Force OpenID UID to be lowercase

2020-10-19 09:35:49 -05:00 · 2020-10-19 09:35:49 -05:00 · 6b3339a883
commit 6b3339a883
parent 8f1bbfef56
2 changed files with 8 additions and 4 deletions
--- a/app/classes/oidc/CoreIDAdapter.js
+++ b/app/classes/oidc/CoreIDAdapter.js
@ -18,6 +18,10 @@ class CoreIDAdapter {
            expiresAt = new Date(Date.now() + (expiresIn * 1000))
        }

+        if ( payload.uid ) {
+            payload.uid = payload.uid.toLowerCase()
+        }
+
        await this.coll().updateOne(
            { _id },
            { $set: { payload, ...(expiresAt ? { expiresAt } : undefined) } },
@ -49,7 +53,7 @@ class CoreIDAdapter {

    async findByUid(uid) {
        const result = await this.coll().find(
-            { 'payload.uid': uid },
+            { 'payload.uid': uid.toLowerCase() },
            { payload: 1 },
        ).limit(1).next()

--- a/app/controllers/OpenID.controller.js
+++ b/app/controllers/OpenID.controller.js
@ -126,7 +126,7 @@ class OpenIDController extends Controller {
            return this.fail(res, 'Sorry, something has gone wrong.')
        }

-        return this[name](req, res, { uid: uid, prompt, params, session })
+        return this[name](req, res, { uid: uid.toLowerCase(), prompt, params, session })
    }

    async consent(req, res, { uid, prompt, params, session }) {
@ -172,7 +172,7 @@ class OpenIDController extends Controller {
                    {
                        text: req.T('common.grant'),
                        action: 'redirect',
-                        next: `/openid/interaction/${uid}/grant`,
+                        next: `/openid/interaction/${uid.toLowerCase()}/grant`,
                    },
                ],
            })
@ -180,7 +180,7 @@ class OpenIDController extends Controller {
    }

    async login(req, res, { uid, prompt, params, session }) {
-        return res.redirect(`/openid/interaction/${uid}/start-session`)
+        return res.redirect(`/openid/interaction/${uid.toLowerCase()}/start-session`)
    }

    /**