Force OpenID UID to be lowercase
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Garrett Mills 2020-10-19 09:35:49 -05:00
parent 8f1bbfef56
commit 6b3339a883
Signed by: garrettmills
GPG Key ID: D2BF5FBA8298F246
2 changed files with 8 additions and 4 deletions

View File

@ -18,6 +18,10 @@ class CoreIDAdapter {
expiresAt = new Date(Date.now() + (expiresIn * 1000))
}
if ( payload.uid ) {
payload.uid = payload.uid.toLowerCase()
}
await this.coll().updateOne(
{ _id },
{ $set: { payload, ...(expiresAt ? { expiresAt } : undefined) } },
@ -49,7 +53,7 @@ class CoreIDAdapter {
async findByUid(uid) {
const result = await this.coll().find(
{ 'payload.uid': uid },
{ 'payload.uid': uid.toLowerCase() },
{ payload: 1 },
).limit(1).next()

View File

@ -126,7 +126,7 @@ class OpenIDController extends Controller {
return this.fail(res, 'Sorry, something has gone wrong.')
}
return this[name](req, res, { uid: uid, prompt, params, session })
return this[name](req, res, { uid: uid.toLowerCase(), prompt, params, session })
}
async consent(req, res, { uid, prompt, params, session }) {
@ -172,7 +172,7 @@ class OpenIDController extends Controller {
{
text: req.T('common.grant'),
action: 'redirect',
next: `/openid/interaction/${uid}/grant`,
next: `/openid/interaction/${uid.toLowerCase()}/grant`,
},
],
})
@ -180,7 +180,7 @@ class OpenIDController extends Controller {
}
async login(req, res, { uid, prompt, params, session }) {
return res.redirect(`/openid/interaction/${uid}/start-session`)
return res.redirect(`/openid/interaction/${uid.toLowerCase()}/start-session`)
}
/**