Improve HRD logic to normalize connection email domains before comparison

[jmangelo]

Description

The latest version of Lock support HRD based on the domain portion of the email address which is mapped against the email domains of enabled connections.

However, although the user entered email address is normalized to lower case it seems the comparison is then performed against the exact value coming from connection configuration.

Due to the above, if connection A has configured email domains of Example.com, example.org then if a user inputs:

• [email protected] HRD kicks-in because the email is normalized to lowercase and the domain portion maps with the connection configuration.
• [email protected] or [email protected] there is NO HRD because the normalization of the email address leads to a comparison of 'example.com' === 'Example.com'.

Given Lock is already normalizing the user input it should also consider normalizing the values coming from connection configuration in order to reduce confusion.

Environment

Please provide the following:

• Lock version: 11.17.2
• Browser version: N/A
• OS: N/A
• Additional extensions/libraries that might be affecting your instance: N/A

Reproduction

1. create an enterprise connection with an email domain of Example.com.
2. enable the previous connection for an application.
3. perform an authentication request using Lock for the application in question.
4. input [email protected] as the email address.

[luisrudge]

fixed in #1735