diff --git a/server/commands/userCreator.test.ts b/server/commands/userCreator.test.ts index 7e57873da..2487e2ec2 100644 --- a/server/commands/userCreator.test.ts +++ b/server/commands/userCreator.test.ts @@ -187,12 +187,13 @@ describe("userCreator", () => { const team = await buildTeam(); const invite = await buildInvite({ teamId: team.id, + email: "invite@example.com", }); const authenticationProviders = await team.$get("authenticationProviders"); const authenticationProvider = authenticationProviders[0]; const result = await userCreator({ name: invite.name, - email: invite.email!, + email: "invite@ExamPle.com", teamId: invite.teamId, ip, authentication: { diff --git a/server/commands/userCreator.ts b/server/commands/userCreator.ts index a5fe3ef05..4d39c9832 100644 --- a/server/commands/userCreator.ts +++ b/server/commands/userCreator.ts @@ -86,7 +86,9 @@ export default async function userCreator({ // shell user record. const invite = await User.findOne({ where: { - email, + // Email from auth providers may be capitalized and we should respect that + // however any existing invites will always be lowercased. + email: email.toLowerCase(), teamId, lastActiveAt: { [Op.is]: null, diff --git a/server/routes/auth/providers/azure.ts b/server/routes/auth/providers/azure.ts index 91dbb2456..9adefe81b 100644 --- a/server/routes/auth/providers/azure.ts +++ b/server/routes/auth/providers/azure.ts @@ -40,7 +40,7 @@ if (AZURE_CLIENT_ID) { try { // see docs for what the fields in profile represent here: // https://docs.microsoft.com/en-us/azure/active-directory/develop/access-tokens - const profile = jwt.decode(params.id_token); + const profile = jwt.decode(params.id_token) as jwt.JwtPayload; // Load the users profile from the Microsoft Graph API // https://docs.microsoft.com/en-us/graph/api/resources/users?view=graph-rest-1.0 @@ -69,7 +69,6 @@ if (AZURE_CLIENT_ID) { } const organization = organizationResponse.value[0]; - // @ts-expect-error ts-migrate(2531) FIXME: Object is possibly 'null'. const email = profile.email || profileResponse.mail; if (!email) { @@ -89,19 +88,15 @@ if (AZURE_CLIENT_ID) { subdomain, }, user: { - // @ts-expect-error ts-migrate(2531) FIXME: Object is possibly 'null'. name: profile.name, email, - // @ts-expect-error ts-migrate(2531) FIXME: Object is possibly 'null'. avatarUrl: profile.picture, }, authenticationProvider: { name: providerName, - // @ts-expect-error ts-migrate(2531) FIXME: Object is possibly 'null'. providerId: profile.tid, }, authentication: { - // @ts-expect-error ts-migrate(2531) FIXME: Object is possibly 'null'. providerId: profile.oid, accessToken, refreshToken, diff --git a/server/routes/auth/providers/google.ts b/server/routes/auth/providers/google.ts index f8ccb52a4..91c157fbc 100644 --- a/server/routes/auth/providers/google.ts +++ b/server/routes/auth/providers/google.ts @@ -61,8 +61,8 @@ if (GOOGLE_CLIENT_ID) { subdomain, }, user: { - name: profile.displayName, email: profile.email, + name: profile.displayName, avatarUrl: profile.picture, }, authenticationProvider: { diff --git a/server/routes/auth/providers/oidc.ts b/server/routes/auth/providers/oidc.ts index b25c5a4f4..ec9088ac5 100644 --- a/server/routes/auth/providers/oidc.ts +++ b/server/routes/auth/providers/oidc.ts @@ -76,7 +76,7 @@ if (OIDC_CLIENT_ID) { ); } - const parts = profile.email.split("@"); + const parts = profile.email.toLowerCase().split("@"); const domain = parts.length && parts[1]; if (!domain) {