Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Closing -- see SOCIALACCOUNT_EMAIL_AUTHENTICATION. #3713

Closed
simkimsia opened this issue Apr 1, 2024 · 5 comments
Closed

Closing -- see SOCIALACCOUNT_EMAIL_AUTHENTICATION. #3713

simkimsia opened this issue Apr 1, 2024 · 5 comments

Comments

@simkimsia
Copy link
Sponsor Contributor

simkimsia commented Apr 1, 2024
edited 

          Closing -- see SOCIALACCOUNT_EMAIL_AUTHENTICATION.

Originally posted by @pennersr in #215 (comment)

I have done search in the code for this and for SOCIALACCOUNT_EMAIL_AUTHENTICATION_AUTO_CONNECT.

I think it doesn't work for microsoft graph provider and I am not sure how to check where it went wrong.

I have to write my own adapter, which I prefer not to. I modified an adapter I found from 2014 to make it work. https://stackoverflow.com/a/78254683/80353
@simkimsia
Copy link
Sponsor Contributor Author

I have found out why.

  1. To find out how SOCIALACCOUNT_EMAIL_AUTHENTICATION is used, I need to search using EMAIL_AUTHENTICATION and not include the prefix.

  2. at

    django-allauth/allauth/socialaccount/models.py

    Line 337 in d29fd17

    emails = [e.email for e in self.email_addresses if e.verified]
    , the assumption is that the SocialLogin needs the oauth provider to return verified email addresses. So in my case, the Microsoft Graph for the tenant returned email addresses that are unverified. So it didn't proceed.

I recommend updating the document to make this clear. How do I do that?

@pennersr
Copy link
Owner

pennersr commented Apr 3, 2024

If you are absolutely sure that the email addresses are verified, you can turn that on. This is documented here:

The ``SOCIALACCOUNT_PROVIDERS`` setting is used to configure providers and their
apps. Next to the secrets that are configured per app, there are also parameters
such as ``VERIFIED_EMAIL`` that hold for all apps. The following is an example
configuration::

    SOCIALACCOUNT_PROVIDERS = {
        "github": {
            # For each provider, you can choose whether or not the
            # email address(es) retrieved from the provider are to be
            # interpreted as verified.
            "VERIFIED_EMAIL": True
        },

This lacks indeed a clear link/relationship with SOCIALACCOUNT_EMAIL_AUTHENTICATION -- a PR to improve the documentation is welcome.

@simkimsia
Copy link
Sponsor Contributor Author

@pennersr

"VERIFIED_EMAIL": True

This cannot be done in database config right?

I'm doing this for microsoft graph provider

@pennersr
Copy link
Owner

pennersr commented Apr 4, 2024

You can also configure it per app via the app settings. To do so, add {"verified_email": true} to the app settings (also works when editting the SocialApp via the Django admin).

@pennersr
Copy link
Owner

Closing -- if anybody wants to improve the documentation, feel free to file a PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pennersr @simkimsia