From 27ba68a7894d5204b8d75dc7353774977d62fa15 Mon Sep 17 00:00:00 2001
From: Chris Duarte <csduarte@users.noreply.github.com>
Date: Tue, 28 Nov 2017 11:46:48 -0800
Subject: Add Config to disable Auth Transfers. (#7843)

* Add Config to disable Auth Transfers.

* Set config ExperimentalEnableAuthenticationTransfer behind an E20 license restriction
---
 app/oauth.go | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'app/oauth.go')

diff --git a/app/oauth.go b/app/oauth.go
index f27facbec..3202ac5ed 100644
--- a/app/oauth.go
+++ b/app/oauth.go
@@ -717,6 +717,10 @@ func (a *App) AuthorizeOAuthUser(w http.ResponseWriter, r *http.Request, service
 }
 
 func (a *App) SwitchEmailToOAuth(w http.ResponseWriter, r *http.Request, email, password, code, service string) (string, *model.AppError) {
+	if utils.IsLicensed() && !*a.Config().ServiceSettings.ExperimentalEnableAuthenticationTransfer {
+		return "", model.NewAppError("emailToOAuth", "api.user.email_to_oauth.not_available.app_error", nil, "", http.StatusForbidden)
+	}
+
 	var user *model.User
 	var err *model.AppError
 	if user, err = a.GetUserByEmail(email); err != nil {
@@ -743,6 +747,10 @@ func (a *App) SwitchEmailToOAuth(w http.ResponseWriter, r *http.Request, email,
 }
 
 func (a *App) SwitchOAuthToEmail(email, password, requesterId string) (string, *model.AppError) {
+	if utils.IsLicensed() && !*a.Config().ServiceSettings.ExperimentalEnableAuthenticationTransfer {
+		return "", model.NewAppError("oauthToEmail", "api.user.oauth_to_email.not_available.app_error", nil, "", http.StatusForbidden)
+	}
+
 	var user *model.User
 	var err *model.AppError
 	if user, err = a.GetUserByEmail(email); err != nil {
-- 
cgit v1.2.3-1-g7c22