spec(SSO): メールアドレスが登録されていない場合、メアドフィールドの値にaactを入れる (MisskeyIO#607)

2024-04-13 15:56:54 +09:00 · 2024-04-13 15:56:54 +09:00 · 22e398d2bf
commit 22e398d2bf
parent 8b214f8247
3 changed files with 26 additions and 18 deletions
--- a/packages/backend/src/server/sso/SAMLIdentifyProviderService.ts
+++ b/packages/backend/src/server/sso/SAMLIdentifyProviderService.ts
@ -440,9 +440,10 @@ export class SAMLIdentifyProviderService {
 										'#text': `${this.config.url}/sso/saml/${ssoServiceProvider.id}/metadata`,
 									},
 									'saml:Subject': {
-										'saml:NameID': profile.emailVerified
-											? { '@Format': 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress', '#text': normalizeEmailAddress(profile.email) }
-											: { '@Format': 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent', '#text': user.id },
+										'saml:NameID': {
+											'@Format': 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
+											'#text': profile.emailVerified ? normalizeEmailAddress(profile.email) : `${user.username}@${this.config.hostname}`,
+										},
 										'saml:SubjectConfirmation': {
 											'@Method': 'urn:oasis:names:tc:SAML:2.0:cm:bearer',
 											'saml:SubjectConfirmationData': {
@ -540,14 +541,14 @@ export class SAMLIdentifyProviderService {
 													'#text': user.avatarUrl,
 												},
 											}] : []),
-											...(profile.emailVerified ? [{
+											{
 												'@Name': 'email',
 												'@NameFormat': 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic',
 												'saml:AttributeValue': {
 													'@xsi:type': 'xs:string',
-													'#text': normalizeEmailAddress(profile.email),
+													'#text': profile.emailVerified ? normalizeEmailAddress(profile.email) : `${user.username}@${this.config.hostname}`,
 												},
-											}] : []),
+											},
 											{
 												'@Name': 'email_verified',
 												'@NameFormat': 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic',