Merge upstream

2025-05-16 08:00:55 +09:00 · 2025-05-16 08:00:55 +09:00 · b80629abed
commit b80629abed
parent 8cd9d043c6 62109a5caa
75 changed files with 2749 additions and 3298 deletions
--- a/packages/backend/src/server/api/endpoints/admin/sso/create.ts
+++ b/packages/backend/src/server/api/endpoints/admin/sso/create.ts
@ -84,6 +84,10 @@ export const meta = {
 				type: 'boolean',
 				optional: false, nullable: false,
 			},
+			wantEmailAddressNormalized: {
+				type: 'boolean',
+				optional: false, nullable: false,
+			},
 		},
 	},
 } as const;
@ -101,6 +105,7 @@ export const paramDef = {
 		cipherAlgorithm: { type: 'string', nullable: true },
 		wantAuthnRequestsSigned: { type: 'boolean', nullable: false, default: false },
 		wantAssertionsSigned: { type: 'boolean', nullable: false, default: true },
+		wantEmailAddressNormalized: { type: 'boolean', nullable: false, default: true },
 		useCertificate: { type: 'boolean', nullable: false, default: true },
 		secret: { type: 'string', nullable: true },
 	},
@ -157,6 +162,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
 				cipherAlgorithm: ps.cipherAlgorithm ? ps.cipherAlgorithm : null,
 				wantAuthnRequestsSigned: ps.wantAuthnRequestsSigned,
 				wantAssertionsSigned: ps.wantAssertionsSigned,
+				wantEmailAddressNormalized: ps.wantEmailAddressNormalized,
 			}).then(r => this.singleSignOnServiceProviderRepository.findOneByOrFail({ id: r.identifiers[0].id }));

 			this.moderationLogService.log(me, 'createSSOServiceProvider', {
@ -178,6 +184,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
 				cipherAlgorithm: ssoServiceProvider.cipherAlgorithm,
 				wantAuthnRequestsSigned: ssoServiceProvider.wantAuthnRequestsSigned,
 				wantAssertionsSigned: ssoServiceProvider.wantAssertionsSigned,
+				wantEmailAddressNormalized: ssoServiceProvider.wantEmailAddressNormalized,
 			};
 		});
 	}
--- a/packages/backend/src/server/api/endpoints/admin/sso/list.ts
+++ b/packages/backend/src/server/api/endpoints/admin/sso/list.ts
@ -77,6 +77,10 @@ export const meta = {
 					type: 'boolean',
 					optional: false, nullable: false,
 				},
+				wantEmailAddressNormalized: {
+					type: 'boolean',
+					optional: false, nullable: false,
+				},
 			},
 		},
 	},
@ -116,6 +120,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
 				cipherAlgorithm: service.cipherAlgorithm,
 				wantAuthnRequestsSigned: service.wantAuthnRequestsSigned,
 				wantAssertionsSigned: service.wantAssertionsSigned,
+				wantEmailAddressNormalized: service.wantEmailAddressNormalized,
 			}));
 		});
 	}
--- a/packages/backend/src/server/api/endpoints/admin/sso/update.ts
+++ b/packages/backend/src/server/api/endpoints/admin/sso/update.ts
@ -37,6 +37,7 @@ export const paramDef = {
 		cipherAlgorithm: { type: 'string', nullable: true },
 		wantAuthnRequestsSigned: { type: 'boolean', nullable: false },
 		wantAssertionsSigned: { type: 'boolean', nullable: false },
+		wantEmailAddressNormalized: { type: 'boolean', nullable: false },
 		regenerateCertificate: { type: 'boolean', nullable: true },
 		secret: { type: 'string', nullable: true },
 	},
@ -92,6 +93,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
 				cipherAlgorithm: ps.cipherAlgorithm !== '' ? ps.cipherAlgorithm : null,
 				wantAuthnRequestsSigned: ps.wantAuthnRequestsSigned,
 				wantAssertionsSigned: ps.wantAssertionsSigned,
+				wantEmailAddressNormalized: ps.wantEmailAddressNormalized,
 			});

 			const updatedService = await this.singleSignOnServiceProviderRepository.findOneByOrFail({ id: service.id });