Use caseinsensitive username for login

domain/src/main/java/org/fao/geonet/repository/UserRepositoryCustomImpl.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2001-2016 Food and Agriculture Organization of the
+ * Copyright (C) 2001-2024 Food and Agriculture Organization of the
  * United Nations (FAO-UN), United Nations World Food Programme (WFP)
  * and United Nations Environment Programme (UNEP)
  *
@@ -25,7 +25,6 @@
 
 import org.fao.geonet.domain.*;
 import org.fao.geonet.utils.Log;
-import org.springframework.data.domain.Sort;
 import org.springframework.data.jpa.domain.Specification;
 
 import javax.annotation.Nonnull;
@@ -60,8 +59,10 @@ public User findOneByEmail(final String email) {
         CriteriaBuilder cb = _entityManager.getCriteriaBuilder();
         CriteriaQuery<User> query = cb.createQuery(User.class);
         Root<User> root = query.from(User.class);
+        Join<User, String> joinedEmailAddresses = root.join(User_.emailAddresses);
 
-        query.where(cb.isMember(email, root.get(User_.emailAddresses)));
+        // Case in-sensitive email search
+        query.where( cb.equal(cb.lower(joinedEmailAddresses), email.toLowerCase()));
         final List<User> resultList = _entityManager.createQuery(query).getResultList();
         if (resultList.isEmpty()) {
             return null;
@@ -78,10 +79,12 @@ public User findOneByEmailAndSecurityAuthTypeIsNullOrEmpty(final String email) {
         CriteriaBuilder cb = _entityManager.getCriteriaBuilder();
         CriteriaQuery<User> query = cb.createQuery(User.class);
         Root<User> root = query.from(User.class);
+        Join<User, String> joinedEmailAddresses = root.join(User_.emailAddresses);
 
         final Path<String> authTypePath = root.get(User_.security).get(UserSecurity_.authType);
         query.where(cb.and(
-            cb.isMember(email, root.get(User_.emailAddresses)),
+            // Case in-sensitive email search
+            cb.equal(cb.lower(joinedEmailAddresses), email.toLowerCase()),
             cb.or(cb.isNull(authTypePath), cb.equal(cb.trim(authTypePath), ""))));
         List<User> results = _entityManager.createQuery(query).getResultList();
 
@@ -101,7 +104,8 @@ public User findOneByUsernameAndSecurityAuthTypeIsNullOrEmpty(final String usern
 
         final Path<String> authTypePath = root.get(User_.security).get(UserSecurity_.authType);
         final Path<String> usernamePath = root.get(User_.username);
-        query.where(cb.and(cb.equal(usernamePath, username), cb.or(cb.isNull(authTypePath), cb.equal(cb.trim(authTypePath), ""))));
+        // Case in-sensitive username search
+        query.where(cb.and(cb.equal(cb.lower(usernamePath), username.toLowerCase()), cb.or(cb.isNull(authTypePath), cb.equal(cb.trim(authTypePath), ""))));
         List<User> results = _entityManager.createQuery(query).getResultList();
 
 
@@ -130,7 +134,7 @@ public List<String> findDuplicatedUsernamesCaseInsensitive() {
     @Nonnull
     public List<Pair<Integer, User>> findAllByGroupOwnerNameAndProfile(@Nonnull final Collection<Integer> metadataIds,
                                                                        @Nullable final Profile profile) {
-        List<Pair<Integer, User>> results = new ArrayList<Pair<Integer, User>>();
+        List<Pair<Integer, User>> results = new ArrayList<>();
 
         results.addAll(findAllByGroupOwnerNameAndProfileInternal(metadataIds, profile, false));
         results.addAll(findAllByGroupOwnerNameAndProfileInternal(metadataIds, profile, true));
@@ -180,7 +184,7 @@ private List<Pair<Integer, User>> findAllByGroupOwnerNameAndProfileInternal(@Non
 
         query.distinct(true);
 
