Streamline email confirmation for SSO sign-in

Commit 6af91b6 streamlined the email confirmation process for unconfirmed users with no confirmation_token. Specifically, it targeted users attempting to sign in via the app's standard sign-in form.

This change applies the same streamlining to users attempting to sign in via SSO/Shibboleth. Specifically, when a user attempts to sign in this way, the `.confirmed_or_has_confirmation_token?` is performed on them. If it returns false, then the confirmation_token is generated for the user and they are auto-sent a confirmation instructions email. (Refer to commit 6af91b6 for more regarding this streamlined process.)

Author: aaronskiba

app/controllers/users/omniauth_callbacks_controller.rb

@@ -40,6 +40,10 @@ def handle_omniauth(scheme)
         # Otherwise sign them in
         elsif scheme.name == 'shibboleth'
           # Until ORCID becomes supported as a login method
+          unless existing_user.confirmed_or_has_confirmation_token?
+            handle_missing_confirmation_instructions(existing_user)
+            return
+          end
           set_flash_message(:notice, :success, kind: scheme.description) if is_navigational_format?
           sign_in_and_redirect user, event: :authentication
         else
@@ -83,4 +87,14 @@ def failure
       redirect_to root_path
     end
   end
+
+  private
+
+  def handle_missing_confirmation_instructions(user)
+    # Generate a confirmation_token and email confirmation instructions to the user
+    user.send_confirmation_instructions
+    # Notify the user they are unconfirmed but confirmation instructions have been sent
+    flash[:notice] = I18n.t('devise.registrations.signed_up_but_unconfirmed')
+    redirect_to root_path
+  end
 end