[Bug] Improve SSO user provision flow (#1022)

* Initial commit of provisioning updates * Updated strings * removed extra BANG * Separated orgUsers db lookup - prioritized existing user Id * Updated create sso record method // Added sproc for org/email retrieval
2025-07-01 16:12:49 -05:00 · 2020-12-04 16:45:54 -06:00
parent 0d7c876904
commit 09aea4ed38
7 changed files with 149 additions and 93 deletions
--- a/src/Core/Repositories/IOrganizationUserRepository.cs
+++ b/src/Core/Repositories/IOrganizationUserRepository.cs
@ -27,5 +27,6 @@ namespace Bit.Core.Repositories
        Task CreateAsync(OrganizationUser obj, IEnumerable<SelectionReadOnly> collections);
        Task ReplaceAsync(OrganizationUser obj, IEnumerable<SelectionReadOnly> collections);
        Task<ICollection<OrganizationUser>> GetManyByManyUsersAsync(IEnumerable<Guid> userIds);
+        Task<OrganizationUser> GetByOrganizationEmailAsync(Guid organizationId, string email);
    }
 }
--- a/src/Core/Repositories/SqlServer/OrganizationUserRepository.cs
+++ b/src/Core/Repositories/SqlServer/OrganizationUserRepository.cs
@ -244,5 +244,18 @@ namespace Bit.Core.Repositories.SqlServer
                return results.ToList();
            }
        }
+        
+        public async Task<OrganizationUser> GetByOrganizationEmailAsync(Guid organizationId, string email)
+        {
+            using (var connection = new SqlConnection(ConnectionString))
+            {
+                var results = await connection.QueryAsync<OrganizationUser>(
+                    "[dbo].[OrganizationUser_ReadByOrganizationIdEmail]",
+                    new { OrganizationId = organizationId, Email = email },
+                    commandType: CommandType.StoredProcedure);
+
+                return results.SingleOrDefault();
+            }
+        }
    }
 }
--- a/src/Core/Resources/SharedResources.en.resx
+++ b/src/Core/Resources/SharedResources.en.resx
@ -521,10 +521,10 @@
    <value>No seats available for organization, '{0}'</value>
  </data>
  <data name="UserAlreadyInvited" xml:space="preserve">
-    <value>User, '{0}', has already been invited to this organization, '{1}'</value>
+    <value>User, '{0}', has already been invited to this organization, '{1}'. Accept the invite in order to log in with SSO.</value>
  </data>
-  <data name="UserAlreadyExistsUseLinkViaSso" xml:space="preserve">
-    <value>User already exists, please link account to SSO after logging in</value>
+  <data name="UserAlreadyExistsInviteProcess" xml:space="preserve">
+    <value>In order to join this organization, contact an admin to send you an invite and follow the instructions within to accept.</value>
  </data>
  <data name="RedirectGet" xml:space="preserve">
    <value>Redirect GET</value>