Sanitize email when retrieving emails for emailbox (#190)

src/AliasVault.Api/Controllers/Email/EmailBoxController.cs

@@ -41,17 +41,19 @@ public async Task<IActionResult> GetEmailBox(string to)
             return Unauthorized("Not authenticated.");
         }
 
+        var sanitizedEmail = to.Trim().ToLower();
+
         // See if this user has a valid claim to the email address.
         var emailClaim = await context.UserEmailClaims
-            .FirstOrDefaultAsync(x => x.Address == to);
+            .FirstOrDefaultAsync(x => x.Address == sanitizedEmail);
 
         if (emailClaim is null)
         {
             return BadRequest(new ApiErrorResponse
             {
                 Message = "No claim exists for this email address.",
                 Code = "CLAIM_DOES_NOT_EXIST",
-                Details = new { ProvidedEmail = to },
+                Details = new { ProvidedEmail = sanitizedEmail },
                 StatusCode = StatusCodes.Status400BadRequest,
                 Timestamp = DateTime.UtcNow,
             });