feat: associates user by email for oauth when tpa is required

1.  

   1. Description

Currently, in the edX platform, if you try to login with an SSO account using the login form, a username is generated for you based on the email that is used with the SSO provider.

The username is generated using the pipeline `third_party_auth.pipeline.get_username`.

If the username already exists in the platform, you run into a small conflict which sends you back to the login form and requests the following:

It basically requests that you link your edX account and your SSO account.

However, sometimes we would want the edX account and SSO account to be associated by email. There's already a special pipeline available in the platform for that, `third_party_auth.pipeline.associate_by_email_if_login_api`. Sadly, however, it is only available for a certain entry method of authentication, called `login_api`.

~_{So in order to start associating the edX account and SSO account by email, this pull request adds a waffle switch.}~

~_{*Update:* After a lot of reading through the code and investigation, it seems like the `login_api` auth entry is no longer used. Accordingly, I took the liberty of removing said pipeline and replacing it with something that seemed useful. Now the pipeline runs whenever third party authentication is required.}~

*Update*: After @waheedahmed's [findings](https://github.com/edx/edx-platform/pull/25935#pullrequestreview-611983769), which is that `login_api` is in fact still used, and @zamanafzal's [request](https://github.com/edx/edx-platform/pull/25935#discussion_r595030485), which is to make the functionality specific to Oauth providers, a new pipeline was added to associate the user by email *only when the following conditions are met*:

• The social auth provider is an Oauth2 provider

• The `ENABLE_REQUIRE_THIRD_PARTY_AUTH` is enabled

1.  

   1. Supporting information

• *JIRA tickets*: SE-3816, (https://openedx.atlassian.net/browse/OSPR-5312)

• *Sandbox URL*:

• Default Behavior:

• LMS: https://pr25935-default.sandbox.opencraft.hosting/

• Studio: https://studio.pr25935-default.sandbox.opencraft.hosting/

• New Behavior:

• LMS: https://pr25935.sandbox.opencraft.hosting/

• Studio: https://studio.pr25935.sandbox.opencraft.hosting/

1.  

   1. Testing instructions

1.  

   1.  

      1. Preparation

Please send an email to `nizar` at `opencraft.com`, requesting to be added as a test user to the Google SSO used for this sandbox.

*You need a Google Account, because you'll be using the same email address when registering through the form and through the SSO.*

1.  

   1.  

      1. Reproducing the problem

1.  

   1.  

      1.  

         1. Logging in with the SSO

Login with the Google SSO over at the sandbox with [default behavior](https://pr25935-default.sandbox.opencraft.hosting/)

1.  

   1.  

      1.  

         1. Removing Social Auth Record

Sign in as `staff`:`edx` into the [django admin](https://pr25935-default.sandbox.opencraft.hosting/admin) and delete the [user social auth](https://pr25935-default.sandbox.opencraft.hosting/admin/social_django/usersocialauth) for your user.

1.  

   1.  

      1.  

         1. Logging in with the SSO, again...

Login, again, with the Google SSO over at the sandbox with [default behavior](https://pr25935-default.sandbox.opencraft.hosting/). After doing that, you should receive a similar screenshot

1.  

   1.  

      1. Testing the fix

1.  

   1.  

      1.  

         1. Logging in with the SSO

Login with the Google SSO over at the sandbox with [default behavior](https://pr25935.sandbox.opencraft.hosting/)

1.  

   1.  

      1.  

         1. Removing Social Auth Record

Sign in as `staff`:`edx` into the [django admin](https://pr25935.sandbox.opencraft.hosting/admin) and delete the [user social auth](https://pr25935.sandbox.opencraft.hosting/admin/social_django/usersocialauth) for your user.

1.  

   1.  

      1.  

         1. Logging in with the SSO, again...

Login, again, with the Google SSO over at the sandbox with [default behavior](https://pr25935.sandbox.opencraft.hosting/). After that, you should be able to directly login 😃

*Settings*
```yaml
EDXAPP_LMS_ENV_EXTRA:
ENABLE_REQUIRE_THIRD_PARTY_AUTH: true
```