fix: Lowercase email from auth providers to match any outstanding invites (#3369)

* fix: Lowercase email from auth providers to match any outstanding invites

* fix

server/commands/userCreator.test.ts

@@ -187,12 +187,13 @@ describe("userCreator", () => {
     const team = await buildTeam();
     const invite = await buildInvite({
       teamId: team.id,
+      email: "invite@example.com",
     });
     const authenticationProviders = await team.$get("authenticationProviders");
     const authenticationProvider = authenticationProviders[0];
     const result = await userCreator({
       name: invite.name,
-      email: invite.email!,
+      email: "invite@ExamPle.com",
       teamId: invite.teamId,
       ip,
       authentication: {

server/commands/userCreator.ts

@@ -86,7 +86,9 @@ export default async function userCreator({
   // shell user record.
   const invite = await User.findOne({
     where: {
-      email,
+      // Email from auth providers may be capitalized and we should respect that
+      // however any existing invites will always be lowercased.
+      email: email.toLowerCase(),
       teamId,
       lastActiveAt: {
         [Op.is]: null,

server/routes/auth/providers/azure.ts

@@ -40,7 +40,7 @@ if (AZURE_CLIENT_ID) {
       try {
         // see docs for what the fields in profile represent here:
         // https://docs.microsoft.com/en-us/azure/active-directory/develop/access-tokens
-        const profile = jwt.decode(params.id_token);
+        const profile = jwt.decode(params.id_token) as jwt.JwtPayload;
 
         // Load the users profile from the Microsoft Graph API
         // https://docs.microsoft.com/en-us/graph/api/resources/users?view=graph-rest-1.0
@@ -69,7 +69,6 @@ if (AZURE_CLIENT_ID) {
         }
 
         const organization = organizationResponse.value[0];
-        // @ts-expect-error ts-migrate(2531) FIXME: Object is possibly 'null'.
         const email = profile.email || profileResponse.mail;
 
         if (!email) {
@@ -89,19 +88,15 @@ if (AZURE_CLIENT_ID) {
             subdomain,
           },
           user: {
-            // @ts-expect-error ts-migrate(2531) FIXME: Object is possibly 'null'.
             name: profile.name,
             email,
-            // @ts-expect-error ts-migrate(2531) FIXME: Object is possibly 'null'.
             avatarUrl: profile.picture,
           },
           authenticationProvider: {
             name: providerName,
-            // @ts-expect-error ts-migrate(2531) FIXME: Object is possibly 'null'.
             providerId: profile.tid,
           },
           authentication: {
-            // @ts-expect-error ts-migrate(2531) FIXME: Object is possibly 'null'.
             providerId: profile.oid,
             accessToken,
             refreshToken,

server/routes/auth/providers/google.ts

@@ -61,8 +61,8 @@ if (GOOGLE_CLIENT_ID) {
               subdomain,
             },
             user: {
-              name: profile.displayName,
               email: profile.email,
+              name: profile.displayName,
               avatarUrl: profile.picture,
             },
             authenticationProvider: {

server/routes/auth/providers/oidc.ts

@@ -76,7 +76,7 @@ if (OIDC_CLIENT_ID) {
             );
           }
 
-          const parts = profile.email.split("@");
+          const parts = profile.email.toLowerCase().split("@");
           const domain = parts.length && parts[1];
 
           if (!domain) {