Fix/sgid bug (#2231)

* fix: sgid validation bug * fix: clean sgid emails --------- Co-authored-by: KishenKumarrrrr <kishen@open.gov.sg>
opengovsg · Sep 27, 2023 · c3d2c6f · c3d2c6f
1 parent efa348d
commit c3d2c6f
Showing 1 changed file with 25 additions and 9 deletions.
diff --git a/backend/src/core/services/auth.service.ts b/backend/src/core/services/auth.service.ts
@@ -413,12 +413,19 @@ export const InitAuthService = (redisService: RedisService): AuthService => {
   const getSgidUserProfiles = async (
     userInfo: UserInfoReturn
   ): Promise<SgidPublicOfficerEmployment[]> => {
+    const logMeta = { action: 'getSgidUserProfiles' }
     const profiles = JSON.parse(
       userInfo.data[SGID_PUBLIC_OFFICER_EMPLOYMENT_SCOPE]
     ) as SgidPublicOfficerEmployment[]
-    const validProfiles = await validateSgidUserProfiles(profiles)
-    const cleanedProfiles = cleanSgidUserProfiles(validProfiles)
-    return cleanedProfiles
+    logger.info({
+      message: 'User attempting to log in with the following profiles',
+      ...logMeta,
+      profiles,
+    })
+    const cleanedProfiles = cleanSgidUserProfiles(profiles)
+    const validProfiles = await validateSgidUserProfiles(cleanedProfiles)
+
+    return validProfiles
   }
 
   /**
@@ -442,15 +449,24 @@ export const InitAuthService = (redisService: RedisService): AuthService => {
         })
         continue
       }
-      if (!(await isWhitelistedEmail(profile.workEmail))) {
-        logger.warn({
-          message: 'Work email is not a whitelisted email',
+      try {
+        const isWhitelisted = await isWhitelistedEmail(profile.workEmail)
+        if (isWhitelisted) {
+          validProfiles.push(profile)
+        } else {
+          logger.warn({
+            message: 'Work email is not a whitelisted email',
+            ...logMeta,
+            profile,
+          })
+        }
+      } catch (err) {
+        logger.error({
+          message: 'Error occured while whitelisting email',
           ...logMeta,
           profile,
         })
-        continue
       }
-      validProfiles.push(profile)
     }
     return validProfiles
   }
@@ -465,7 +481,7 @@ export const InitAuthService = (redisService: RedisService): AuthService => {
     const logMeta = { action: 'cleanSgidUserProfiles' }
     const cleanedProfiles = userProfiles.map((profile) => {
       // DB only accepts lowercase emails
-      profile.workEmail = profile.workEmail.toLowerCase()
+      profile.workEmail = profile.workEmail.toLowerCase().trim()
       // If SGID does not have the field, we want to log the missing value and return an empty string
       if (profile.agencyName === SGID_FIELD_EMPTY) {
         profile.agencyName = ''