fix(core): Use lower cased email for SAML email attribute (#6663)

lower case saml email attribute
n8n-io · Jul 13, 2023 · eedde24 · eedde24
1 parent 0c47be2
commit eedde24
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/packages/cli/src/sso/saml/saml.service.ee.ts b/packages/cli/src/sso/saml/saml.service.ee.ts
@@ -145,8 +145,9 @@ export class SamlService {
 	}> {
 		const attributes = await this.getAttributesFromLoginResponse(req, binding);
 		if (attributes.email) {
+			const lowerCasedEmail = attributes.email.toLowerCase();
 			const user = await Db.collections.User.findOne({
-				where: { email: attributes.email },
+				where: { email: lowerCasedEmail },
 				relations: ['globalRole', 'authIdentities'],
 			});
 			if (user) {

diff --git a/packages/cli/src/sso/saml/samlHelpers.ts b/packages/cli/src/sso/saml/samlHelpers.ts
@@ -97,7 +97,8 @@ export function generatePassword(): string {
 export async function createUserFromSamlAttributes(attributes: SamlUserAttributes): Promise<User> {
 	const user = new User();
 	const authIdentity = new AuthIdentity();
-	user.email = attributes.email;
+	const lowerCasedEmail = attributes.email?.toLowerCase() ?? '';
+	user.email = lowerCasedEmail;
 	user.firstName = attributes.firstName;
 	user.lastName = attributes.lastName;
 	user.globalRole = await Container.get(RoleRepository).findGlobalMemberRoleOrFail();