Open nicoabergel opened 5 years ago
Huh. I never would have guessed you could make an Azure AD tenant that does not have emails. Thanks for letting me know.
What is the use case for not having an email for authenticating? What do you use to log into the Microsoft log in form if you do not have an email? Can you give me an user and OIDC client on your Azure AD Tenant for me to test?
I do not have a lot of experience with Azure and would have no idea how to set this up myself, so I would need all of these questions answered to properly understand the problem and decide on a solution. Otherwise, PRs are welcome.
For instance, my username is "nicolas.abergel@angusai.onmicrosoft.com". It was provided by Azure, and only acts as a username, and nothing else. The email field on the profile is actually blank. To log into the Microsoft log in form, I put my username and a password, they don't ask for an email. Nonetheless, the creation of the user require an email which can't be provided by the Azure profile.
We are working on a patch that does not require the email field to create the user and will suggest a PR to you soon.
We are trying to make you a profile on our Azure AD. We will get back to you soon.
We are working on a patch that does not require the email field to create the user and will suggest a PR to you soon.
Then I will leave you to it! Thanks for the help. If you tox
/Travis tests fail, I will likely contribute to your PR to help you fix them as I have all of the Python versions and such already set up on my machine.
Alright.
Hi guys,
I'm having exactly the same issue as @nicoabergel.
I've made some modifications to the code to make it work but for some reason I'm unable to execute
python3 -m pip install --user --upgrade pip
as specified in CONTRIBUTING.rst meaning that I can't run flake8 or the tests.
If I submit a pull request are you able to run the tests @AngellusMortis?
Had the same issue when testing my application with a "dummy" domain. Emails are indeed not created in Azure for the .onmicrosoft.com domains I created. I "fixed" it by inviting users from our real domain into my dummy domain for testing. Could be nice if we could rely on username in cases where emails do not exists.
I fixed the issue on my site overriding the backend and using the "preferred_username" field as the email if there is none. Take into consideration that this is not an actual email address, so you can't send emails to these users.
# my_users_app/backends.py
from microsoft_auth.backends import MicrosoftAuthenticationBackend as BaseMicrosoftAuthenticationBackend
class MicrosoftAuthenticationBackend(BaseMicrosoftAuthenticationBackend):
def _verify_microsoft_user(self, microsoft_user, data):
if 'email' not in data:
data['email'] = data['preferred_username']
return super()._verify_microsoft_user(microsoft_user, data)
# settings.py
AUTHENTICATION_BACKENDS = [
...
# 'microsoft_auth.backends.MicrosoftAuthenticationBackend', (REMOVE)
'my_users_app.backends.MicrosoftAuthenticationBackend',
]
Django Microsoft Authentication Backend version: 2.2.3
Django version: 2.2.1
Python version: 3.6.8
Operating System: Ubuntu 18.04
Browser and version: Firefox 66.0.5 (64-bit)
Browser extensions/plugins you have installed: Form Filler (2.10.3) by Hussein
Description
I am trying to implement single sign-on on my django application using microsoft auth and Azure AD. I was following the instructions on this page : https://django-microsoft-auth.readthedocs.io/en/latest/usage.html
At step 9 of "Quickstart", There is an error coming from the file /microsoft_auth/backends.py in the _verify_microsoft_user function. The function uses the email from the Azure account to create a new user, but not all azure accounts have an email and it is not possible to add one.
Environment Setup Steps
I am using localhost in debug mode MICROSOFT_AUTH_LOGIN_TYPE = 'ma' There is no email associated to my azure account as I don't have an Office 365 account. (screen provided)
Steps to Reproduce
Follow the instruction on this page : https://django-microsoft-auth.readthedocs.io/en/latest/usage.html Try to log on with an Azure account with no email at step 9. Error should occur.