make emails case-insensitive in account service

trynoice · Jun 19, 2022 · 2c78825 · 2c78825
1 parent 0d0efb3
commit 2c78825
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 0 deletions.
diff --git a/src/main/java/com/trynoice/api/identity/AccountService.java b/src/main/java/com/trynoice/api/identity/AccountService.java
@@ -90,6 +90,7 @@ class AccountService implements AccountServiceContract {
      */
     @Transactional(rollbackFor = Throwable.class)
     public void signUp(@NonNull SignUpParams params) throws TooManySignInAttemptsException {
+        params.setEmail(params.getEmail().toLowerCase());
         val user = authUserRepository.findByEmail(params.getEmail())
             .orElseGet(() -> authUserRepository.save(
                 AuthUser.builder()
@@ -111,6 +112,7 @@ public void signUp(@NonNull SignUpParams params) throws TooManySignInAttemptsExc
      */
     @Transactional(rollbackFor = Throwable.class)
     public void signIn(@NonNull SignInParams params) throws AccountNotFoundException, TooManySignInAttemptsException {
+        params.setEmail(params.getEmail().toLowerCase());
         val user = authUserRepository.findByEmail(params.getEmail())
             .orElseThrow(() -> {
                 val msg = String.format("account with email '%s' doesn't exist", params.getEmail());

diff --git a/src/test/java/com/trynoice/api/identity/AccountServiceTest.java b/src/test/java/com/trynoice/api/identity/AccountServiceTest.java
@@ -31,6 +31,8 @@
 import static org.junit.jupiter.api.Assertions.assertNull;
 import static org.junit.jupiter.api.Assertions.assertThrows;
 import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.argThat;
+import static org.mockito.Mockito.atLeastOnce;
 import static org.mockito.Mockito.lenient;
 import static org.mockito.Mockito.times;
 import static org.mockito.Mockito.verify;
@@ -129,6 +131,19 @@ void signUp_withBlacklistedEmail() {
             service.signUp(new SignUpParams(authUser.getEmail(), authUser.getName())));
     }
 
+    @Test
+    void signUp_emailCaseInsensitivity() {
+        val email = "[email protected]";
+        val authUser = buildAuthUser();
+        authUser.setEmail(email);
+        val refreshToken = buildRefreshToken(authUser);
+        when(authUserRepository.findByEmail(any())).thenReturn(Optional.empty());
+        when(authUserRepository.save(any())).thenAnswer(i -> i.getArgument(0));
+        when(refreshTokenRepository.save(any())).thenReturn(refreshToken);
+        assertDoesNotThrow(() -> service.signUp(new SignUpParams(authUser.getEmail(), authUser.getName())));
+        verify(authUserRepository, atLeastOnce()).save(argThat(a -> a.getEmail().equals(email.toLowerCase())));
+    }
+
     @Test
     void signIn_withExistingAccount() throws AccountNotFoundException, TooManySignInAttemptsException {
         val authUser = buildAuthUser();
@@ -167,6 +182,17 @@ void signIn_withBlacklistedEmail() {
         assertThrows(TooManySignInAttemptsException.class, () -> service.signIn(new SignInParams(authUser.getEmail())));
     }
 
+    @Test
+    void signIn_emailCaseInsensitivity() {
+        val email = "[email protected]";
+        val authUser = buildAuthUser();
+        authUser.setEmail(email);
+        val refreshToken = buildRefreshToken(authUser);
+        when(authUserRepository.findByEmail(email.toLowerCase())).thenReturn(Optional.of(authUser));
+        when(refreshTokenRepository.save(any())).thenReturn(refreshToken);
+        assertDoesNotThrow(() -> service.signIn(new SignInParams(authUser.getEmail())));
+    }
+
     @Test
     void signOut_withInvalidJWT() {
         assertThrows(RefreshTokenVerificationException.class, () -> service.signOut("invalid-jwt", "valid-acess-jwt"));