ajefts
commented
6 years ago @sudoster Do you guys want to take this one? There is also some tech debt related to the sso stuff that we should cleanup. For example, I think the sso flow has some hard coding for wipro.com...
If a user attempts to register a new account with a wipro.com email address, we should force them into the SSO login/reg flow and prevent them from creating a non-sso account with a wipro.com address.
We should implement this generically so that we can support other sso domains too. For wipro's case, we want to mandate it. For other sso providers, it might be optional. We should have some kind of setting on the sso_provider that will allow us to generically check if we should force them to the sso flow for a given provider/domain.