From 2c2a56cb0ab386ffa384e55c7f1b57826977907a Mon Sep 17 00:00:00 2001
From: Christophe Lambin <christophe.lambin@gmail.com>
Date: Wed, 3 Apr 2024 14:26:55 +0200
Subject: [PATCH] fix: treat emails in whitelist & domains as case-insensitive

---
 internal/auth.go      | 4 ++--
 internal/auth_test.go | 7 +++++++
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/internal/auth.go b/internal/auth.go
index 9b8f0b16..ed228f80 100644
--- a/internal/auth.go
+++ b/internal/auth.go
@@ -100,7 +100,7 @@ func ValidateEmail(email, ruleName string) bool {
 // ValidateWhitelist checks if the email is in whitelist
 func ValidateWhitelist(email string, whitelist CommaSeparatedList) bool {
 	for _, whitelist := range whitelist {
-		if email == whitelist {
+		if strings.EqualFold(email, whitelist) {
 			return true
 		}
 	}
@@ -114,7 +114,7 @@ func ValidateDomains(email string, domains CommaSeparatedList) bool {
 		return false
 	}
 	for _, domain := range domains {
-		if domain == parts[1] {
+		if strings.EqualFold(domain, parts[1]) {
 			return true
 		}
 	}
diff --git a/internal/auth_test.go b/internal/auth_test.go
index 74e8d2f2..ce3d22ac 100644
--- a/internal/auth_test.go
+++ b/internal/auth_test.go
@@ -72,6 +72,13 @@ func TestAuthValidateEmail(t *testing.T) {
 	v = ValidateEmail("one@two.com", "default")
 	assert.True(v, "should allow any domain if email domain is not defined")
 
+	// ValidateEmail is case-insensitive
+	v = ValidateEmail("Test@Test.com", "default")
+	assert.True(v, "should allow any domain if email domain is not defined")
+	config.Domains = []string{"test.com"}
+	v = ValidateEmail("Test@Test.com", "default")
+	assert.True(v, "should allow user from allowed domain")
+
 	// Should allow matching domain
 	config.Domains = []string{"test.com"}
 	v = ValidateEmail("one@two.com", "default")