From 505c2da072fca059870a84494634d3b80f0df69b Mon Sep 17 00:00:00 2001
From: Emile NDAGIJIMANA <emile.ndagijimana@apitech.fr>
Date: Fri, 17 Dec 2021 18:56:40 +0100
Subject: [PATCH] fix issue #4222

---
 models/users.js | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/models/users.js b/models/users.js
index e1baf83a6..70a5b141b 100644
--- a/models/users.js
+++ b/models/users.js
@@ -1683,10 +1683,20 @@ if (Meteor.isServer) {
     // If ldap, bypass the inviation code if the self registration isn't allowed.
     // TODO : pay attention if ldap field in the user model change to another content ex : ldap field to connection_type
     if (doc.authenticationMethod !== 'ldap' && disableRegistration) {
-      const invitationCode = InvitationCodes.findOne({
-        code: doc.profile.icode,
-        valid: true,
-      });
+      let invitationCode = null;
+      if(doc.authenticationMethod.toLowerCase() == 'oauth2')
+      { // OIDC authentication mode
+        invitationCode = InvitationCodes.findOne({
+          email: doc.emails[0].address.toLowerCase(),
+          valid: true,
+        });
+      }
+      else{
+        invitationCode = InvitationCodes.findOne({
+          code: doc.profile.icode,
+          valid: true,
+        });
+      }
       if (!invitationCode) {
         throw new Meteor.Error('error-invitation-code-not-exist');
       } else {