Merge pull request #48 from mattbreeden/verify_emails

mbleigh · mbleigh · commit 341254478d6f · 2015-03-19T23:47:00.000-07:00
Only return verified email addresses
diff --git a/lib/omniauth/strategies/github.rb b/lib/omniauth/strategies/github.rb
@@ -28,7 +28,7 @@ def authorize_params
       info do
         {
           'nickname' => raw_info['login'],
-          'email' => email,
+          'email' => primary_email,
           'name' => raw_info['name'],
           'image' => raw_info['avatar_url'],
           'urls' => {
@@ -39,7 +39,7 @@ def authorize_params
       end
 
       extra do
-        {:raw_info => raw_info}
+        {:raw_info => raw_info, :all_emails => emails}
       end
 
       def raw_info
@@ -52,8 +52,8 @@ def email
       end
 
       def primary_email
-        primary = emails.find{|i| i['primary'] }
-        primary && primary['email'] || emails.first && emails.first['email']
+        primary = emails.find{ |i| i['primary'] && i['verified'] }
+        primary && primary['email'] || nil
       end
 
       # The new /user/emails API - http://developer.github.com/v3/users/emails/#future-response
diff --git a/spec/omniauth/strategies/github_spec.rb b/spec/omniauth/strategies/github_spec.rb
@@ -94,26 +94,26 @@
       subject.email.should be_nil
     end
 
-    it "should return the primary email if there is no raw_info and email access is allowed" do
+    it "should not return the primary email if there is no raw_info and email access is allowed" do
       emails = [
         { 'email' => 'secondary@example.com', 'primary' => false },
         { 'email' => 'primary@example.com',   'primary' => true }
       ]
       subject.stub!(:raw_info).and_return({})
       subject.options['scope'] = 'user'
       subject.stub!(:emails).and_return(emails)
-      subject.email.should eq('primary@example.com')
+      subject.email.should eq(nil)
     end
 
-    it "should return the first email if there is no raw_info and email access is allowed" do
+    it "should not return the first email if there is no raw_info and email access is allowed" do
       emails = [
         { 'email' => 'first@example.com',   'primary' => false },
         { 'email' => 'second@example.com',  'primary' => false }
       ]
       subject.stub!(:raw_info).and_return({})
       subject.options['scope'] = 'user'
       subject.stub!(:emails).and_return(emails)
-      subject.email.should eq('first@example.com')
+      subject.email.should eq(nil)
     end
   end
 
