From a76f61f7e1839fe803e7ed72020d8b13d79209f8 Mon Sep 17 00:00:00 2001
From: epriestley <git@epriestley.com>
Date: Thu, 22 May 2014 14:51:00 -0700
Subject: [PATCH] Make auth.email-domains case-insensitive

Summary:
Fixes T5143. Currently, if your allowed domain is "example.com", we reject signups from "@Example.com".

Instead, lowercase both parts before performing the check.

Test Plan:
  - Before patch:
    - Set allowed domains to "yghe.net".
    - Tried "x@yghe.net", no error.
    - Tried "x@xxxy.net", error.
    - Tried "x@yghE.net", incorrectly results in an error.
  - After patch:
    - Set allowed domains to "yghe.net".
    - Tried "x@yghe.net", no error.
    - Tried "x@xxxy.net", error.
    - Tried "x@yghE.net", this correctly no longer produces an error.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T5143

Differential Revision: https://secure.phabricator.com/D9261
---
 .../people/storage/PhabricatorUserEmail.php            | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/applications/people/storage/PhabricatorUserEmail.php b/src/applications/people/storage/PhabricatorUserEmail.php
index 85876f27df..31c5377022 100644
--- a/src/applications/people/storage/PhabricatorUserEmail.php
+++ b/src/applications/people/storage/PhabricatorUserEmail.php
@@ -89,7 +89,15 @@ final class PhabricatorUserEmail extends PhabricatorUserDAO {
       return false;
     }
 
-    return in_array($domain, $allowed_domains);
+    $lower_domain = phutil_utf8_strtolower($domain);
+    foreach ($allowed_domains as $allowed_domain) {
+      $lower_allowed = phutil_utf8_strtolower($allowed_domain);
+      if ($lower_allowed === $lower_domain) {
+        return true;
+      }
+    }
+
+    return false;
   }