]> git.openstreetmap.org Git - rails.git/blobdiff - test/integration/user_creation_test.rb
Remove duplicate database status checks
[rails.git] / test / integration / user_creation_test.rb
index 8b6cdb19c0c5a3063e9b6936f1300b7d588ae9d6..4611860d02552705267c588419d8e275353d1faa 100644 (file)
@@ -32,7 +32,6 @@ class UserCreationTest < ActionDispatch::IntegrationTest
         perform_enqueued_jobs do
           post "/user/new",
                :params => { :user => { :email => dup_email,
         perform_enqueued_jobs do
           post "/user/new",
                :params => { :user => { :email => dup_email,
-                                       :email_confirmation => dup_email,
                                        :display_name => display_name,
                                        :pass_crypt => "testtest",
                                        :pass_crypt_confirmation => "testtest",
                                        :display_name => display_name,
                                        :pass_crypt => "testtest",
                                        :pass_crypt_confirmation => "testtest",
@@ -46,6 +45,70 @@ class UserCreationTest < ActionDispatch::IntegrationTest
     assert_select "form > div > input.is-invalid#user_email"
   end
 
     assert_select "form > div > input.is-invalid#user_email"
   end
 
+  def test_user_create_association_bad_auth_provider
+    assert_difference("User.count", 0) do
+      assert_no_difference("ActionMailer::Base.deliveries.size") do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => "test@example.com",
+                                       :display_name => "new_tester",
+                                       :pass_crypt => "testtest",
+                                       :pass_crypt_confirmation => "testtest",
+                                       :auth_provider => "noprovider",
+                                       :auth_uid => "123454321",
+                                       :consider_pd => "1" } }
+          assert_redirected_to auth_path(:provider => "noprovider", :origin => "/user/new")
+          post response.location
+        end
+      end
+    end
+    assert_response :not_found
+  end
+
+  def test_user_create_association_no_auth_uid
+    OmniAuth.config.mock_auth[:google] = :invalid_credentials
+    assert_difference("User.count", 0) do
+      assert_no_difference("ActionMailer::Base.deliveries.size") do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => "test@example.com",
+                                       :display_name => "new_tester",
+                                       :pass_crypt => "testtest",
+                                       :pass_crypt_confirmation => "testtest",
+                                       :auth_provider => "google",
+                                       :consider_pd => "1" } }
+          assert_redirected_to auth_path(:provider => "google", :origin => "/user/new")
+          post response.location
+        end
+      end
+    end
+    follow_redirect!
+    assert_redirected_to auth_failure_path(:strategy => "google", :message => "invalid_credentials", :origin => "/user/new")
+  end
+
+  def test_user_create_association_submit_duplicate_email
+    dup_email = create(:user).email
+    display_name = "new_tester"
+    assert_difference("User.count", 0) do
+      assert_no_difference("ActionMailer::Base.deliveries.size") do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => dup_email,
+                                       :display_name => display_name,
+                                       :pass_crypt => "testtest",
+                                       :pass_crypt_confirmation => "testtest",
+                                       :auth_provider => "google",
+                                       :auth_uid => "123454321",
+                                       :consider_pd => "1" } }
+        end
+      end
+    end
+    assert_response :success
+    assert_template "users/new"
+    assert_select "form"
+    assert_select "form > div > input.is-invalid#user_email"
+  end
+
   def test_user_create_submit_duplicate_username
     dup_display_name = create(:user).display_name
     email = "new_tester"
   def test_user_create_submit_duplicate_username
     dup_display_name = create(:user).display_name
     email = "new_tester"
@@ -54,7 +117,6 @@ class UserCreationTest < ActionDispatch::IntegrationTest
         perform_enqueued_jobs do
           post "/user/new",
                :params => { :user => { :email => email,
         perform_enqueued_jobs do
           post "/user/new",
                :params => { :user => { :email => email,
-                                       :email_confirmation => email,
                                        :display_name => dup_display_name,
                                        :pass_crypt => "testtest",
                                        :pass_crypt_confirmation => "testtest" } }
                                        :display_name => dup_display_name,
                                        :pass_crypt => "testtest",
                                        :pass_crypt_confirmation => "testtest" } }
@@ -74,16 +136,36 @@ class UserCreationTest < ActionDispatch::IntegrationTest
         perform_enqueued_jobs do
           post "/user/new",
                :params => { :user => { :email => email,
         perform_enqueued_jobs do
           post "/user/new",
                :params => { :user => { :email => email,
-                                       :email_confirmation => email,
                                        :display_name => display_name,
                                        :pass_crypt => "testtest",
                                        :display_name => display_name,
                                        :pass_crypt => "testtest",
-                                       :pass_crypt_confirmation => "blahblah" } }
+                                       :pass_crypt_confirmation => "blahblah",
+                                       :consider_pd => "1" } }
         end
       end
     end
     assert_response :success
     assert_template "users/new"
         end
       end
     end
     assert_response :success
     assert_template "users/new"
-    assert_select "form > div > input.is-invalid#user_pass_crypt_confirmation"
+    assert_select "form > div > div > div > input.is-invalid#user_pass_crypt_confirmation"
+  end
+
+  def test_user_create_association_submit_duplicate_username
+    dup_display_name = create(:user).display_name
+    email = "new_tester"
+    assert_difference("User.count", 0) do
+      assert_no_difference("ActionMailer::Base.deliveries.size") do
+        perform_enqueued_jobs do
+          post "/user/new",
+               :params => { :user => { :email => email,
+                                       :display_name => dup_display_name,
+                                       :auth_provider => "google",
+                                       :auth_uid => "123454321",
+                                       :consider_pd => "1" } }
+        end
+      end
+    end
+    assert_response :success
+    assert_template "users/new"
+    assert_select "form > div > input.is-invalid#user_display_name"
   end
 
