From c011102a404b1baaac92e69b201f660bf022e460 Mon Sep 17 00:00:00 2001
From: luizfelipelaviola <luiz@laviola.dev>
Date: Thu, 7 Aug 2025 22:48:27 -0300
Subject: [PATCH] fix: saml user attribute

---
 .../services/handleSamlToFirebaseAuthentication.service.ts  | 3 ++-
 src/shared/infrastructure/saml/strategy.ts                  | 6 +++++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/modules/authentication/services/handleSamlToFirebaseAuthentication.service.ts b/src/modules/authentication/services/handleSamlToFirebaseAuthentication.service.ts
index 6d8badd..b992a1c 100644
--- a/src/modules/authentication/services/handleSamlToFirebaseAuthentication.service.ts
+++ b/src/modules/authentication/services/handleSamlToFirebaseAuthentication.service.ts
@@ -1,4 +1,5 @@
 import { inject, injectable } from "tsyringe";
+import { isEmail } from "validator";
 
 // i18n import
 import { i18n } from "@shared/i18n";
@@ -36,7 +37,7 @@ class HandleSamlToFirebaseAuthenticationService {
     const t = await i18n(language);
 
     try {
-      if (!user.email) {
+      if (!user.email || !isEmail(user.email)) {
         throw new AppError({
           key: "@handle_saml_to_firebase_authentication_service/EMAIL_REQUIRED",
           message: t(
diff --git a/src/shared/infrastructure/saml/strategy.ts b/src/shared/infrastructure/saml/strategy.ts
index 2e15c9e..b3c92d7 100644
--- a/src/shared/infrastructure/saml/strategy.ts
+++ b/src/shared/infrastructure/saml/strategy.ts
@@ -6,6 +6,7 @@ import schedule from "node-schedule";
 import { MetadataReader, toPassportConfig } from "passport-saml-metadata";
 import { XMLBuilder } from "fast-xml-parser";
 import { container } from "tsyringe";
+import { isEmail } from "validator";
 
 // Error import
 import { AppError } from "@shared/errors/AppError";
@@ -64,6 +65,7 @@ class SamlFederationManager {
     "urn:oid:2.5.4.42": "givenName",
     "urn:oid:2.5.4.4": "sn",
     "urn:oid:1.3.6.1.4.1.5923.1.1.1.6": "eduPersonPrincipalName",
+    "urn:oid:1.3.6.1.4.1.1466.115.121.1.26": "inetOrgPerson",
   };
 
   constructor() {
@@ -427,7 +429,9 @@ class SamlFederationManager {
 
     return {
       uid: friendly.uid,
-      email: friendly.mail,
+      email: isEmail(friendly.inetOrgPerson)
+        ? friendly.inetOrgPerson
+        : friendly.mail,
       firstName: friendly.givenName,
       lastName: friendly.sn,
       username: friendly.eduPersonPrincipalName,