feat: allow usernames without @ when UserMustBeDomain false (#4852)

* feat: allow usernames without @ when UserMustBeDomain false * e2e * test(e2e): table driven tests for humans and machines * cleanup * fix(e2e): ensure there are no username conflicts * e2e: make awaitDesired async * rm settings mapping * e2e: make awaitDesired async * e2e: parse sequence as int * e2e: ensure test fails if awaitDesired fails Co-authored-by: Max Peintner <max@caos.ch>
2025-08-12 00:27:31 +00:00 · 2022-12-22 12:16:17 +01:00
parent 7d9fc2c6e7
commit 0530f19d94
10 changed files with 498 additions and 106 deletions
--- a/internal/api/ui/login/external_login_handler.go
+++ b/internal/api/ui/login/external_login_handler.go
@@ -474,9 +474,9 @@ func (l *Login) mapExternalUserToLoginUser(orgIamPolicy *query.DomainPolicy, lin
 	}

 	if orgIamPolicy.UserLoginMustBeDomain {
-		splittedUsername := strings.Split(username, "@")
-		if len(splittedUsername) > 1 {
-			username = splittedUsername[0]
+		index := strings.LastIndex(username, "@")
+		if index > 1 {
+			username = username[:index]
 		}
 	}