diff --git a/app/controllers/api/account.php b/app/controllers/api/account.php index d5d9539a5f..4e19af4659 100644 --- a/app/controllers/api/account.php +++ b/app/controllers/api/account.php @@ -566,6 +566,10 @@ App::get('/v1/account/sessions/oauth2/:provider/redirect') $name = $oauth2->getUserName($accessToken); $email = $oauth2->getUserEmail($accessToken); + if(empty($email)) { + throw new Exception(Exception::USER_UNAUTHORIZED, 'OAuth provider failed to return email.'); + } + /** * Is verified is not used yet, since we don't know after an accout is created anymore if it was verified or not. */ diff --git a/src/Appwrite/Auth/OAuth2/Github.php b/src/Appwrite/Auth/OAuth2/Github.php index 059d163035..32adf8c93d 100644 --- a/src/Appwrite/Auth/OAuth2/Github.php +++ b/src/Appwrite/Auth/OAuth2/Github.php @@ -183,13 +183,27 @@ class Github extends OAuth2 $emails = $this->request('GET', 'https://api.github.com/user/emails', ['Authorization: token ' . \urlencode($accessToken)]); $emails = \json_decode($emails, true); + + $verifiedEmail = null; + $primaryEmail = null; + foreach ($emails as $email) { if (isset($email['verified']) && $email['verified'] === true) { - $this->user['email'] = $email['email']; - $this->user['verified'] = $email['verified']; - break; + $verifiedEmail = $email; + + if (isset($email['primary']) && $email['primary'] === true) { + $primaryEmail = $email; + } } } + + if(!empty($primaryEmail)) { + $this->user['email'] = $primaryEmail['email']; + $this->user['verified'] = $primaryEmail['verified']; + } else if(!empty($verifiedEmail)) { + $this->user['email'] = $verifiedEmail['email']; + $this->user['verified'] = $verifiedEmail['verified']; + } } return $this->user;