   def test_user_create_success
   end
 
   def test_user_create_success
@@ -95,12 +177,10 @@ class UserCreationTest < ActionDispatch::IntegrationTest
         perform_enqueued_jobs do
           post "/user/new",
                :params => { :user => { :email => new_email,
         perform_enqueued_jobs do
           post "/user/new",
                :params => { :user => { :email => new_email,
-                                       :email_confirmation => new_email,
                                        :display_name => display_name,
                                        :pass_crypt => "testtest",
                                        :pass_crypt_confirmation => "testtest",
                                        :consider_pd => "1" } }
                                        :display_name => display_name,
                                        :pass_crypt => "testtest",
                                        :pass_crypt_confirmation => "testtest",
                                        :consider_pd => "1" } }
-          assert_response :redirect
           assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
           follow_redirect!
         end
           assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
           follow_redirect!
         end
@@ -151,7 +231,6 @@ class UserCreationTest < ActionDispatch::IntegrationTest
         perform_enqueued_jobs do
           post "/user/new",
                :params => { :user => { :email => new_email,
         perform_enqueued_jobs do
           post "/user/new",
                :params => { :user => { :email => new_email,
-                                       :email_confirmation => new_email,
                                        :display_name => display_name,
                                        :pass_crypt => password,
                                        :pass_crypt_confirmation => password,
                                        :display_name => display_name,
                                        :pass_crypt => password,
                                        :pass_crypt_confirmation => password,
@@ -194,36 +273,61 @@ class UserCreationTest < ActionDispatch::IntegrationTest
   end
 
   def test_user_create_openid_success
   end
 
   def test_user_create_openid_success
-    OmniAuth.config.add_mock(:openid, :uid => "http://localhost:1123/new.tester")
-
     new_email = "newtester-openid@osm.org"
     display_name = "new_tester-openid"
     new_email = "newtester-openid@osm.org"
     display_name = "new_tester-openid"
-    password = "testtest"
+    auth_uid = "http://localhost:1123/new.tester"
+
+    OmniAuth.config.add_mock(:openid,
+                             :uid => auth_uid,
+                             :info => { :email => new_email, :name => display_name })
+
     assert_difference("User.count") do
       assert_difference("ActionMailer::Base.deliveries.size", 1) do
         perform_enqueued_jobs do
     assert_difference("User.count") do
       assert_difference("ActionMailer::Base.deliveries.size", 1) do
         perform_enqueued_jobs do
+          post auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
+          assert_redirected_to auth_success_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
+          follow_redirect!
+          assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => new_email,
+                               :auth_provider => "openid", :auth_uid => auth_uid
+          follow_redirect!
           post "/user/new",
                :params => { :user => { :email => new_email,
           post "/user/new",
                :params => { :user => { :email => new_email,
-                                       :email_confirmation => new_email,
                                        :display_name => display_name,
                                        :auth_provider => "openid",
                                        :auth_uid => "http://localhost:1123/new.tester",
                                        :display_name => display_name,
                                        :auth_provider => "openid",
                                        :auth_uid => "http://localhost:1123/new.tester",
-                                       :pass_crypt => password,
-                                       :pass_crypt_confirmation => password,
                                        :consider_pd => "1" } }
           assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
           post response.location
                                        :consider_pd => "1" } }
           assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
           post response.location
-          assert_redirected_to auth_success_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
-          follow_redirect!
-          assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
           follow_redirect!
         end
       end
     end
 
     # Check the page
           follow_redirect!
         end
       end
     end
 
     # Check the page
+    assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
+
+    ActionMailer::Base.deliveries.clear
+  end
+
+  def test_user_create_openid_duplicate_email
+    dup_user = create(:user)
+    display_name = "new_tester-openid"
+    auth_uid = "123454321"
+
+    OmniAuth.config.add_mock(:openid,
+                             :uid => auth_uid,
+                             :info => { :email => dup_user.email, :name => display_name })
+
+    post auth_path(:provider => "openid", :origin => "/user/new")
+    assert_redirected_to auth_success_path(:provider => "openid", :origin => "/user/new")
+    follow_redirect!
+    assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => dup_user.email,
+                         :auth_provider => "openid", :auth_uid => auth_uid
+    follow_redirect!
+
     assert_response :success
     assert_response :success
-    assert_template "confirmations/confirm"
+    assert_template "users/new"
+    assert_select "form > div > input.is-invalid#user_email"
 
     ActionMailer::Base.deliveries.clear
   end
 
     ActionMailer::Base.deliveries.clear
   end
@@ -242,19 +346,15 @@ class UserCreationTest < ActionDispatch::IntegrationTest
                                        :display_name => display_name,
                                        :auth_provider => "openid",
                                        :auth_uid => "http://localhost:1123/new.tester",
                                        :display_name => display_name,
                                        :auth_provider => "openid",
                                        :auth_uid => "http://localhost:1123/new.tester",
-                                       :pass_crypt => "testtest",
-                                       :pass_crypt_confirmation => "testtest",
-                                       :consider_pd => "1" } }
+                                       :pass_crypt => "",
+                                       :pass_crypt_confirmation => "" } }
           assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
           follow_redirect!
           assert_redirected_to auth_failure_path(:strategy => "openid", :message => "connection_failed", :origin => "/user/new")
           follow_redirect!
           assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
           follow_redirect!
           assert_redirected_to auth_failure_path(:strategy => "openid", :message => "connection_failed", :origin => "/user/new")
           follow_redirect!
-          assert_response :redirect
-          follow_redirect!
-          assert_response :success
-          assert_template "users/new"
+          assert_redirected_to "/user/new"
         end
       end
     end
         end
       end
     end
@@ -263,25 +363,29 @@ class UserCreationTest < ActionDispatch::IntegrationTest
   end
 
