From 5c5a381d9b9974c96f57edbe176fc91e8d1c1eca Mon Sep 17 00:00:00 2001
From: Matthew Somerville
Date: Thu, 19 Sep 2024 11:26:42 +0100
Subject: [PATCH] Make SSO button use separate form.
This reduces confusion if a browser auto-fills the email form but
someone still clicks the SSO button, or similar.
---
perllib/FixMyStreet/App/Controller/Auth.pm | 5 +-
t/app/controller/auth_social.t | 1 +
templates/web/base/auth/general.html | 53 ++++++++++------------
templates/web/brent/errors/generic.html | 2 +-
templates/web/camden/auth/general.html | 18 ++++----
templates/web/hackney/auth/general.html | 18 ++++----
templates/web/tfl/errors/generic.html | 2 +-
7 files changed, 47 insertions(+), 52 deletions(-)
diff --git a/perllib/FixMyStreet/App/Controller/Auth.pm b/perllib/FixMyStreet/App/Controller/Auth.pm
index 79eb29aba4c..052e97630ba 100644
--- a/perllib/FixMyStreet/App/Controller/Auth.pm
+++ b/perllib/FixMyStreet/App/Controller/Auth.pm
@@ -44,10 +44,7 @@ sub general : Path : Args(0) {
# decide which action to take
$c->detach('code_sign_in') if $clicked_sign_in_by_code || ($data_email && !$data_password);
- if (!$data_username && !$data_password && !$data_email && $c->get_param('social_sign_in')) {
- $c->forward('social/handle_sign_in');
- }
-
+ $c->detach('social/handle_sign_in') if $c->get_param('social_sign_in');
$c->forward( 'sign_in', [ $data_username ] )
&& $c->detach( 'redirect_on_signin', [ $c->get_param('r') ] );
diff --git a/t/app/controller/auth_social.t b/t/app/controller/auth_social.t
index 4211e560548..b40ceca29b9 100644
--- a/t/app/controller/auth_social.t
+++ b/t/app/controller/auth_social.t
@@ -143,6 +143,7 @@ for my $state ( 'refused', 'no email', 'existing UID', 'okay' ) {
update => 'Test update',
};
}
+ $mech->form_with_fields('social_sign_in');
$mech->submit_form(with_fields => $fields, button => 'social_sign_in');
# As well as the cookie issue above, caused by this external
diff --git a/templates/web/base/auth/general.html b/templates/web/base/auth/general.html
index 89d2c3d427c..c32b386e091 100644
--- a/templates/web/base/auth/general.html
+++ b/templates/web/base/auth/general.html
@@ -18,14 +18,12 @@
[% loc('Sorry, we could not log you in. Please fill in the form below.') %]
[% END %]
-
+[% IF c.cobrand.feature('oidc_login') AND NOT oauth_need_email %]
+
+
+
+
+[% END %]
+
[% INCLUDE 'footer.html' %]
[% BLOCK form_sign_in_yes %]
@@ -76,11 +84,3 @@
[%~ END ~%]
">
[% END %]
-
-[% BLOCK form_sign_in_camden_staff %]
- [% IF c.cobrand.feature('oidc_login') %]
-
- [% END %]
-[% END %]
diff --git a/templates/web/hackney/auth/general.html b/templates/web/hackney/auth/general.html
index 791bf47569e..344005a38b7 100644
--- a/templates/web/hackney/auth/general.html
+++ b/templates/web/hackney/auth/general.html
@@ -44,11 +44,19 @@
[% ELSE %]
[% INCLUDE form_sign_in_yes %]
[% INCLUDE form_sign_in_no %]
- [% INCLUDE form_sign_in_hackney_staff %]
[% END %]
+[% IF c.cobrand.feature('oidc_login') AND NOT oauth_need_email %]
+
+
+
+
+[% END %]
+
[% INCLUDE 'footer.html' %]
[% BLOCK form_sign_in_yes %]
@@ -78,11 +86,3 @@
[%~ END ~%]
">
[% END %]
-
-[% BLOCK form_sign_in_hackney_staff %]
- [% IF c.cobrand.feature('oidc_login') %]
-
- [% END %]
-[% END %]
diff --git a/templates/web/tfl/errors/generic.html b/templates/web/tfl/errors/generic.html
index f1931d05fd7..23961ebbc30 100755
--- a/templates/web/tfl/errors/generic.html
+++ b/templates/web/tfl/errors/generic.html
@@ -25,7 +25,7 @@