From 13e3373f31859c79336ca50b761c60267b171729 Mon Sep 17 00:00:00 2001
From: JP Engstrom <jp@scientist.com>
Date: Fri, 2 Aug 2024 11:07:49 -0700
Subject: [PATCH] Separates Non-Yale user sign in (#1036)

Co-authored-by: JP Engstrom <jpengstrom@macbook-pro.lan>
---
 .../omniauth_callbacks_controller.rb          | 40 +++++++++++++------
 1 file changed, 28 insertions(+), 12 deletions(-)

diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb
index ba4a4dd1..bd01a049 100644
--- a/app/controllers/omniauth_callbacks_controller.rb
+++ b/app/controllers/omniauth_callbacks_controller.rb
@@ -6,20 +6,35 @@ def auth
     request.env['omniauth.auth']
   end
 
+  # rubocop:disable Metrics/PerceivedComplexity
   def openid_connect
     sub = auth.extra.raw_info.sub
-    yale_issuers = %w[https://auth.yale.edu/idp/shibboleth https://auth-test.yale.edu/idp/shibboleth]
-    yale_identity = auth.extra.raw_info.identities.find { |i| yale_issuers.include?(i.issuer) }
-    netid = yale_identity&.userId
-    @user = User.where(provider: auth.provider, uid: auth.uid, sub: sub).first
-    if @user.nil?
-      @user = User.create(
-          provider: auth.provider,
-          uid: auth.uid,
-          sub: sub,
-          netid: netid,
-          email: auth.info.email
-        )
+    # Login for Yale users
+    if auth.extra.raw_info.identities.present?
+      yale_issuers = %w[https://auth.yale.edu/idp/shibboleth https://auth-test.yale.edu/idp/shibboleth]
+      yale_identity = auth.extra.raw_info.identities.find { |i| yale_issuers.include?(i.issuer) }
+      netid = yale_identity&.userId
+      @user = User.where(provider: auth.provider, uid: auth.uid, sub: sub).first
+      if @user.nil?
+        @user = User.create(
+            provider: auth.provider,
+            uid: auth.uid,
+            sub: sub,
+            netid: netid,
+            email: auth.info.email
+          )
+      end
+    else
+      # Login for non-yale users without a net_id
+      @user = User.where(provider: auth.provider, uid: auth.uid, sub: sub).first
+      if @user.nil?
+        @user = User.create(
+            provider: auth.provider,
+            uid: auth.uid,
+            sub: sub,
+            email: auth.info.email
+          )
+      end
     end
 
     if @user
@@ -30,6 +45,7 @@ def openid_connect
       redirect_to root_path
     end
   end
+  # rubocop:enable Metrics/PerceivedComplexity
 
   protected