OAuth: Compare oauth users using exact compare

db/migrations/2020_12_28_000000_oauth_set_identifier_binary.php

@@ -1,53 +0,0 @@
-<?php
-
-namespace Engelsystem\Migrations;
-
-use Engelsystem\Database\Migration\Migration;
-use Illuminate\Database\Query\Grammars\MySqlGrammar;
-
-class OauthSetIdentifierBinary extends Migration
-{
-    use Reference;
-
-    /**
-     * Run the migration
-     */
-    public function up()
-    {
-        $connection = $this->schema->getConnection();
-        if (!$connection->getQueryGrammar() instanceof MySqlGrammar) {
-            return;
-        }
-
-        $connection->unprepared(
-            '
-            ALTER TABLE `oauth`
-                CHANGE `identifier`
-                    `identifier`
-                    VARCHAR(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_bin
-                    NOT NULL
-            '
-        );
-    }
-
-    /**
-     * Reverse the migration
-     */
-    public function down()
-    {
-        $connection = $this->schema->getConnection();
-        if (!$connection->getQueryGrammar() instanceof MySqlGrammar) {
-            return;
-        }
-
-        $connection->unprepared(
-            '
-            ALTER TABLE `oauth`
-                CHANGE `identifier`
-                    `identifier`
-                    VARCHAR(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci
-                    NOT NULL
-            '
-        );
-    }
-}

src/Controllers/OAuthController.php

@@ -129,12 +129,16 @@ class OAuthController extends BaseController
         }
 
         $resourceOwner = $provider->getResourceOwner($accessToken);
+        $resourceId = $resourceOwner->getId();
 
         /** @var OAuth|null $oauth */
         $oauth = $this->oauth
             ->query()
             ->where('provider', $providerName)
-            ->where('identifier', $resourceOwner->getId())
+            ->where('identifier', $resourceId)
+            ->get()
+            // Explicit case sensitive comparison using PHP as some DBMS collations are case sensitive and some arent
+            ->where('identifier', '===', $resourceId)
             ->first();
 
         $expirationTime = $accessToken->getExpires();

tests/Unit/Controllers/OAuthControllerTest.php

@@ -340,7 +340,7 @@ class OAuthControllerTest extends TestCase
             $resourceOwner,
             'getId',
             null,
-            'provider-not-connected-identifier',
+            'ProVIdeR-User-IdenTifIer', // Case sensitive variation of existing entry
             $this->atLeastOnce()
         );
         $this->setExpects(
@@ -348,7 +348,7 @@ class OAuthControllerTest extends TestCase
             'toArray',
             null,
             [
-                'uid'        => 'provider-not-connected-identifier',
+                'uid'        => 'ProVIdeR-User-IdenTifIer',
                 'user'       => 'username',
                 'email'      => 'foo.bar@localhost',
                 'given-name' => 'Foo',
@@ -385,7 +385,7 @@ class OAuthControllerTest extends TestCase
         $this->config->set('registration_enabled', true);
         $controller->index($request);
         $this->assertEquals('testprovider', $this->session->get('oauth2_connect_provider'));
-        $this->assertEquals('provider-not-connected-identifier', $this->session->get('oauth2_user_id'));
+        $this->assertEquals('ProVIdeR-User-IdenTifIer', $this->session->get('oauth2_user_id'));
         $this->assertEquals('test-token', $this->session->get('oauth2_access_token'));
         $this->assertEquals('test-refresh-token', $this->session->get('oauth2_refresh_token'));
         $this->assertEquals(4242424242, $this->session->get('oauth2_expires_at')->unix());