From 47df0a2ee0d152dae2159f82125633ded93aefb3 Mon Sep 17 00:00:00 2001
From: Mihaly Lengyel <mihaly@lengyel.tech>
Date: Tue, 1 Oct 2024 00:44:08 +0200
Subject: [PATCH] feat: detect email_change_not_allowed earlier to fix tests

---
 lib/build/recipe/thirdparty/api/implementation.js | 11 +++++++++++
 lib/ts/recipe/thirdparty/api/implementation.ts    | 11 +++++++++++
 2 files changed, 22 insertions(+)

diff --git a/lib/build/recipe/thirdparty/api/implementation.js b/lib/build/recipe/thirdparty/api/implementation.js
index 1fed7ca95..eef128484 100644
--- a/lib/build/recipe/thirdparty/api/implementation.js
+++ b/lib/build/recipe/thirdparty/api/implementation.js
@@ -132,6 +132,17 @@ function getAPIInterface() {
                 shouldTryLinkingWithSessionUser: input.shouldTryLinkingWithSessionUser,
             });
             if (preAuthChecks.status !== "OK") {
+                if (
+                    preAuthChecks.status === "SIGN_IN_NOT_ALLOWED" &&
+                    authenticatingUser !== undefined &&
+                    !authenticatingUser.loginMethod.hasSameEmailAs(emailInfo.id)
+                ) {
+                    return {
+                        status: "SIGN_IN_UP_NOT_ALLOWED",
+                        reason:
+                            "Cannot sign in / up because new email cannot be applied to existing account. Please contact support. (ERR_CODE_005)",
+                    };
+                }
                 logger_1.logDebugMessage(
                     "signInUpPOST: erroring out because preAuthChecks returned " + preAuthChecks.status
                 );
diff --git a/lib/ts/recipe/thirdparty/api/implementation.ts b/lib/ts/recipe/thirdparty/api/implementation.ts
index 1b633a3e6..bb07806e7 100644
--- a/lib/ts/recipe/thirdparty/api/implementation.ts
+++ b/lib/ts/recipe/thirdparty/api/implementation.ts
@@ -142,6 +142,17 @@ export default function getAPIInterface(): APIInterface {
             });
 
             if (preAuthChecks.status !== "OK") {
+                if (
+                    preAuthChecks.status === "SIGN_IN_NOT_ALLOWED" &&
+                    authenticatingUser !== undefined &&
+                    !authenticatingUser.loginMethod.hasSameEmailAs(emailInfo.id)
+                ) {
+                    return {
+                        status: "SIGN_IN_UP_NOT_ALLOWED",
+                        reason:
+                            "Cannot sign in / up because new email cannot be applied to existing account. Please contact support. (ERR_CODE_005)",
+                    };
+                }
                 logDebugMessage("signInUpPOST: erroring out because preAuthChecks returned " + preAuthChecks.status);
                 // On the frontend, this should show a UI of asking the user
                 // to login using a different method.