Skip to content

Commit 23e5636

Browse files
kylecarbskylecarbs
authored
fix: Use verified and primary email for GitHub signup (coder#1230)
This was causing a panic due to nil pointer dereference. It required all users signing up had a public email, which is an unreasonable requirement!
1 parent 021e4cd commit 23e5636

File tree

2 files changed

+21
-4
lines changed

2 files changed

+21
-4
lines changed

coderd/userauth.go

Lines changed: 16 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -75,7 +75,7 @@ func (api *api) userOAuth2Github(rw http.ResponseWriter, r *http.Request) {
7575
// Search for existing users with matching and verified emails.
7676
// If a verified GitHub email matches a Coder user, we will return.
7777
for _, email := range emails {
78-
if email.Verified == nil {
78+
if !email.GetVerified() {
7979
continue
8080
}
8181
user, err = api.Database.GetUserByEmailOrUsername(r.Context(), database.GetUserByEmailOrUsernameParams{
@@ -123,8 +123,22 @@ func (api *api) userOAuth2Github(rw http.ResponseWriter, r *http.Request) {
123123
})
124124
return
125125
}
126+
var verifiedEmail *github.UserEmail
127+
for _, email := range emails {
128+
if !email.GetPrimary() || !email.GetVerified() {
129+
continue
130+
}
131+
verifiedEmail = email
132+
break
133+
}
134+
if verifiedEmail == nil {
135+
httpapi.Write(rw, http.StatusPreconditionRequired, httpapi.Response{
136+
Message: "Your primary email must be verified on GitHub!",
137+
})
138+
return
139+
}
126140
user, _, err = api.createUser(r.Context(), codersdk.CreateUserRequest{
127-
Email: *ghUser.Email,
141+
Email: *verifiedEmail.Email,
128142
Username: *ghUser.Login,
129143
OrganizationID: organizationID,
130144
})

coderd/userauth_test.go

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -142,11 +142,14 @@ func TestUserOAuth2Github(t *testing.T) {
142142
AuthenticatedUser: func(ctx context.Context, client *http.Client) (*github.User, error) {
143143
return &github.User{
144144
Login: github.String("kyle"),
145-
Email: github.String("kyle@coder.com"),
146145
}, nil
147146
},
148147
ListEmails: func(ctx context.Context, client *http.Client) ([]*github.UserEmail, error) {
149-
return []*github.UserEmail{}, nil
148+
return []*github.UserEmail{{
149+
Email: github.String("kyle@coder.com"),
150+
Verified: github.Bool(true),
151+
Primary: github.Bool(true),
152+
}}, nil
150153
},
151154
},
152155
})

0 commit comments

Comments
 (0)