   def test_user_create_openid_redirect
   end
 
   def test_user_create_openid_redirect
-    OmniAuth.config.add_mock(:openid, :uid => "http://localhost:1123/new.tester")
-
+    auth_uid = "http://localhost:1123/new.tester"
     new_email = "redirect_tester_openid@osm.org"
     display_name = "redirect_tester_openid"
     new_email = "redirect_tester_openid@osm.org"
     display_name = "redirect_tester_openid"
-    # nothing special about this page, just need a protected page to redirect back to.
-    referer = "/traces/mine"
+
+    OmniAuth.config.add_mock(:openid,
+                             :uid => auth_uid,
+                             :info => { :email => new_email, :name => display_name })
+
     assert_difference("User.count") do
       assert_difference("ActionMailer::Base.deliveries.size", 1) do
         perform_enqueued_jobs do
     assert_difference("User.count") do
       assert_difference("ActionMailer::Base.deliveries.size", 1) do
         perform_enqueued_jobs do
+          post auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
+          assert_redirected_to auth_success_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
+          follow_redirect!
+          assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => new_email,
+                               :auth_provider => "openid", :auth_uid => auth_uid
+          follow_redirect!
           post "/user/new",
                :params => { :user => { :email => new_email,
           post "/user/new",
                :params => { :user => { :email => new_email,
-                                       :email_confirmation => new_email,
                                        :display_name => display_name,
                                        :auth_provider => "openid",
                                        :display_name => display_name,
                                        :auth_provider => "openid",
-                                       :auth_uid => "http://localhost:1123/new.tester",
-                                       :pass_crypt => "testtest",
-                                       :pass_crypt_confirmation => "testtest",
-                                       :consider_pd => "1" },
-                            :referer => referer }
+                                       :auth_uid => auth_uid,
+                                       :consider_pd => "1" } }
           assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
           assert_redirected_to auth_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "openid", :openid_url => "http://localhost:1123/new.tester", :origin => "/user/new")
@@ -323,22 +427,33 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
   def test_user_create_google_success
     new_email = "newtester-google@osm.org"
 
   def test_user_create_google_success
     new_email = "newtester-google@osm.org"
+    email_hmac = UsersController.message_hmac(new_email)
     display_name = "new_tester-google"
     display_name = "new_tester-google"
-    password = "testtest"
+    auth_uid = "123454321"
 
 
-    OmniAuth.config.add_mock(:google, :uid => "123454321", :info => { "email" => new_email })
+    OmniAuth.config.add_mock(:google,
+                             :uid => auth_uid,
+                             :extra => { :id_info => { :openid_id => "http://localhost:1123/new.tester" } },
+                             :info => { :email => new_email, :name => display_name })
 
     assert_difference("User.count") do
       assert_no_difference("ActionMailer::Base.deliveries.size") do
         perform_enqueued_jobs do
 
     assert_difference("User.count") do
       assert_no_difference("ActionMailer::Base.deliveries.size") do
         perform_enqueued_jobs do
+          post auth_path(:provider => "google", :origin => "/user/new")
+          assert_redirected_to auth_success_path(:provider => "google")
+          follow_redirect!
+          assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
+                               :email => new_email, :email_hmac => email_hmac,
+                               :auth_provider => "google", :auth_uid => auth_uid
+          follow_redirect!
+
           post "/user/new",
                :params => { :user => { :email => new_email,
           post "/user/new",
                :params => { :user => { :email => new_email,
-                                       :email_confirmation => new_email,
                                        :display_name => display_name,
                                        :auth_provider => "google",
                                        :display_name => display_name,
                                        :auth_provider => "google",
-                                       :pass_crypt => password,
-                                       :pass_crypt_confirmation => password,
-                                       :consider_pd => "1" } }
+                                       :auth_uid => auth_uid,
+                                       :consider_pd => "1" },
+                            :email_hmac => email_hmac }
           assert_redirected_to auth_path(:provider => "google", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "google")
           assert_redirected_to auth_path(:provider => "google", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "google")
@@ -356,6 +471,31 @@ class UserCreationTest < ActionDispatch::IntegrationTest
     ActionMailer::Base.deliveries.clear
   end
 
     ActionMailer::Base.deliveries.clear
   end
 
+  def test_user_create_google_duplicate_email
+    dup_user = create(:user)
+    display_name = "new_tester-google"
+    auth_uid = "123454321"
+
+    OmniAuth.config.add_mock(:google,
+                             :uid => auth_uid,
+                             :extra => { :id_info => { :openid_id => "http://localhost:1123/new.tester" } },
+                             :info => { :email => dup_user.email, :name => display_name })
+
+    post auth_path(:provider => "google", :origin => "/user/new")
+    assert_redirected_to auth_success_path(:provider => "google")
+    follow_redirect!
+    assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => dup_user.email,
+                         :email_hmac => UsersController.message_hmac(dup_user.email),
+                         :auth_provider => "google", :auth_uid => auth_uid
+    follow_redirect!
+
+    assert_response :success
+    assert_template "users/new"
+    assert_select "form > div > input.is-invalid#user_email"
+
+    ActionMailer::Base.deliveries.clear
+  end
+
   def test_user_create_google_failure
     OmniAuth.config.mock_auth[:google] = :connection_failed
 
   def test_user_create_google_failure
     OmniAuth.config.mock_auth[:google] = :connection_failed
 
@@ -369,19 +509,16 @@ class UserCreationTest < ActionDispatch::IntegrationTest
                                        :email_confirmation => new_email,
                                        :display_name => display_name,
                                        :auth_provider => "google",
                                        :email_confirmation => new_email,
                                        :display_name => display_name,
                                        :auth_provider => "google",
+                                       :auth_uid => "123454321",
                                        :pass_crypt => "",
                                        :pass_crypt => "",
-                                       :pass_crypt_confirmation => "",
-                                       :consider_pd => "1" } }
+                                       :pass_crypt_confirmation => "" } }
           assert_redirected_to auth_path(:provider => "google", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "google")
           follow_redirect!
           assert_redirected_to auth_failure_path(:strategy => "google", :message => "connection_failed", :origin => "/user/new")
           follow_redirect!
           assert_redirected_to auth_path(:provider => "google", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "google")
           follow_redirect!
           assert_redirected_to auth_failure_path(:strategy => "google", :message => "connection_failed", :origin => "/user/new")
           follow_redirect!
-          assert_response :redirect
-          follow_redirect!
-          assert_response :success
-          assert_template "users/new"
+          assert_redirected_to "/user/new"
         end
       end
     end
         end
       end
     end
@@ -390,26 +527,34 @@ class UserCreationTest < ActionDispatch::IntegrationTest
   end
 
