FEATURE: Allow /u/by-external to work for all managed authenticators (#11168)

Previously, `/u/by-external/{id}` would only work for 'Discourse SSO' systems. This commit adds a new 'provider' parameter to the URL: `/u/by-external/{provider}/{id}` This is compatible with all auth methods which have migrated to the 'ManagedAuthenticator' pattern. That includes all core providers, and also popular plugins such as discourse-oauth2-basic and discourse-openid-connect. The new route is admin-only, since some authenticators use sensitive information like email addresses as the external id.
2025-05-21 18:12:32 +08:00 · 2020-11-10 10:41:46 +00:00
parent ffc3da35a6
commit a7adf30357
4 changed files with 46 additions and 1 deletions
--- a/lib/auth/managed_authenticator.rb
+++ b/lib/auth/managed_authenticator.rb
@ -1,6 +1,12 @@
 # frozen_string_literal: true

 class Auth::ManagedAuthenticator < Auth::Authenticator
+  def is_managed?
+    # Tells core that it can safely assume this authenticator
+    # uses UserAssociatedAccount
+    true
+  end
+
  def description_for_user(user)
    associated_account = UserAssociatedAccount.find_by(provider_name: name, user_id: user.id)
    return "" if associated_account.nil?