Force OpenID UID to be lowercase

app/classes/oidc/CoreIDAdapter.js

@@ -18,6 +18,10 @@ class CoreIDAdapter {
             expiresAt = new Date(Date.now() + (expiresIn * 1000))
         }
 
+        if ( payload.uid ) {
+            payload.uid = payload.uid.toLowerCase()
+        }
+
         await this.coll().updateOne(
             { _id },
             { $set: { payload, ...(expiresAt ? { expiresAt } : undefined) } },
@@ -49,7 +53,7 @@ class CoreIDAdapter {
 
     async findByUid(uid) {
         const result = await this.coll().find(
-            { 'payload.uid': uid },
+            { 'payload.uid': uid.toLowerCase() },
             { payload: 1 },
         ).limit(1).next()
 

app/controllers/OpenID.controller.js

@@ -126,7 +126,7 @@ class OpenIDController extends Controller {
             return this.fail(res, 'Sorry, something has gone wrong.')
         }
 
-        return this[name](req, res, { uid: uid, prompt, params, session })
+        return this[name](req, res, { uid: uid.toLowerCase(), prompt, params, session })
     }
 
     async consent(req, res, { uid, prompt, params, session }) {
@@ -172,7 +172,7 @@ class OpenIDController extends Controller {
                     {
                         text: req.T('common.grant'),
                         action: 'redirect',
-                        next: `/openid/interaction/${uid}/grant`,
+                        next: `/openid/interaction/${uid.toLowerCase()}/grant`,
                     },
                 ],
             })
@@ -180,7 +180,7 @@ class OpenIDController extends Controller {
     }
 
     async login(req, res, { uid, prompt, params, session }) {
-        return res.redirect(`/openid/interaction/${uid}/start-session`)
+        return res.redirect(`/openid/interaction/${uid.toLowerCase()}/start-session`)
     }
 
     /**