Fix inconsistent handling of upper and lower cases of email addresses.

matrix-org · Mar 2, 2020 · ced5716 · ced5716
1 parent b29474e
commit ced5716
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 6 deletions.
diff --git a/changelog.d/7016.bugfix b/changelog.d/7016.bugfix
@@ -0,0 +1 @@
+Fix inconsistent handling of upper and lower cases of email addresses that is use only lower cases.
diff --git a/synapse/rest/client/v2_alpha/account.py b/synapse/rest/client/v2_alpha/account.py
@@ -84,7 +84,10 @@ async def on_POST(self, request):
         client_secret = body["client_secret"]
         assert_valid_client_secret(client_secret)
 
-        email = body["email"]
+        # For emails, transform the address to lowercase.
+        # We store all email addreses as lowercase in the DB.
+        # (See add_threepid in synapse/handlers/auth.py)
+        email = body["email"].lower()
         send_attempt = body["send_attempt"]
         next_link = body.get("next_link")  # Optional param
 
@@ -359,7 +362,10 @@ async def on_POST(self, request):
         client_secret = body["client_secret"]
         assert_valid_client_secret(client_secret)
 
-        email = body["email"]
+        # For emails, transform the address to lowercase.
+        # We store all email addreses as lowercase in the DB.
+        # (See add_threepid in synapse/handlers/auth.py)
+        email = body["email"].lower()
         send_attempt = body["send_attempt"]
         next_link = body.get("next_link")  # Optional param
 
@@ -371,7 +377,7 @@ async def on_POST(self, request):
             )
 
         existing_user_id = await self.store.get_user_id_by_threepid(
-            "email", body["email"]
+            "email", email
         )
 
         if existing_user_id is not None:

diff --git a/synapse/rest/client/v2_alpha/register.py b/synapse/rest/client/v2_alpha/register.py
@@ -119,7 +119,10 @@ async def on_POST(self, request):
         client_secret = body["client_secret"]
         assert_valid_client_secret(client_secret)
 
-        email = body["email"]
+        # For emails, transform the address to lowercase.
+        # We store all email addreses as lowercase in the DB.
+        # (See add_threepid in synapse/handlers/auth.py)
+        email = body["email"].lower()
         send_attempt = body["send_attempt"]
         next_link = body.get("next_link")  # Optional param
 
@@ -131,7 +134,7 @@ async def on_POST(self, request):
             )
 
         existing_user_id = await self.hs.get_datastore().get_user_id_by_threepid(
-            "email", body["email"]
+            "email", email
         )
 
         if existing_user_id is not None:
@@ -552,7 +555,10 @@ async def on_POST(self, request):
                 for login_type in [LoginType.EMAIL_IDENTITY, LoginType.MSISDN]:
                     if login_type in auth_result:
                         medium = auth_result[login_type]["medium"]
-                        address = auth_result[login_type]["address"]
+                        # For emails, transform the address to lowercase.
+                        # We store all email addreses as lowercase in the DB.
+                        # (See add_threepid in synapse/handlers/auth.py)
+                        address = auth_result[login_type]["address"].lower()
 
                         existing_user_id = await self.store.get_user_id_by_threepid(
                             medium, address