diff --git a/backend/iam/adapter.py b/backend/iam/adapter.py index 45ab6db40..3ee4c1f74 100644 --- a/backend/iam/adapter.py +++ b/backend/iam/adapter.py @@ -54,7 +54,7 @@ class SocialAccountAdapter(DefaultSocialAccountAdapter): def pre_social_login(self, request, sociallogin): email_address = next(iter(sociallogin.account.extra_data.values()))[0] try: - user = User.objects.get(email=email_address) + user = User.objects.get(email=email_address.lower()) sociallogin.user = user sociallogin.connect(request, user) except User.DoesNotExist: diff --git a/backend/iam/models.py b/backend/iam/models.py index 4af980f3b..e471e6c88 100644 --- a/backend/iam/models.py +++ b/backend/iam/models.py @@ -391,6 +391,9 @@ def delete(self, *args, **kwargs): logger.info("user deleted", user=self) def save(self, *args, **kwargs): + # Make sure to always convert username to lowercase for easier comparison with SSO + if self.email: + self.email = self.email.lower() super().save(*args, **kwargs) logger.info("user saved", user=self) diff --git a/backend/iam/sso/saml/views.py b/backend/iam/sso/saml/views.py index 3af834135..3a1535feb 100644 --- a/backend/iam/sso/saml/views.py +++ b/backend/iam/sso/saml/views.py @@ -135,7 +135,7 @@ def dispatch(self, request, organization_slug): login.state["next"] = next_url try: email = auth._nameid - user = User.objects.get(email=email) + user = User.objects.get(email=email.lower()) idp_first_name = auth._attributes.get( "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname", [""] )[0]