-        List<Pair<Integer, User>> results = new ArrayList<Pair<Integer, User>>();
+        List<Pair<Integer, User>> results = new ArrayList<>();
 
         for (Tuple result : _entityManager.createQuery(query).getResultList()) {
             Integer mdId = (Integer) result.get(0);

domain/src/test/java/org/fao/geonet/repository/UserRepositoryTest.java

@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2001-2016 Food and Agriculture Organization of the
+ * Copyright (C) 2001-2024 Food and Agriculture Organization of the
  * United Nations (FAO-UN), United Nations World Food Programme (WFP)
  * and United Nations Environment Programme (UNEP)
  *
@@ -31,7 +31,6 @@
 import org.hamcrest.CoreMatchers;
 import org.junit.Test;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.data.domain.Sort;
 import org.springframework.data.jpa.domain.Specification;
 
 import javax.annotation.Nullable;
@@ -121,6 +120,11 @@ public void testFindByEmailAddress() {
         assertNotNull(foundUser);
         assertEquals(user2.getId(), foundUser.getId());
 
+        // Test case-insensitive
+        foundUser = _userRepo.findOneByEmail(add2b.toUpperCase());
+        assertNotNull(foundUser);
+        assertEquals(user2.getId(), foundUser.getId());
+
         foundUser = _userRepo.findOneByEmail("xjkjk");
         assertNull(foundUser);
     }
@@ -150,10 +154,51 @@ public void testFindByUsernameAndAuthTypeIsNullOrEmpty() {
         foundUser = _userRepo.findOneByUsernameAndSecurityAuthTypeIsNullOrEmpty(user3.getUsername());
         assertNull(foundUser);
 
+        // Test case-insensitive
+        foundUser = _userRepo.findOneByUsernameAndSecurityAuthTypeIsNullOrEmpty(user3.getUsername().toUpperCase());
+        assertNull(foundUser);
+
         foundUser = _userRepo.findOneByUsernameAndSecurityAuthTypeIsNullOrEmpty("blarg");
         assertNull(foundUser);
     }
 
+
+    @Test
+    public void testFindOneByEmailAndSecurityAuthTypeIsNullOrEmpty() {
+        User user1 = newUser();
+        user1.getSecurity().setAuthType("");
+        user1.getEmailAddresses().add("[email protected]");
+        user1 = _userRepo.save(user1);
+
+        User user2 = newUser();
+        user2.getSecurity().setAuthType(null);
+        user2.getEmailAddresses().add("[email protected]");
+        user2 = _userRepo.save(user2);
+
+        User user3 = newUser();
+        user3.getSecurity().setAuthType("nonull");
+        user3.getEmailAddresses().add("[email protected]");
+        _userRepo.save(user3);
+
+        User foundUser = _userRepo.findOneByEmailAndSecurityAuthTypeIsNullOrEmpty(user1.getEmail());
+        assertNotNull(foundUser);
+        assertEquals(user1.getId(), foundUser.getId());
+
+        foundUser = _userRepo.findOneByEmailAndSecurityAuthTypeIsNullOrEmpty(user2.getEmail());
+        assertNotNull(foundUser);
+        assertEquals(user2.getId(), foundUser.getId());
+
+        foundUser = _userRepo.findOneByEmailAndSecurityAuthTypeIsNullOrEmpty(user3.getEmail());
+        assertNull(foundUser);
+
+        // Test case-insensitive
+        foundUser = _userRepo.findOneByEmailAndSecurityAuthTypeIsNullOrEmpty(user3.getEmail().toUpperCase());
+        assertNull(foundUser);
+
+        foundUser = _userRepo.findOneByEmailAndSecurityAuthTypeIsNullOrEmpty("blarg");
+        assertNull(foundUser);
+    }
+
     @Test
     public void testFindByUsername() {
         User user1 = newUser();
@@ -219,8 +264,8 @@ public void testFindAllByGroupOwnerNameAndProfile() {
         assertEquals(4, found.size());
         int md1Found = 0;
         int md2Found = 0;
-        for (Pair<Integer, User> record : found) {
-            if (record.one() == md1.getId()) {
+        for (Pair<Integer, User> info : found) {
+            if (info.one() == md1.getId()) {
                 md1Found++;
             } else {
                 md2Found++;
@@ -330,8 +375,6 @@ public void testFindDuplicatedUsernamesCaseInsensitive() {
     }
 
     private User newUser() {
-        User user = newUser(_inc);
-        return user;
+        return newUser(_inc);
     }
-
 }