   def test_user_create_google_redirect
   end
 
   def test_user_create_google_redirect
-    OmniAuth.config.add_mock(:google, :uid => "123454321", :extra => {
-                               :id_info => { "openid_id" => "http://localhost:1123/new.tester" }
-                             })
-
-    new_email = "redirect_tester_google@osm.org"
+    orig_email = "redirect_tester_google_orig@google.com"
+    email_hmac = UsersController.message_hmac(orig_email)
+    new_email =  "redirect_tester_google@osm.org"
     display_name = "redirect_tester_google"
     display_name = "redirect_tester_google"
-    # nothing special about this page, just need a protected page to redirect back to.
-    referer = "/traces/mine"
+    auth_uid = "123454321"
+
+    OmniAuth.config.add_mock(:google,
+                             :uid => auth_uid,
+                             :extra => { :id_info => { :openid_id => "http://localhost:1123/new.tester" } },
+                             :info => { :email => orig_email, :name => display_name })
+
     assert_difference("User.count") do
       assert_difference("ActionMailer::Base.deliveries.size", 1) do
         perform_enqueued_jobs do
     assert_difference("User.count") do
       assert_difference("ActionMailer::Base.deliveries.size", 1) do
         perform_enqueued_jobs do
+          post auth_path(:provider => "google", :origin => "/user/new")
+          assert_redirected_to auth_success_path(:provider => "google")
+          follow_redirect!
+          assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
+                               :email => orig_email, :email_hmac => email_hmac,
+                               :auth_provider => "google", :auth_uid => auth_uid
+          follow_redirect!
           post "/user/new",
                :params => { :user => { :email => new_email,
           post "/user/new",
                :params => { :user => { :email => new_email,
-                                       :email_confirmation => new_email,
+                                       :email_hmac => email_hmac,
                                        :display_name => display_name,
                                        :auth_provider => "google",
                                        :display_name => display_name,
                                        :auth_provider => "google",
-                                       :pass_crypt => "testtest",
-                                       :pass_crypt_confirmation => "testtest",
-                                       :consider_pd => "1" },
-                            :referer => referer }
+                                       :auth_uid => auth_uid,
+                                       :consider_pd => "1" } }
           assert_redirected_to auth_path(:provider => "google", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "google")
           assert_redirected_to auth_path(:provider => "google", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "google")
@@ -451,22 +596,32 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
   def test_user_create_facebook_success
     new_email = "newtester-facebook@osm.org"
 
   def test_user_create_facebook_success
     new_email = "newtester-facebook@osm.org"
+    email_hmac = UsersController.message_hmac(new_email)
     display_name = "new_tester-facebook"
     display_name = "new_tester-facebook"
-    password = "testtest"
+    auth_uid = "123454321"
 
 
-    OmniAuth.config.add_mock(:facebook, :uid => "123454321", :info => { "email" => new_email })
+    OmniAuth.config.add_mock(:facebook,
+                             :uid => auth_uid,
+                             :info => { "email" => new_email, :name => display_name })
 
     assert_difference("User.count") do
       assert_no_difference("ActionMailer::Base.deliveries.size") do
         perform_enqueued_jobs do
 
     assert_difference("User.count") do
       assert_no_difference("ActionMailer::Base.deliveries.size") do
         perform_enqueued_jobs do
+          post auth_path(:provider => "facebook", :origin => "/user/new")
+          assert_redirected_to auth_success_path(:provider => "facebook")
+          follow_redirect!
+          assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
+                               :email => new_email, :email_hmac => email_hmac,
+                               :auth_provider => "facebook", :auth_uid => auth_uid
+          follow_redirect!
+
           post "/user/new",
                :params => { :user => { :email => new_email,
           post "/user/new",
                :params => { :user => { :email => new_email,
-                                       :email_confirmation => new_email,
                                        :display_name => display_name,
                                        :auth_provider => "facebook",
                                        :display_name => display_name,
                                        :auth_provider => "facebook",
-                                       :pass_crypt => password,
-                                       :pass_crypt_confirmation => password,
-                                       :consider_pd => "1" } }
+                                       :auth_uid => auth_uid,
+                                       :consider_pd => "1" },
+                            :email_hmac => email_hmac }
           assert_redirected_to auth_path(:provider => "facebook", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "facebook")
           assert_redirected_to auth_path(:provider => "facebook", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "facebook")
@@ -484,6 +639,30 @@ class UserCreationTest < ActionDispatch::IntegrationTest
     ActionMailer::Base.deliveries.clear
   end
 
     ActionMailer::Base.deliveries.clear
   end
 
+  def test_user_create_facebook_duplicate_email
+    dup_user = create(:user)
+    display_name = "new_tester-facebook"
+    auth_uid = "123454321"
+
+    OmniAuth.config.add_mock(:facebook,
+                             :uid => auth_uid,
+                             :info => { :email => dup_user.email, :name => display_name })
+
+    post auth_path(:provider => "facebook", :origin => "/user/new")
+    assert_redirected_to auth_success_path(:provider => "facebook")
+    follow_redirect!
+    assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => dup_user.email,
+                         :email_hmac => UsersController.message_hmac(dup_user.email),
+                         :auth_provider => "facebook", :auth_uid => auth_uid
+    follow_redirect!
+
+    assert_response :success
+    assert_template "users/new"
+    assert_select "form > div > input.is-invalid#user_email"
+
+    ActionMailer::Base.deliveries.clear
+  end
+
   def test_user_create_facebook_failure
     OmniAuth.config.mock_auth[:facebook] = :connection_failed
 
   def test_user_create_facebook_failure
     OmniAuth.config.mock_auth[:facebook] = :connection_failed
 
