From eedde24cc046ea517c6d6e455bcdd46a97e4c05b Mon Sep 17 00:00:00 2001 From: Michael Auerswald Date: Thu, 13 Jul 2023 23:41:52 +0200 Subject: [PATCH] fix(core): Use lower cased email for SAML email attribute (#6663) lower case saml email attribute --- packages/cli/src/sso/saml/saml.service.ee.ts | 3 ++- packages/cli/src/sso/saml/samlHelpers.ts | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/packages/cli/src/sso/saml/saml.service.ee.ts b/packages/cli/src/sso/saml/saml.service.ee.ts index cbeb3dee3a..fa63646f9d 100644 --- a/packages/cli/src/sso/saml/saml.service.ee.ts +++ b/packages/cli/src/sso/saml/saml.service.ee.ts @@ -145,8 +145,9 @@ export class SamlService { }> { const attributes = await this.getAttributesFromLoginResponse(req, binding); if (attributes.email) { + const lowerCasedEmail = attributes.email.toLowerCase(); const user = await Db.collections.User.findOne({ - where: { email: attributes.email }, + where: { email: lowerCasedEmail }, relations: ['globalRole', 'authIdentities'], }); if (user) { diff --git a/packages/cli/src/sso/saml/samlHelpers.ts b/packages/cli/src/sso/saml/samlHelpers.ts index d2d1c26a14..db2ad210e1 100644 --- a/packages/cli/src/sso/saml/samlHelpers.ts +++ b/packages/cli/src/sso/saml/samlHelpers.ts @@ -97,7 +97,8 @@ export function generatePassword(): string { export async function createUserFromSamlAttributes(attributes: SamlUserAttributes): Promise { const user = new User(); const authIdentity = new AuthIdentity(); - user.email = attributes.email; + const lowerCasedEmail = attributes.email?.toLowerCase() ?? ''; + user.email = lowerCasedEmail; user.firstName = attributes.firstName; user.lastName = attributes.lastName; user.globalRole = await Container.get(RoleRepository).findGlobalMemberRoleOrFail();