Merge pull request #430 from heguro/aad-email-fix

Fix sign-in loop when email is not set in Azure AD account
microsoft · Feb 12, 2025 · ec88e9b · ec88e9b
2 parents a709d3b + b9efa57
commit ec88e9b
Showing 1 changed file with 4 additions and 2 deletions.
diff --git a/src/features/auth-page/auth-api.ts b/src/features/auth-page/auth-api.ts
@@ -39,13 +39,15 @@ const configureIdentityProvider = () => {
         clientSecret: process.env.AZURE_AD_CLIENT_SECRET!,
         tenantId: process.env.AZURE_AD_TENANT_ID!,
         async profile(profile) {
+          const email = profile.email || profile.preferred_username || "";
           const newProfile = {
             ...profile,
+            email,
             // throws error without this - unsure of the root cause (https://stackoverflow.com/questions/76244244/profile-id-is-missing-in-google-oauth-profile-response-nextauth)
             id: profile.sub,
             isAdmin:
-              adminEmails?.includes(profile.email.toLowerCase()) ||
-              adminEmails?.includes(profile.preferred_username.toLowerCase()),
+              adminEmails?.includes(profile.email?.toLowerCase()) ||
+              adminEmails?.includes(profile.preferred_username?.toLowerCase()),
           };
           return newProfile;
         },