Django-allauth - new users signed up via Microsoft integration trigger "No exception message supplied"
I've been working on an integration using django-allauth with Microsoft (EntraID) to allow SSO and it's working well for existing users with their accounts being matched on email address however when a new user goes through the flow I'm receiving the following exception No exception message supplied which is raised by site-packages/allauth/account/utils.py, line 227, in setup_user_email, raised during allauth.socialaccount.providers.oauth2.views.view. If the same user then goes back through the SSO sign-in flow then it works as it matches the account and they get through.
Below are the combination of configuration settings I have in settings.py, the app itself is configured via Django Admin
SOCIALACCOUNT_PROVIDERS = {
"microsoft": {
"APPS": [],
"EMAIL_AUTHENTICATION": True,
"VERIFIED_EMAIL": True,
}
}
ACCOUNT_LOGIN_METHODS = {"email"}
ACCOUNT_SIGNUP_FIELDS = ["email*"]
ACCOUNT_EMAIL_VERIFICATION = "none"
ACCOUNT_DEFAULT_HTTP_PROTOCOL = "https"
SOCIALACCOUNT_AUTO_SIGNUP = True
SOCIALACCOUNT_EMAIL_AUTHENTICATION = True
SOCIALACCOUNT_LOGIN_ON_GET = True
SOCIALACCOUNT_EMAIL_AUTHENTICATION_AUTO_CONNECT = True
SOCIALACCOUNT_EMAIL_REQUIRED = True
I've set the settings above based upon the following two configuration setting pages (https://docs.allauth.org/en/latest/account/configuration.html and https://docs.allauth.org/en/latest/socialaccount/configuration.html ) and upon my understanding that these combinations of settings should ensure that existing accounts are matched via email address, that the user will be automatically signed in when matched and that new accounts will be automatically created without showing the sign-up form and without sending the additional email verification. That all appears to be happening but the exception is being triggered when that feels like it's a mistake.
Whilst trying to debug I found that the line triggering the exception is assert not EmailAddress.objects.filter(user=user).exists() # nosec which if odd as the Django user account, the EmailAddress and the SocialAccount record have all been created correctly.
I added logging into allauth.account.utils and confirmed that EmailAddress.objects.filter(user=user).count() == 1 at the point that the setup_user_email function is called. which means the assert will never pass since the EmailAddress entry has already been created.
Does anyone have SSO working with Microsoft EntraID where new accounts are automatically created when users come back? If so what settings do you have setup and/or did you have to subclass DefaultSocialAccountAdapter in order to overload the save_user method to pass through connect=False
Version details:
Python: 3.12 Django: 5.1.7 django-allauth Version: 65.5.0
Update To note the flow does work as expected if I subclass DefaultSocialAccountAdapter and force connect=True into the save call
class CustomSocialAccountAdapter(DefaultSocialAccountAdapter):
"""Overloading the adapter to force the connect=True"""
def save_user(self, request, sociallogin, form=None):
"""
Saves a newly signed up social login. In case of auto-signup,
the signup form is not available.
"""
u = sociallogin.user
u.set_unusable_password()
if form:
get_account_adapter().save_user(request, u, form)
else:
get_account_adapter().populate_username(request, u)
sociallogin.save(request, connect=True)
return u