From 465660bdfc38297efffda8c9dd03f82341a556a2 Mon Sep 17 00:00:00 2001
From: Guo Xiang Tan <tgx_world@hotmail.com>
Date: Fri, 24 Feb 2017 15:39:56 +0800
Subject: [PATCH] Revert "SECURITY: Ensure that user has been authenticated."

This reverts commit d1091f7f57f2f0850e2f9b255a37b113c6f3198f.
---
 app/services/user_authenticator.rb            |  5 +--
 .../auth/user_authenticator_spec.rb           | 36 -------------------
 spec/controllers/users_controller_spec.rb     |  3 --
 3 files changed, 1 insertion(+), 43 deletions(-)
 delete mode 100644 spec/components/auth/user_authenticator_spec.rb

diff --git a/app/services/user_authenticator.rb b/app/services/user_authenticator.rb
index b0b8f0ccb9..4019fefead 100644
--- a/app/services/user_authenticator.rb
+++ b/app/services/user_authenticator.rb
@@ -21,10 +21,7 @@ class UserAuthenticator
   end
 
   def finish
-    if authenticator && authenticated?
-      authenticator.after_create_account(@user, @session)
-    end
-
+    authenticator.after_create_account(@user, @session) if authenticator
     @session = nil
   end
 
diff --git a/spec/components/auth/user_authenticator_spec.rb b/spec/components/auth/user_authenticator_spec.rb
deleted file mode 100644
index 1b6bb43019..0000000000
--- a/spec/components/auth/user_authenticator_spec.rb
+++ /dev/null
@@ -1,36 +0,0 @@
-require 'rails_helper'
-
-RSpec.describe UserAuthenticator do
-  let(:user) { Fabricate(:user, email: 'test@discourse.org') }
-
-  describe "#finish" do
-    before do
-      SiteSetting.enable_google_oauth2_logins = true
-    end
-
-    it "should execute provider's callback" do
-      user.update!(email: 'test@gmail.com')
-
-      authenticator = UserAuthenticator.new(user, { authentication: {
-        authenticator_name: Auth::GoogleOAuth2Authenticator.new.name,
-        email: user.email,
-        email_valid: true,
-        extra_data: { google_user_id: 1 }
-      }})
-
-      expect { authenticator.finish }.to change { GoogleUserInfo.count }.by(1)
-    end
-
-    describe "when session's email is different from user's email" do
-      it "should not execute provider's callback" do
-        authenticator = UserAuthenticator.new(user, { authentication: {
-          authenticator_name: Auth::GoogleOAuth2Authenticator.new.name,
-          email: 'test@gmail.com',
-          email_valid: true
-        }})
-
-        expect { authenticator.finish }.to_not change { GoogleUserInfo.count }
-      end
-    end
-  end
-end
diff --git a/spec/controllers/users_controller_spec.rb b/spec/controllers/users_controller_spec.rb
index 9b55f90938..5d4f5cb80b 100644
--- a/spec/controllers/users_controller_spec.rb
+++ b/spec/controllers/users_controller_spec.rb
@@ -614,9 +614,6 @@ describe UsersController do
           auth = session[:authentication] = {}
           auth[:authenticator_name] = 'twitter'
           auth[:extra_data] = twitter_auth
-          auth[:email_valid] = true
-          auth[:email] = @user.email
-
           TwitterUserInfo.expects(:create)
 
           post_user