Commit ac8b583
committed
improvement(auth): make Microsoft emailVerified derivation total
deriveMicrosoftEmailVerified cast the verified-email claims to string[]
and called .includes through optional chaining, which only guards
null/undefined. A claim arriving as a non-array, non-string value (e.g.
a number) would throw inside getUserInfo and fail the OAuth flow.
Array-check the claims with a proper type guard so any claim shape
resolves to unverified instead of throwing.1 parent d643be0 commit ac8b583
2 files changed
Lines changed: 12 additions & 4 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
54 | 54 | | |
55 | 55 | | |
56 | 56 | | |
57 | | - | |
| 57 | + | |
58 | 58 | | |
59 | 59 | | |
60 | 60 | | |
| 61 | + | |
| 62 | + | |
| 63 | + | |
| 64 | + | |
| 65 | + | |
61 | 66 | | |
62 | 67 | | |
63 | 68 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
36 | 36 | | |
37 | 37 | | |
38 | 38 | | |
39 | | - | |
40 | | - | |
41 | | - | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
| 42 | + | |
| 43 | + | |
| 44 | + | |
42 | 45 | | |
0 commit comments