Fixes vtsykun#233. More fixes GitHub OAuth2 for accounts without emails

src/Integrations/Bitbucket/BitbucketIntegration.php

@@ -378,6 +378,7 @@ public function fetchUser(array|Request $request, array $options = [], array &$a
         $response['user_name'] = $response['username'] ?? null;
         $response['user_identifier'] = $response['username'] ?? null;
         $response['external_id'] = isset($response['uuid']) ? "{$this->name}:{$response['uuid']}" : null;
+        $response['_type'] = self::LOGIN_USERNAME;
 
         return $response;
     }

src/Integrations/Github/GitHubIntegration.php

@@ -456,6 +456,7 @@ public function fetchUser(Request|array $requestOrToken, array $options = [], ar
         $response['user_name'] = $response['login'] ?? null;
         $response['user_identifier'] = $response['email'] ?? $response['login'];
         $response['external_id'] = isset($response['id']) ? $this->getConfig()->getName() . ':' . $response['id'] : null;
+        $response['_type'] = isset($response['email']) ? self::LOGIN_EMAIL : self::LOGIN_USERNAME;
 
         return $response;
     }

src/Integrations/Gitlab/GitLabIntegration.php

@@ -157,6 +157,7 @@ public function fetchUser(Request|array $request, array $options = [], array &$a
         $response['user_name'] = $response['username'] ?? null;
         $response['user_identifier'] = $response['email'];
         $response['external_id'] = isset($response['id']) ? "{$this->name}:{$response['id']}" : null;
+        $response['_type'] = self::LOGIN_EMAIL;
 
         return $response;
     }

src/Integrations/Google/GoogleOAuth2Login.php

@@ -85,6 +85,7 @@ public function fetchUser(array|Request $request, array $options = [], array &$a
         $response['user_name'] = explode('@', $response['email'])[0];
         $response['user_identifier'] = $response['email'];
         $response['external_id'] = isset($response['sub']) ? $this->name . ':' . $response['sub'] : null;
+        $response['_type'] = self::LOGIN_EMAIL;
 
         return $response;
     }

src/Integrations/LoginInterface.php

@@ -11,6 +11,9 @@
 
 interface LoginInterface extends IntegrationInterface
 {
+    public const LOGIN_EMAIL = 'email';
+    public const LOGIN_USERNAME = 'username';
+
     /**
      * @param Request|null $request
      * @param array $options

src/Integrations/Security/OAuth2Authenticator.php

@@ -70,6 +70,11 @@ public function authenticate(Request $request): Passport
             throw new CustomUserMessageAuthenticationException('Unable to fetch oauth data');
         }
 
+        if (empty($data['_type'])) {
+            $this->logger->error("oauth2 authenticator error, client response must contains _type of user_identifier field.", ['user' => $data]);
+            throw new CustomUserMessageAuthenticationException('Invalid oauth user data. Client response must contains _type of user identifier');
+        }
+
         $badges = [];
         if (filter_var($request->cookies->get('_remember_me_flag'), FILTER_VALIDATE_BOOL)) {
             $badges[] = new RememberMeBadge();

src/Repository/UserRepository.php

@@ -16,6 +16,7 @@
 use Packeton\Entity\Group;
 use Packeton\Entity\Package;
 use Packeton\Entity\User;
+use Packeton\Integrations\LoginInterface;
 
 /**
  * @author Jordi Boggiano <[email protected]>
@@ -32,8 +33,10 @@ public function findUsersMissingApiToken()
     public function findByOAuth2Data(array $data): ?User
     {
         $user = null;
-        if (isset($data['user_identifier'])) {
-            $user = $this->findOneByUsernameOrEmail($data['user_identifier']);
+        if ($identifier = ($data['user_identifier'] ?? null)) {
+            $user = ($data['_type'] ?? null) === LoginInterface::LOGIN_USERNAME ?
+                 $this->findOneBy(['usernameCanonical' => mb_strtolower($identifier)])
+                 : $this->findOneBy(['emailCanonical' => $identifier]);
         }
 
         if (null === $user && isset($data['external_id'])) {