3830a9467
parent
801dff41be8b35f16503729aaf04550d047bb6c4 [diff]
OAuth extension point: Allow to authenticate without email

There is a regression in OAuth extension point, that makes the
assumption that all OAuth providers always expose EMail address.
This might not be the case or even a user can decide in her profile
if she would like to expose EMail or not.

Bug: Issue 4797
Change-Id: Ia98ba67aaa7ce44437c8e32b7eb44a38f1e2e9fd

diff --git a/gerrit-server/src/main/java/com/google/gerrit/server/auth/oauth/OAuthRealm.java b/gerrit-server/src/main/java/com/google/gerrit/server/auth/oauth/OAuthRealm.java
index 0297dd4..c07b4c8 100644
--- a/gerrit-server/src/main/java/com/google/gerrit/server/auth/oauth/OAuthRealm.java
+++ b/gerrit-server/src/main/java/com/google/gerrit/server/auth/oauth/OAuthRealm.java

@@ -66,9 +66,8 @@
    *
    * {@link AccountManager} calls this method without password
    * if authenticity of the user has already been established.
-   * In that case the {@link AuthRequest} is supposed to contain
-   * a resolved email address and we can skip the authentication
-   * request to the {@code OAuthLoginService}.
+   * In that case we can skip the authentication request to the
+   * {@code OAuthLoginService}.
    *
    * @param who the authentication request.
    *
@@ -82,8 +81,7 @@
    */
   @Override
   public AuthRequest authenticate(AuthRequest who) throws AccountException {
-    if (Strings.isNullOrEmpty(who.getPassword()) &&
-        !Strings.isNullOrEmpty(who.getEmailAddress())) {
+    if (Strings.isNullOrEmpty(who.getPassword())) {
       return who;
     }