where('is_admin', true)->oldest()->firstOrFail(); } public function findOneByEmail(string $email): ?User { return User::query()->firstWhere('email', $email); } public function findOneBySSO(SSOUser $ssoUser): ?User { // we prioritize the SSO ID over the email address, but still resort to the latter return User::query()->firstWhere([ 'sso_id' => $ssoUser->id, 'sso_provider' => $ssoUser->provider, ]) ?? $this->findOneByEmail($ssoUser->email); } }