@@ -497,19 +676,16 @@ class UserCreationTest < ActionDispatch::IntegrationTest
                                        :email_confirmation => new_email,
                                        :display_name => display_name,
                                        :auth_provider => "facebook",
                                        :email_confirmation => new_email,
                                        :display_name => display_name,
                                        :auth_provider => "facebook",
+                                       :auth_uid => "123454321",
                                        :pass_crypt => "",
                                        :pass_crypt => "",
-                                       :pass_crypt_confirmation => "",
-                                       :consider_pd => "1" } }
+                                       :pass_crypt_confirmation => "" } }
           assert_redirected_to auth_path(:provider => "facebook", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "facebook")
           follow_redirect!
           assert_redirected_to auth_failure_path(:strategy => "facebook", :message => "connection_failed", :origin => "/user/new")
           follow_redirect!
           assert_redirected_to auth_path(:provider => "facebook", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "facebook")
           follow_redirect!
           assert_redirected_to auth_failure_path(:strategy => "facebook", :message => "connection_failed", :origin => "/user/new")
           follow_redirect!
-          assert_response :redirect
-          follow_redirect!
-          assert_response :success
-          assert_template "users/new"
+          assert_redirected_to "/user/new"
         end
       end
     end
         end
       end
     end
@@ -518,29 +694,41 @@ class UserCreationTest < ActionDispatch::IntegrationTest
   end
 
   def test_user_create_facebook_redirect
   end
 
   def test_user_create_facebook_redirect
-    OmniAuth.config.add_mock(:facebook, :uid => "123454321")
-
+    orig_email = "redirect_tester_facebook_orig@osm.org"
+    email_hmac = UsersController.message_hmac(orig_email)
     new_email = "redirect_tester_facebook@osm.org"
     display_name = "redirect_tester_facebook"
     new_email = "redirect_tester_facebook@osm.org"
     display_name = "redirect_tester_facebook"
+    auth_uid = "123454321"
+
+    OmniAuth.config.add_mock(:facebook,
+                             :uid => auth_uid,
+                             :info => { :email => orig_email, :name => display_name })
+
     # nothing special about this page, just need a protected page to redirect back to.
     # nothing special about this page, just need a protected page to redirect back to.
-    referer = "/traces/mine"
     assert_difference("User.count") do
       assert_difference("ActionMailer::Base.deliveries.size", 1) do
         perform_enqueued_jobs do
     assert_difference("User.count") do
       assert_difference("ActionMailer::Base.deliveries.size", 1) do
         perform_enqueued_jobs do
+          post auth_path(:provider => "facebook", :origin => "/user/new")
+          assert_redirected_to auth_success_path(:provider => "facebook")
+          follow_redirect!
+          assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
+                               :email => orig_email, :email_hmac => email_hmac,
+                               :auth_provider => "facebook", :auth_uid => auth_uid
+          follow_redirect!
+
           post "/user/new",
                :params => { :user => { :email => new_email,
           post "/user/new",
                :params => { :user => { :email => new_email,
-                                       :email_confirmation => new_email,
+                                       :email_hmac => email_hmac,
                                        :display_name => display_name,
                                        :auth_provider => "facebook",
                                        :display_name => display_name,
                                        :auth_provider => "facebook",
-                                       :pass_crypt => "testtest",
-                                       :pass_crypt_confirmation => "testtest",
-                                       :consider_pd => "1" },
-                            :referer => referer }
+                                       :auth_uid => auth_uid,
+                                       :consider_pd => "1" } }
           assert_redirected_to auth_path(:provider => "facebook", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "facebook")
           follow_redirect!
           assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
           assert_redirected_to auth_path(:provider => "facebook", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "facebook")
           follow_redirect!
           assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
+          assert_response :redirect
           follow_redirect!
         end
       end
           follow_redirect!
         end
       end
@@ -577,22 +765,31 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
   def test_user_create_microsoft_success
     new_email = "newtester-microsoft@osm.org"
 
   def test_user_create_microsoft_success
     new_email = "newtester-microsoft@osm.org"
+    email_hmac = UsersController.message_hmac(new_email)
     display_name = "new_tester-microsoft"
     display_name = "new_tester-microsoft"
-    password = "testtest"
+    auth_uid = "123454321"
 
 
-    OmniAuth.config.add_mock(:microsoft, :uid => "123454321", :info => { "email" => new_email })
+    OmniAuth.config.add_mock(:microsoft,
+                             :uid => auth_uid,
+                             :info => { "email" => new_email, :name => display_name })
 
     assert_difference("User.count") do
       assert_difference("ActionMailer::Base.deliveries.size", 0) do
         perform_enqueued_jobs do
 
     assert_difference("User.count") do
       assert_difference("ActionMailer::Base.deliveries.size", 0) do
         perform_enqueued_jobs do
+          post auth_path(:provider => "microsoft", :origin => "/user/new")
+          assert_redirected_to auth_success_path(:provider => "microsoft")
+          follow_redirect!
+          assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
+                               :email => new_email, :email_hmac => email_hmac,
+                               :auth_provider => "microsoft", :auth_uid => auth_uid
+          follow_redirect!
           post "/user/new",
                :params => { :user => { :email => new_email,
           post "/user/new",
                :params => { :user => { :email => new_email,
-                                       :email_confirmation => new_email,
                                        :display_name => display_name,
                                        :auth_provider => "microsoft",
                                        :display_name => display_name,
                                        :auth_provider => "microsoft",
-                                       :pass_crypt => password,
-                                       :pass_crypt_confirmation => password,
-                                       :consider_pd => "1" } }
+                                       :auth_uid => auth_uid,
+                                       :consider_pd => "1" },
+                            :email_hmac => email_hmac }
           assert_redirected_to auth_path(:provider => "microsoft", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "microsoft")
           assert_redirected_to auth_path(:provider => "microsoft", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "microsoft")
@@ -610,6 +807,30 @@ class UserCreationTest < ActionDispatch::IntegrationTest
     ActionMailer::Base.deliveries.clear
   end
 
     ActionMailer::Base.deliveries.clear
   end
 
+  def test_user_create_microsoft_duplicate_email
+    dup_user = create(:user)
+    display_name = "new_tester-microsoft"
+    auth_uid = "123454321"
+
+    OmniAuth.config.add_mock(:microsoft,
+                             :uid => auth_uid,
+                             :info => { :email => dup_user.email, :name => display_name })
+
+    post auth_path(:provider => "microsoft", :origin => "/user/new")
+    assert_redirected_to auth_success_path(:provider => "microsoft")
+    follow_redirect!
+    assert_redirected_to :controller => :users, :action => "new", :nickname => display_name, :email => dup_user.email,
+                         :email_hmac => UsersController.message_hmac(dup_user.email),
+                         :auth_provider => "microsoft", :auth_uid => auth_uid
+    follow_redirect!
+
+    assert_response :success
+    assert_template "users/new"
+    assert_select "form > div > input.is-invalid#user_email"
+
+    ActionMailer::Base.deliveries.clear
+  end
+
   def test_user_create_microsoft_failure
     OmniAuth.config.mock_auth[:microsoft] = :connection_failed
 
   def test_user_create_microsoft_failure
     OmniAuth.config.mock_auth[:microsoft] = :connection_failed
 
