DEV: Case insensitive check on email_verified field (#70)

nattsw · web-flow · commit 2b6397b6cb1b · 2023-12-01T01:19:11.000+08:00
diff --git a/lib/openid_connect_authenticator.rb b/lib/openid_connect_authenticator.rb
@@ -24,7 +24,8 @@ def primary_email_verified?(auth)
       true
     else
       # Many providers violate the spec, and send this as a string rather than a boolean
-      supplied_verified_boolean == true || supplied_verified_boolean == "true"
+      supplied_verified_boolean == true ||
+        (supplied_verified_boolean.is_a?(String) && supplied_verified_boolean.downcase == "true")
     end
   end
 
diff --git a/spec/lib/openid_connect_authenticator_spec.rb b/spec/lib/openid_connect_authenticator_spec.rb
@@ -45,6 +45,12 @@
       result = authenticator.after_authenticate(hash)
       expect(result.user).to eq(user)
     end
+
+    it "matches the user as a titlecase true string" do
+      hash[:extra][:raw_info][:email_verified] = "True"
+      result = authenticator.after_authenticate(hash)
+      expect(result.user).to eq(user)
+    end
   end
 
   context "when email_verified is false" do
