Disconnected OAuth AuthenticationOption bug

[maddiedierker]

Bug description

I had an account linked to my Microsoft and Google Account. I also had a password attached to it. The primary email address matched my Microsoft Account. I disconnected both the linked accounts. Now my account should not be associated to my gmail account at all. But then if I tried to sign in with my Google Account, it would sign me back to that account.

Longer description

Let's use Google OAuth as an example: You create an account through Google, change your primary authentication option in some way so that you should no longer be attached to the original Google email address you used to create an account. However, because the before-save hooks normalize_email and hash_email were using read_attribute(:email) instead of the email method, that original Google email address was always attached to your account via the email column on the User table.

[islemaster]

Cool.

[ewjordan]

LGTM code-wise, though there's a failing Circle test that seems like it might be related that's worth looking into pre-merge.

[maddiedierker]

@islemaster and @ewjordan just a heads up -- the unit test failure in UserMultiAuthHelperTest was related and informed a slight refactor on my part.

these tests were checking that the email and hashed_email fields are emptied on the User model upon migrating, which my refactor broke. so, in order to fix the bug but keep that functionality (which i think is important for when we want to delete those fields on the User table), i am manually emptying email/hashed_email for migrated users before save.