@@ -623,19 +844,16 @@ class UserCreationTest < ActionDispatch::IntegrationTest
                                        :email_confirmation => new_email,
                                        :display_name => display_name,
                                        :auth_provider => "microsoft",
                                        :email_confirmation => new_email,
                                        :display_name => display_name,
                                        :auth_provider => "microsoft",
+                                       :auth_uid => "123454321",
                                        :pass_crypt => "",
                                        :pass_crypt => "",
-                                       :pass_crypt_confirmation => "",
-                                       :consider_pd => "1" } }
+                                       :pass_crypt_confirmation => "" } }
           assert_redirected_to auth_path(:provider => "microsoft", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "microsoft")
           follow_redirect!
           assert_redirected_to auth_failure_path(:strategy => "microsoft", :message => "connection_failed", :origin => "/user/new")
           follow_redirect!
           assert_redirected_to auth_path(:provider => "microsoft", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "microsoft")
           follow_redirect!
           assert_redirected_to auth_failure_path(:strategy => "microsoft", :message => "connection_failed", :origin => "/user/new")
           follow_redirect!
-          assert_response :redirect
-          follow_redirect!
-          assert_response :success
-          assert_template "users/new"
+          assert_redirected_to "/user/new"
         end
       end
     end
         end
       end
     end
@@ -644,29 +862,40 @@ class UserCreationTest < ActionDispatch::IntegrationTest
   end
 
   def test_user_create_microsoft_redirect
   end
 
   def test_user_create_microsoft_redirect
-    OmniAuth.config.add_mock(:microsoft, :uid => "123454321")
-
+    orig_email = "redirect_tester_microsoft_orig@osm.org"
+    email_hmac = UsersController.message_hmac(orig_email)
     new_email = "redirect_tester_microsoft@osm.org"
     display_name = "redirect_tester_microsoft"
     new_email = "redirect_tester_microsoft@osm.org"
     display_name = "redirect_tester_microsoft"
-    # nothing special about this page, just need a protected page to redirect back to.
-    referer = "/traces/mine"
+    auth_uid = "123454321"
+
+    OmniAuth.config.add_mock(:microsoft,
+                             :uid => auth_uid,
+                             :info => { :email => orig_email, :name => display_name })
+
     assert_difference("User.count") do
       assert_difference("ActionMailer::Base.deliveries.size", 1) do
         perform_enqueued_jobs do
     assert_difference("User.count") do
       assert_difference("ActionMailer::Base.deliveries.size", 1) do
         perform_enqueued_jobs do
+          post auth_path(:provider => "microsoft", :origin => "/user/new")
+          assert_redirected_to auth_success_path(:provider => "microsoft")
+          follow_redirect!
+          assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
+                               :email => orig_email, :email_hmac => email_hmac,
+                               :auth_provider => "microsoft", :auth_uid => auth_uid
+          follow_redirect!
+
           post "/user/new",
                :params => { :user => { :email => new_email,
           post "/user/new",
                :params => { :user => { :email => new_email,
-                                       :email_confirmation => new_email,
+                                       :email_hmac => email_hmac,
                                        :display_name => display_name,
                                        :auth_provider => "microsoft",
                                        :display_name => display_name,
                                        :auth_provider => "microsoft",
-                                       :pass_crypt => "testtest",
-                                       :pass_crypt_confirmation => "testtest",
-                                       :consider_pd => "1" },
-                            :referer => referer }
+                                       :auth_uid => auth_uid,
+                                       :consider_pd => "1" } }
           assert_redirected_to auth_path(:provider => "microsoft", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "microsoft")
           follow_redirect!
           assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
           assert_redirected_to auth_path(:provider => "microsoft", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "microsoft")
           follow_redirect!
           assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
+          assert_response :redirect
           follow_redirect!
         end
       end
           follow_redirect!
         end
       end
@@ -703,22 +932,36 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
   def test_user_create_github_success
     new_email = "newtester-github@osm.org"
 
   def test_user_create_github_success
     new_email = "newtester-github@osm.org"
+    email_hmac = UsersController.message_hmac(new_email)
     display_name = "new_tester-github"
     password = "testtest"
     display_name = "new_tester-github"
     password = "testtest"
+    auth_uid = "123454321"
 
 
-    OmniAuth.config.add_mock(:github, :uid => "123454321", :info => { "email" => new_email })
+    OmniAuth.config.add_mock(:github,
+                             :uid => auth_uid,
+                             :info => { "email" => new_email, :name => display_name })
 
     assert_difference("User.count") do
       assert_no_difference("ActionMailer::Base.deliveries.size") do
         perform_enqueued_jobs do
 
     assert_difference("User.count") do
       assert_no_difference("ActionMailer::Base.deliveries.size") do
         perform_enqueued_jobs do
+          post auth_path(:provider => "github", :origin => "/user/new")
+          assert_redirected_to auth_success_path(:provider => "github")
+          follow_redirect!
+          assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
+                               :email => new_email, :email_hmac => email_hmac,
+                               :auth_provider => "github", :auth_uid => auth_uid
+          follow_redirect!
+
           post "/user/new",
                :params => { :user => { :email => new_email,
           post "/user/new",
                :params => { :user => { :email => new_email,
-                                       :email_confirmation => new_email,
                                        :display_name => display_name,
                                        :auth_provider => "github",
                                        :display_name => display_name,
                                        :auth_provider => "github",
+                                       :auth_uid => "123454321",
                                        :pass_crypt => password,
                                        :pass_crypt => password,
-                                       :pass_crypt_confirmation => password,
-                                       :consider_pd => "1" } }
+                                       :pass_crypt_confirmation => password },
+                            :read_ct => 1,
+                            :read_tou => 1,
+                            :email_hmac => email_hmac }
           assert_redirected_to auth_path(:provider => "github", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "github")
           assert_redirected_to auth_path(:provider => "github", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "github")
@@ -736,6 +979,31 @@ class UserCreationTest < ActionDispatch::IntegrationTest
     ActionMailer::Base.deliveries.clear
   end
 
