Fix issue where accounts:lookup is case-sensitive for emails (#8351)

aalej · web-flow · commit 5264a78a36e1 · 2025-03-21T09:56:14.000-07:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1 +1,2 @@
 - Fix bug where functions:artifacts:setpolicy command's --none option didn't work as expected (#8330)
+- Fix bug in Auth emulator where accounts:lookup is case-sensitive for emails (#8344)
diff --git a/src/emulator/auth/misc.spec.ts b/src/emulator/auth/misc.spec.ts
@@ -339,6 +339,54 @@ describeAuthEmulator("createSessionCookie", ({ authApi }) => {
 });
 
 describeAuthEmulator("accounts:lookup", ({ authApi }) => {
+  it("should return user by email when privileged", async () => {
+    const { email } = await registerUser(authApi(), {
+      email: "bob@example.com",
+      password: "password",
+    });
+
+    await authApi()
+      .post(`/identitytoolkit.googleapis.com/v1/projects/${PROJECT_ID}/accounts:lookup`)
+      .set("Authorization", "Bearer owner")
+      .send({ email: [email] })
+      .then((res) => {
+        expectStatusCode(200, res);
+        expect(res.body.users).to.have.length(1);
+        expect(res.body.users[0].email).to.equal(email);
+      });
+  });
+
+  it("should return user by email even when uppercased", async () => {
+    const { email } = await registerUser(authApi(), {
+      email: "foo@example.com",
+      password: "password",
+    });
+    const caplitalizedEmail = email.toUpperCase();
+
+    await authApi()
+      .post(`/identitytoolkit.googleapis.com/v1/projects/${PROJECT_ID}/accounts:lookup`)
+      .set("Authorization", "Bearer owner")
+      .send({ email: [caplitalizedEmail] })
+      .then((res) => {
+        console.log(res.body.users);
+        expectStatusCode(200, res);
+        expect(res.body.users).to.have.length(1);
+        expect(res.body.users[0].email).to.equal(email);
+      });
+  });
+
+  it("should return empty result when email is not found", async () => {
+    await authApi()
+      .post(`/identitytoolkit.googleapis.com/v1/projects/${PROJECT_ID}/accounts:lookup`)
+      .set("Authorization", "Bearer owner")
+      .send({ email: ["non-existent-email@example.com"] })
+      .then((res) => {
+        console.log(res.body.users);
+        expectStatusCode(200, res);
+        expect(res.body).not.to.have.property("users");
+      });
+  });
+
   it("should return user by localId when privileged", async () => {
     const { localId } = await registerAnonUser(authApi());
 
diff --git a/src/emulator/auth/operations.ts b/src/emulator/auth/operations.ts
@@ -300,7 +300,8 @@ function lookup(
       tryAddUser(state.getUserByLocalId(localId));
     }
     for (const email of reqBody.email ?? []) {
-      tryAddUser(state.getUserByEmail(email));
+      const canonicalizedEmail = canonicalizeEmailAddress(email);
+      tryAddUser(state.getUserByEmail(canonicalizedEmail));
     }
     for (const phoneNumber of reqBody.phoneNumber ?? []) {
       tryAddUser(state.getUserByPhoneNumber(phoneNumber));

Original file line number	Diff line number	Diff line change
`@@ -1 +1,2 @@`
`1`	`1`	`- Fix bug where functions:artifacts:setpolicy command's --none option didn't work as expected (#8330)`
	`2`	`+- Fix bug in Auth emulator where accounts:lookup is case-sensitive for emails (#8344)`
Original file line number	Diff line number	Diff line change
`@@ -300,7 +300,8 @@ function lookup(`
`300`	`300`	`tryAddUser(state.getUserByLocalId(localId));`
`301`	`301`	`}`
`302`	`302`	`for (const email of reqBody.email ?? []) {`
`303`		`- tryAddUser(state.getUserByEmail(email));`
	`303`	`+ const canonicalizedEmail = canonicalizeEmailAddress(email);`
	`304`	`+ tryAddUser(state.getUserByEmail(canonicalizedEmail));`
`304`	`305`	`}`
`305`	`306`	`for (const phoneNumber of reqBody.phoneNumber ?? []) {`
`306`	`307`	`tryAddUser(state.getUserByPhoneNumber(phoneNumber));`