Fix inconsistent handling of upper and lower cases of email addresses. (#7021)

fixes #7016
2025-06-24 15:50:25 -04:00 · 2020-07-03 15:03:13 +02:00 · 2020-07-03 15:03:13 +02:00 · 21a212f8e5
commit 21a212f8e5
parent 8097659f6e
8 changed files with 282 additions and 51 deletions
--- a/synapse/rest/client/v1/login.py
+++ b/synapse/rest/client/v1/login.py
@ -28,6 +28,7 @@ from synapse.rest.client.v2_alpha._base import client_patterns
 from synapse.rest.well_known import WellKnownBuilder
 from synapse.types import UserID
 from synapse.util.msisdn import phone_number_to_msisdn
+from synapse.util.threepids import canonicalise_email

 logger = logging.getLogger(__name__)

@ -206,11 +207,14 @@ class LoginRestServlet(RestServlet):
            if medium is None or address is None:
                raise SynapseError(400, "Invalid thirdparty identifier")

+            # For emails, canonicalise the address.
+            # We store all email addresses canonicalised in the DB.
+            # (See add_threepid in synapse/handlers/auth.py)
            if medium == "email":
-                # For emails, transform the address to lowercase.
-                # We store all email addreses as lowercase in the DB.
-                # (See add_threepid in synapse/handlers/auth.py)
-                address = address.lower()
+                try:
+                    address = canonicalise_email(address)
+                except ValueError as e:
+                    raise SynapseError(400, str(e))

            # We also apply account rate limiting using the 3PID as a key, as
            # otherwise using 3PID bypasses the ratelimiting based on user ID.