add back some logic for doing the use_openid_identifier setting

Signed-off-by: Ryan Lerch <[email protected]>
fedora-infra · Apr 5, 2024 · c8e2f1e · c8e2f1e
1 parent ca1bed6
commit c8e2f1e
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 1 deletion.
diff --git a/devel/ansible/roles/dev/files/development.ini b/devel/ansible/roles/dev/files/development.ini
@@ -96,6 +96,7 @@ tahrir.social.twitter_user_hash = #fedora
 # the fedbadges backend awarder and the tahrir frontend.  Other deployments
 # may set this to true with no problem.
 tahrir.use_openid_email = False
+tahrir.email_domain = @tinystage.test
 
 # You can optionally create your own CSS theme for tahrir
 # Specify a python module name that contains static/{css,js,img} dirs.

diff --git a/tahrir/auth/utils.py b/tahrir/auth/utils.py
@@ -5,19 +5,24 @@
 from authlib.oauth2.rfc6750 import InvalidTokenError
 from pyramid.httpexceptions import HTTPFound
 from pyramid.security import remember
+from pyramid.settings import asbool
 
 if typing.TYPE_CHECKING:  # pragma: no cover
     import pyramid.request.Request  # noqa: 401
     import pyramid.response.Response  # noqa: 401
 
 
 def get_and_store_user(request, access_token, response):
+    settings = request.registry.settings
     userinfo = request.registry.oidc.fedora.userinfo(token={"access_token": access_token})
     if "error" in userinfo:
         raise InvalidTokenError(description=userinfo["error_description"])
 
     nickname = userinfo["nickname"]
-    email = userinfo["email"]
+    if asbool(settings.get("tahrir.use_openid_email")):
+        email = userinfo["email"]
+    else:
+        email = nickname + settings.get("tahrir.email_domain")
 
     # Keep adding underscores until we get a default nickname
     # that isn't already used.