feat: sanitize external identity provider user data (#681)

* feat: sanitize external user data

* remove config option to disable Sanitization: sanitize_external_user_data

* cleanup

---------

Co-authored-by: Christoph Haas <christoph.h@sprinternet.at>

internal/app/auth/oauth_common_test.go

@@ -43,7 +43,7 @@ func Test_parseOauthUserInfo_no_admin(t *testing.T) {
 	})
 	adminMapping := &config.OauthAdminMapping{}
 
-	info, err := parseOauthUserInfo(fieldMapping, adminMapping, userInfo)
+	info, err := parseOauthUserInfo(fieldMapping, adminMapping, userInfo, "oauth", "test-provider")
 	assert.NoError(t, err)
 	assert.False(t, info.IsAdmin)
 	assert.Equal(t, info.Firstname, "Test User")
@@ -90,7 +90,7 @@ func Test_parseOauthUserInfo_admin_group(t *testing.T) {
 		AdminGroupRegex: "^wgportal-admins@mydomain.net$",
 	}
 
-	info, err := parseOauthUserInfo(fieldMapping, adminMapping, userInfo)
+	info, err := parseOauthUserInfo(fieldMapping, adminMapping, userInfo, "oauth", "test-provider")
 	assert.NoError(t, err)
 	assert.True(t, info.IsAdmin)
 	assert.Equal(t, info.Firstname, "Test User")
@@ -132,7 +132,7 @@ func Test_parseOauthUserInfo_admin_value(t *testing.T) {
 	})
 	adminMapping := &config.OauthAdminMapping{} // test with default regex
 
-	info, err := parseOauthUserInfo(fieldMapping, adminMapping, userInfo)
+	info, err := parseOauthUserInfo(fieldMapping, adminMapping, userInfo, "oauth", "test-provider")
 	assert.NoError(t, err)
 	assert.True(t, info.IsAdmin)
 	assert.Equal(t, info.Firstname, "Test User")
@@ -175,7 +175,7 @@ func Test_parseOauthUserInfo_admin_value_custom(t *testing.T) {
 		AdminValueRegex: "^1$",
 	}
 
-	info, err := parseOauthUserInfo(fieldMapping, adminMapping, userInfo)
+	info, err := parseOauthUserInfo(fieldMapping, adminMapping, userInfo, "oauth", "test-provider")
 	assert.NoError(t, err)
 	assert.True(t, info.IsAdmin)
 	assert.Equal(t, info.Firstname, "Test User")