Slack email stuck with pre-sso address

[dd32]

When we enabled Slack SSO with WordPress.org, we re-used the users specified email address rather than forcing all accounts back to @chat.wordpress.org.

At the time, I was under the impression that users could change their email if needed still. It appears I was either wrong, or this requires more work to achieve.

We should update our Slack SSO code that upon login, changes a users slack email address to the USERNAME@chat.wordpress.org if they're using an email such as NAME@old-company-i-no-longer-work-at.com (Perhaps only if it doesn't match their w.org profile?)

The Slack SAML specs note that there are two required params:
​https://slack.com/intl/en-au/help/articles/205168057-Custom-SAML-single-sign-on#:~:text=or%20something%20similar.-,Settings%20to%20include,-NameID%20(Required)

NameID (Required)
Your Unique Identifier
Note: To meet SAML specifications, the NameID must be unique, pseudo-random, and will not change for the user over time – like an employee ID number.

Email attribute (required)
testuser@…

I think if we pass the same NameID with a new email address, it'll update the linked email address.
If the user hasn't logged in with SSO before though, the user profile will be matched based on the Email, so for users that haven't SSO'd before they'd need to have their old email specified during the initial login.

Perhaps incorrectly, we're using user_login as the NameID parameter at present, rather than a psuedorandom identifier, This may mean that moving Slack accounts between WordPress.org accounts is more problematic than it needed to be.

The implementation should be reviewed to properly allow for such changes.

[dd32]

This was resolved a while ago.