From 46841888b7b3a2d2302ff7ecd13d445ad528febf Mon Sep 17 00:00:00 2001
From: David Taylor <david@taylorhq.com>
Date: Tue, 19 Nov 2019 19:15:11 +0000
Subject: [PATCH] FIX: For a single authenticator, do not interrupt
 registration flow

Followup to 0a14b9b42a2f597f5df26be97296a4d6909f6a34
---
 app/controllers/application_controller.rb    |  5 ++-
 spec/requests/application_controller_spec.rb | 40 ++++++++++++++++++++
 2 files changed, 43 insertions(+), 2 deletions(-)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 1fdd6027aec..d0924e76e35 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -722,8 +722,9 @@ class ApplicationController < ActionController::Base
         session[:destination_url] = destination_url
         redirect_to path('/session/sso')
         return
-      elsif !SiteSetting.enable_local_logins && Discourse.enabled_authenticators.length == 1
-        # Only one authentication provider, direct straight to it
+      elsif !SiteSetting.enable_local_logins && Discourse.enabled_authenticators.length == 1 && !cookies[:authentication_data]
+        # Only one authentication provider, direct straight to it.
+        # If authentication_data is present, then we are halfway though registration. Don't redirect offsite
         cookies[:destination_url] = destination_url
         redirect_to path("/auth/#{Discourse.enabled_authenticators.first.name}")
       else
diff --git a/spec/requests/application_controller_spec.rb b/spec/requests/application_controller_spec.rb
index bf714c49af5..372d1cf78f1 100644
--- a/spec/requests/application_controller_spec.rb
+++ b/spec/requests/application_controller_spec.rb
@@ -44,6 +44,46 @@ RSpec.describe ApplicationController do
       get "/"
       expect(response).to redirect_to("/login")
     end
+
+    context "with omniauth in test mode" do
+      before do
+        OmniAuth.config.test_mode = true
+        OmniAuth.config.add_mock(:google_oauth2,
+          info: OmniAuth::AuthHash::InfoHash.new(
+            email: "address@example.com",
+          ),
+          extra: {
+            raw_info: OmniAuth::AuthHash.new(
+              email_verified: true,
+              email: "address@example.com",
+            )
+          }
+        )
+        Rails.application.env_config["omniauth.auth"] = OmniAuth.config.mock_auth[:google_oauth2]
+      end
+
+      after do
+        Rails.application.env_config["omniauth.auth"] = OmniAuth.config.mock_auth[:google_oauth2] = nil
+        OmniAuth.config.test_mode = false
+      end
+
+      it "should not redirect to authenticator if registration in progress" do
+        SiteSetting.enable_local_logins = false
+        SiteSetting.enable_google_oauth2_logins = true
+
+        get "/"
+        expect(response).to redirect_to("/auth/google_oauth2")
+
+        expect(cookies[:authentication_data]).to eq(nil)
+
+        get "/auth/google_oauth2/callback.json"
+        expect(response).to redirect_to("/")
+        expect(cookies[:authentication_data]).not_to eq(nil)
+
+        get "/"
+        expect(response).to redirect_to("/login")
+      end
+    end
   end
 
   describe '#redirect_to_second_factor_if_required' do