[Bug] Improve SSO user provision flow (#1022)

* Initial commit of provisioning updates * Updated strings * removed extra BANG * Separated orgUsers db lookup - prioritized existing user Id * Updated create sso record method // Added sproc for org/email retrieval
2025-06-30 15:42:48 -05:00 · 2020-12-04 16:45:54 -06:00
parent 0d7c876904
commit 09aea4ed38
7 changed files with 149 additions and 93 deletions
--- a/src/Core/Repositories/IOrganizationUserRepository.cs
+++ b/src/Core/Repositories/IOrganizationUserRepository.cs
@ -27,5 +27,6 @@ namespace Bit.Core.Repositories
        Task CreateAsync(OrganizationUser obj, IEnumerable<SelectionReadOnly> collections);
        Task ReplaceAsync(OrganizationUser obj, IEnumerable<SelectionReadOnly> collections);
        Task<ICollection<OrganizationUser>> GetManyByManyUsersAsync(IEnumerable<Guid> userIds);
+        Task<OrganizationUser> GetByOrganizationEmailAsync(Guid organizationId, string email);
    }
 }
--- a/src/Core/Repositories/SqlServer/OrganizationUserRepository.cs
+++ b/src/Core/Repositories/SqlServer/OrganizationUserRepository.cs
@ -244,5 +244,18 @@ namespace Bit.Core.Repositories.SqlServer
                return results.ToList();
            }
        }
+        
+        public async Task<OrganizationUser> GetByOrganizationEmailAsync(Guid organizationId, string email)
+        {
+            using (var connection = new SqlConnection(ConnectionString))
+            {
+                var results = await connection.QueryAsync<OrganizationUser>(
+                    "[dbo].[OrganizationUser_ReadByOrganizationIdEmail]",
+                    new { OrganizationId = organizationId, Email = email },
+                    commandType: CommandType.StoredProcedure);
+
+                return results.SingleOrDefault();
+            }
+        }
    }
 }
--- a/src/Core/Resources/SharedResources.en.resx
+++ b/src/Core/Resources/SharedResources.en.resx
@ -521,10 +521,10 @@
    <value>No seats available for organization, '{0}'</value>
  </data>
  <data name="UserAlreadyInvited" xml:space="preserve">
-    <value>User, '{0}', has already been invited to this organization, '{1}'</value>
+    <value>User, '{0}', has already been invited to this organization, '{1}'. Accept the invite in order to log in with SSO.</value>
  </data>
-  <data name="UserAlreadyExistsUseLinkViaSso" xml:space="preserve">
-    <value>User already exists, please link account to SSO after logging in</value>
+  <data name="UserAlreadyExistsInviteProcess" xml:space="preserve">
+    <value>In order to join this organization, contact an admin to send you an invite and follow the instructions within to accept.</value>
  </data>
  <data name="RedirectGet" xml:space="preserve">
    <value>Redirect GET</value>
--- a/src/Sql/Sql.sqlproj
+++ b/src/Sql/Sql.sqlproj
@ -294,5 +294,7 @@
    <Build Include="dbo\Stored Procedures\TaxRate_ReadAllActive.sql" />
    <Build Include="dbo\Stored Procedures\TaxRate_Create.sql" />
    <Build Include="dbo\Stored Procedures\TaxRate_Archive.sql" />
+    <Build Include="dbo\Stored Procedures\OrganizationUser_ReadByOrganizationIdEmail.sql" />
  </ItemGroup>
 </Project>
+
--- a/Procedures/OrganizationUser_ReadByOrganizationIdEmail.sql
+++ b/Procedures/OrganizationUser_ReadByOrganizationIdEmail.sql
@ -0,0 +1,17 @@
+CREATE PROCEDURE [dbo].[OrganizationUser_ReadByOrganizationIdEmail]
+    @OrganizationId UNIQUEIDENTIFIER,
+    @Email NVARCHAR(50)
+AS
+BEGIN
+    SET NOCOUNT ON
+
+    SELECT
+        *
+    FROM
+        [dbo].[OrganizationUserView]
+    WHERE
+        [OrganizationId] = @OrganizationId
+        AND [Email] IS NOT NULL
+        AND @Email IS NOT NULL
+        AND [Email] = @Email
+END