fix(core): Use lower cased email for SAML email attribute (#6663)

lower case saml email attribute
This commit is contained in:
Michael Auerswald 2023-07-13 23:41:52 +02:00 committed by GitHub
parent 0c47be254b
commit eedde24cc0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 2 deletions

View file

@ -145,8 +145,9 @@ export class SamlService {
}> {
const attributes = await this.getAttributesFromLoginResponse(req, binding);
if (attributes.email) {
const lowerCasedEmail = attributes.email.toLowerCase();
const user = await Db.collections.User.findOne({
where: { email: attributes.email },
where: { email: lowerCasedEmail },
relations: ['globalRole', 'authIdentities'],
});
if (user) {

View file

@ -97,7 +97,8 @@ export function generatePassword(): string {
export async function createUserFromSamlAttributes(attributes: SamlUserAttributes): Promise<User> {
const user = new User();
const authIdentity = new AuthIdentity();
user.email = attributes.email;
const lowerCasedEmail = attributes.email?.toLowerCase() ?? '';
user.email = lowerCasedEmail;
user.firstName = attributes.firstName;
user.lastName = attributes.lastName;
user.globalRole = await Container.get(RoleRepository).findGlobalMemberRoleOrFail();