     ActionMailer::Base.deliveries.clear
   end
 
+  def test_user_create_github_duplicate_email
+    dup_user = create(:user)
+    display_name = "new_tester-github"
+    auth_uid = "123454321"
+
+    OmniAuth.config.add_mock(:github,
+                             :uid => auth_uid,
+                             :extra => { :id_info => { :openid_id => "http://localhost:1123/new.tester" } },
+                             :info => { :email => dup_user.email, :name => display_name })
+
+    post auth_path(:provider => "github", :origin => "/user/new")
+    assert_redirected_to auth_success_path(:provider => "github")
+    follow_redirect!
+    assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
+                         :email => dup_user.email, :email_hmac => UsersController.message_hmac(dup_user.email),
+                         :auth_provider => "github", :auth_uid => auth_uid
+    follow_redirect!
+
+    assert_response :success
+    assert_template "users/new"
+    assert_select "form > div > input.is-invalid#user_email"
+
+    ActionMailer::Base.deliveries.clear
+  end
+
   def test_user_create_github_failure
     OmniAuth.config.mock_auth[:github] = :connection_failed
 
   def test_user_create_github_failure
     OmniAuth.config.mock_auth[:github] = :connection_failed
 
@@ -749,19 +1017,16 @@ class UserCreationTest < ActionDispatch::IntegrationTest
                                        :email_confirmation => new_email,
                                        :display_name => display_name,
                                        :auth_provider => "github",
                                        :email_confirmation => new_email,
                                        :display_name => display_name,
                                        :auth_provider => "github",
+                                       :auth_uid => "123454321",
                                        :pass_crypt => "",
                                        :pass_crypt => "",
-                                       :pass_crypt_confirmation => "",
-                                       :consider_pd => "1" } }
+                                       :pass_crypt_confirmation => "" } }
           assert_redirected_to auth_path(:provider => "github", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "github")
           follow_redirect!
           assert_redirected_to auth_failure_path(:strategy => "github", :message => "connection_failed", :origin => "/user/new")
           follow_redirect!
           assert_redirected_to auth_path(:provider => "github", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "github")
           follow_redirect!
           assert_redirected_to auth_failure_path(:strategy => "github", :message => "connection_failed", :origin => "/user/new")
           follow_redirect!
-          assert_response :redirect
-          follow_redirect!
-          assert_response :success
-          assert_template "users/new"
+          assert_redirected_to "/user/new"
         end
       end
     end
         end
       end
     end
@@ -770,29 +1035,39 @@ class UserCreationTest < ActionDispatch::IntegrationTest
   end
 
   def test_user_create_github_redirect
   end
 
   def test_user_create_github_redirect
-    OmniAuth.config.add_mock(:github, :uid => "123454321")
-
+    orig_email = "redirect_tester_github_orig@osm.org"
+    email_hmac = UsersController.message_hmac(orig_email)
     new_email = "redirect_tester_github@osm.org"
     display_name = "redirect_tester_github"
     new_email = "redirect_tester_github@osm.org"
     display_name = "redirect_tester_github"
-    # nothing special about this page, just need a protected page to redirect back to.
-    referer = "/traces/mine"
+    auth_uid = "123454321"
+
+    OmniAuth.config.add_mock(:github,
+                             :uid => auth_uid,
+                             :info => { :email => orig_email, :name => display_name })
+
     assert_difference("User.count") do
       assert_difference("ActionMailer::Base.deliveries.size", 1) do
         perform_enqueued_jobs do
     assert_difference("User.count") do
       assert_difference("ActionMailer::Base.deliveries.size", 1) do
         perform_enqueued_jobs do
+          post auth_path(:provider => "github", :origin => "/user/new")
+          assert_redirected_to auth_success_path(:provider => "github")
+          follow_redirect!
+          assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
+                               :email => orig_email, :email_hmac => email_hmac,
+                               :auth_provider => "github", :auth_uid => auth_uid
+          follow_redirect!
           post "/user/new",
                :params => { :user => { :email => new_email,
           post "/user/new",
                :params => { :user => { :email => new_email,
-                                       :email_confirmation => new_email,
+                                       :email_hmac => email_hmac,
                                        :display_name => display_name,
                                        :auth_provider => "github",
                                        :display_name => display_name,
                                        :auth_provider => "github",
-                                       :pass_crypt => "testtest",
-                                       :pass_crypt_confirmation => "testtest",
-                                       :consider_pd => "1" },
-                            :referer => referer }
+                                       :auth_uid => auth_uid,
+                                       :consider_pd => "1" } }
           assert_redirected_to auth_path(:provider => "github", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "github")
           follow_redirect!
           assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
           assert_redirected_to auth_path(:provider => "github", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "github")
           follow_redirect!
           assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
+          assert_response :redirect
           follow_redirect!
         end
       end
           follow_redirect!
         end
       end
@@ -829,22 +1104,35 @@ class UserCreationTest < ActionDispatch::IntegrationTest
 
   def test_user_create_wikipedia_success
     new_email = "newtester-wikipedia@osm.org"
 
   def test_user_create_wikipedia_success
     new_email = "newtester-wikipedia@osm.org"
+    email_hmac = UsersController.message_hmac(new_email)
     display_name = "new_tester-wikipedia"
     password = "testtest"
     display_name = "new_tester-wikipedia"
     password = "testtest"
+    auth_uid = "123454321"
 
