discourse
/
discourse-openid-connect
mirror of https://github.com/discourse/discourse-openid-connect.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

DEV: Case insensitive check on email_verified field (#70)

This commit is contained in:
Natalie Tay 2023-12-01 01:19:11 +08:00 committed by GitHub
parent c7e89b268e
commit 2b6397b6cb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/openid_connect_authenticator.rb
View File

@ -24,7 +24,8 @@ class OpenIDConnectAuthenticator < Auth::ManagedAuthenticator
true
else
# Many providers violate the spec, and send this as a string rather than a boolean
supplied_verified_boolean == true || supplied_verified_boolean == "true"
supplied_verified_boolean == true ||
(supplied_verified_boolean.is_a?(String) && supplied_verified_boolean.downcase == "true")
end
end

6
spec/lib/openid_connect_authenticator_spec.rb
View File

@ -45,6 +45,12 @@ describe OpenIDConnectAuthenticator do
result = authenticator.after_authenticate(hash)
expect(result.user).to eq(user)
end
it "matches the user as a titlecase true string" do
hash[:extra][:raw_info][:email_verified] = "True"
result = authenticator.after_authenticate(hash)
expect(result.user).to eq(user)
end
end
context "when email_verified is false" do