fix: Unable to login with matching email from another auth provider (#4356)

* fix: Unable to login with matching email from another auth provider * refactor
2022-10-29 16:46:29 -04:00
parent 79cbe304da
commit f6f90ff406
4 changed files with 88 additions and 51 deletions
--- a/server/commands/userProvisioner.test.ts
+++ b/server/commands/userProvisioner.test.ts
@@ -301,20 +301,11 @@ describe("userProvisioner", () => {
      email: externalUser.email,
    });

-    const authenticationProviders = await team.$get("authenticationProviders");
-    const authenticationProvider = authenticationProviders[0];
    const result = await userProvisioner({
      name: invite.name,
      email: "external@ExamPle.com", // ensure that email is case insensistive
      teamId: invite.teamId,
-      emailMatchOnly: true,
      ip,
-      authentication: {
-        authenticationProviderId: authenticationProvider.id,
-        providerId: "whatever",
-        accessToken: "123",
-        scopes: ["read"],
-      },
    });
    const { user, authentication, isNewUser } = result;
    expect(authentication).toEqual(null);
@@ -351,7 +342,7 @@ describe("userProvisioner", () => {
    );
  });

-  it("should create a user from allowed Domain", async () => {
+  it("should create a user from allowed domain", async () => {
    const { admin, team } = await seed();
    await TeamDomain.create({
      teamId: team.id,
@@ -382,6 +373,44 @@ describe("userProvisioner", () => {
    expect(isNewUser).toEqual(true);
  });

+  it("should create a user from allowed domain with emailMatchOnly", async () => {
+    const { admin, team } = await seed();
+    await TeamDomain.create({
+      teamId: team.id,
+      name: "example-company.com",
+      createdById: admin.id,
+    });
+
+    const result = await userProvisioner({
+      name: "Test Name",
+      email: "user@example-company.com",
+      teamId: team.id,
+      ip,
+    });
+    const { user, authentication, isNewUser } = result;
+    expect(authentication).toBeUndefined();
+    expect(user.email).toEqual("user@example-company.com");
+    expect(isNewUser).toEqual(true);
+  });
+
+  it("should not create a user with emailMatchOnly when no allowed domains are set", async () => {
+    const { team } = await seed();
+    let error;
+
+    try {
+      await userProvisioner({
+        name: "Test Name",
+        email: "user@example-company.com",
+        teamId: team.id,
+        ip,
+      });
+    } catch (err) {
+      error = err;
+    }
+
+    expect(error && error.toString()).toContain("UnauthorizedError");
+  });
+
  it("should reject an user when the domain is not allowed", async () => {
    const { admin, team } = await seed();
    await TeamDomain.create({