 
-    OmniAuth.config.add_mock(:wikipedia, :uid => "123454321", :info => { "email" => new_email })
+    OmniAuth.config.add_mock(:wikipedia,
+                             :uid => auth_uid,
+                             :info => { :email => new_email, :name => display_name })
 
     assert_difference("User.count") do
       assert_no_difference("ActionMailer::Base.deliveries.size") do
         perform_enqueued_jobs do
 
     assert_difference("User.count") do
       assert_no_difference("ActionMailer::Base.deliveries.size") do
         perform_enqueued_jobs do
+          post auth_path(:provider => "wikipedia", :origin => "/user/new")
+          assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
+          follow_redirect!
+          assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
+                               :email => new_email, :email_hmac => email_hmac,
+                               :auth_provider => "wikipedia", :auth_uid => auth_uid
+          follow_redirect!
           post "/user/new",
                :params => { :user => { :email => new_email,
           post "/user/new",
                :params => { :user => { :email => new_email,
-                                       :email_confirmation => new_email,
                                        :display_name => display_name,
                                        :auth_provider => "wikipedia",
                                        :display_name => display_name,
                                        :auth_provider => "wikipedia",
+                                       :auth_uid => "123454321",
                                        :pass_crypt => password,
                                        :pass_crypt => password,
-                                       :pass_crypt_confirmation => password,
-                                       :consider_pd => "1" } }
+                                       :pass_crypt_confirmation => password },
+                            :read_ct => 1,
+                            :read_tou => 1,
+                            :email_hmac => email_hmac }
           assert_redirected_to auth_path(:provider => "wikipedia", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
           assert_redirected_to auth_path(:provider => "wikipedia", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
@@ -858,6 +1146,28 @@ class UserCreationTest < ActionDispatch::IntegrationTest
     # Check the page
     assert_response :success
     assert_template "site/welcome"
     # Check the page
     assert_response :success
     assert_template "site/welcome"
+  end
+
+  def test_user_create_wikipedia_duplicate_email
+    dup_user = create(:user)
+    display_name = "new_tester-wikipedia"
+    auth_uid = "123454321"
+
+    OmniAuth.config.add_mock(:wikipedia,
+                             :uid => auth_uid,
+                             :info => { "email" => dup_user.email, :name => display_name })
+
+    post auth_path(:provider => "wikipedia", :origin => "/user/new")
+    assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
+    follow_redirect!
+    assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
+                         :email => dup_user.email, :email_hmac => UsersController.message_hmac(dup_user.email),
+                         :auth_provider => "wikipedia", :auth_uid => auth_uid
+    follow_redirect!
+
+    assert_response :success
+    assert_template "users/new"
+    assert_select "form > div > input.is-invalid#user_email"
 
     ActionMailer::Base.deliveries.clear
   end
 
     ActionMailer::Base.deliveries.clear
   end
@@ -875,19 +1185,16 @@ class UserCreationTest < ActionDispatch::IntegrationTest
                                        :email_confirmation => new_email,
                                        :display_name => display_name,
                                        :auth_provider => "wikipedia",
                                        :email_confirmation => new_email,
                                        :display_name => display_name,
                                        :auth_provider => "wikipedia",
+                                       :auth_uid => "123454321",
                                        :pass_crypt => "",
                                        :pass_crypt => "",
-                                       :pass_crypt_confirmation => "",
-                                       :consider_pd => "1" } }
+                                       :pass_crypt_confirmation => "" } }
           assert_redirected_to auth_path(:provider => "wikipedia", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
           follow_redirect!
           assert_redirected_to auth_failure_path(:strategy => "wikipedia", :message => "connection_failed", :origin => "/user/new")
           follow_redirect!
           assert_redirected_to auth_path(:provider => "wikipedia", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
           follow_redirect!
           assert_redirected_to auth_failure_path(:strategy => "wikipedia", :message => "connection_failed", :origin => "/user/new")
           follow_redirect!
-          assert_response :redirect
-          follow_redirect!
-          assert_response :success
-          assert_template "users/new"
+          assert_redirected_to "/user/new"
         end
       end
     end
         end
       end
     end
@@ -896,29 +1203,41 @@ class UserCreationTest < ActionDispatch::IntegrationTest
   end
 
   def test_user_create_wikipedia_redirect
   end
 
   def test_user_create_wikipedia_redirect
-    OmniAuth.config.add_mock(:wikipedia, :uid => "123454321")
-
+    orig_email = "redirect_tester_wikipedia_orig@osm.org"
+    email_hmac = UsersController.message_hmac(orig_email)
     new_email = "redirect_tester_wikipedia@osm.org"
     display_name = "redirect_tester_wikipedia"
     new_email = "redirect_tester_wikipedia@osm.org"
     display_name = "redirect_tester_wikipedia"
+    auth_uid = "123454321"
+
+    OmniAuth.config.add_mock(:wikipedia,
+                             :uid => auth_uid,
+                             :info => { :email => orig_email, :name => display_name })
+
     # nothing special about this page, just need a protected page to redirect back to.
     # nothing special about this page, just need a protected page to redirect back to.
-    referer = "/traces/mine"
     assert_difference("User.count") do
       assert_difference("ActionMailer::Base.deliveries.size", 1) do
         perform_enqueued_jobs do
     assert_difference("User.count") do
       assert_difference("ActionMailer::Base.deliveries.size", 1) do
         perform_enqueued_jobs do
+          post auth_path(:provider => "wikipedia", :origin => "/user/new")
+          assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
+          follow_redirect!
+          assert_redirected_to :controller => :users, :action => "new", :nickname => display_name,
+                               :email => orig_email, :email_hmac => email_hmac,
+                               :auth_provider => "wikipedia", :auth_uid => auth_uid
+          follow_redirect!
+
           post "/user/new",
                :params => { :user => { :email => new_email,
           post "/user/new",
                :params => { :user => { :email => new_email,
-                                       :email_confirmation => new_email,
+                                       :email_hmac => email_hmac,
                                        :display_name => display_name,
                                        :auth_provider => "wikipedia",
                                        :display_name => display_name,
                                        :auth_provider => "wikipedia",
-                                       :pass_crypt => "testtest",
-                                       :pass_crypt_confirmation => "testtest",
-                                       :consider_pd => "1" },
-                            :referer => referer }
+                                       :auth_uid => auth_uid,
+                                       :consider_pd => "1" } }
           assert_redirected_to auth_path(:provider => "wikipedia", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
           follow_redirect!
           assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
           assert_redirected_to auth_path(:provider => "wikipedia", :origin => "/user/new")
           post response.location
           assert_redirected_to auth_success_path(:provider => "wikipedia", :origin => "/user/new")
           follow_redirect!
           assert_redirected_to :controller => :confirmations, :action => :confirm, :display_name => display_name
+          assert_response :redirect
           follow_redirect!
         end
       end
           follow_redirect!
         end
       end