closes CNVS-19452
* add the column and foreign key, uniquely index it,
and replace the old unique index to make sure it's null
* change lookup of pseudonyms on log in. CAS/SAML/LDAP
look for matching or non-namespaced pseudonyms. OAuth
looks only for matching.
* update API for creating/exposing the provider info
* update canvas_authentication modulation so it's only forced to true
when deleting the LAST aac
test plan:
* create a pseudonym for a specific provider (via the API)
* ensure that even it matches for another provider, it's
not found when you try to log in
* check a CAS login will find a pseudonym with no provider,
or the correct one
* check that a OAuth login won't find a pseudonym not
associated with any provider
* finally, check that a OAuth login _will_ work with a
matching pseudonym
Change-Id: I5d9ef8a992c6e0f6e1d8e13e4fb87d25304d982e
Reviewed-on: https://gerrit.instructure.com/55117
Reviewed-by: Cody Cutrer <cody@instructure.com>
Tested-by: Jenkins
QA-Review: August Thornton <august@instructure.com>
Product-Review: Ethan Vizitei <evizitei@instructure.com>
ff056664b2