mirror of
https://github.com/BookStackApp/BookStack.git
synced 2024-10-30 15:42:41 +01:00
Fixed LDAP error thrown by not found user details
- Added testing to cover. Related to #1876
This commit is contained in:
parent
e8cfb4f2be
commit
14363edb73
@ -44,11 +44,14 @@ class LdapSessionGuard extends ExternalBaseSessionGuard
|
|||||||
public function validate(array $credentials = [])
|
public function validate(array $credentials = [])
|
||||||
{
|
{
|
||||||
$userDetails = $this->ldapService->getUserDetails($credentials['username']);
|
$userDetails = $this->ldapService->getUserDetails($credentials['username']);
|
||||||
$this->lastAttempted = $this->provider->retrieveByCredentials([
|
|
||||||
'external_auth_id' => $userDetails['uid']
|
|
||||||
]);
|
|
||||||
|
|
||||||
return $this->ldapService->validateUserCredentials($userDetails, $credentials['username'], $credentials['password']);
|
if (isset($userDetails['uid'])) {
|
||||||
|
$this->lastAttempted = $this->provider->retrieveByCredentials([
|
||||||
|
'external_auth_id' => $userDetails['uid']
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
|
||||||
|
return $this->ldapService->validateUserCredentials($userDetails, $credentials['password']);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -66,11 +69,15 @@ class LdapSessionGuard extends ExternalBaseSessionGuard
|
|||||||
{
|
{
|
||||||
$username = $credentials['username'];
|
$username = $credentials['username'];
|
||||||
$userDetails = $this->ldapService->getUserDetails($username);
|
$userDetails = $this->ldapService->getUserDetails($username);
|
||||||
$this->lastAttempted = $user = $this->provider->retrieveByCredentials([
|
|
||||||
'external_auth_id' => $userDetails['uid']
|
|
||||||
]);
|
|
||||||
|
|
||||||
if (!$this->ldapService->validateUserCredentials($userDetails, $username, $credentials['password'])) {
|
$user = null;
|
||||||
|
if (isset($userDetails['uid'])) {
|
||||||
|
$this->lastAttempted = $user = $this->provider->retrieveByCredentials([
|
||||||
|
'external_auth_id' => $userDetails['uid']
|
||||||
|
]);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!$this->ldapService->validateUserCredentials($userDetails, $credentials['password'])) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -102,9 +102,9 @@ class LdapService extends ExternalAuthService
|
|||||||
* Check if the given credentials are valid for the given user.
|
* Check if the given credentials are valid for the given user.
|
||||||
* @throws LdapException
|
* @throws LdapException
|
||||||
*/
|
*/
|
||||||
public function validateUserCredentials(array $ldapUserDetails, string $username, string $password): bool
|
public function validateUserCredentials(?array $ldapUserDetails, string $password): bool
|
||||||
{
|
{
|
||||||
if ($ldapUserDetails === null) {
|
if (is_null($ldapUserDetails)) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -166,7 +166,7 @@ class LdapTest extends BrowserKitTest
|
|||||||
->seeInDatabase('users', ['email' => $this->mockUser->email, 'email_confirmed' => false, 'external_auth_id' => 'cooluser456']);
|
->seeInDatabase('users', ['email' => $this->mockUser->email, 'email_confirmed' => false, 'external_auth_id' => 'cooluser456']);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function test_initial_incorrect_details()
|
public function test_initial_incorrect_credentials()
|
||||||
{
|
{
|
||||||
$this->mockLdap->shouldReceive('connect')->once()->andReturn($this->resourceId);
|
$this->mockLdap->shouldReceive('connect')->once()->andReturn($this->resourceId);
|
||||||
$this->mockLdap->shouldReceive('setVersion')->once();
|
$this->mockLdap->shouldReceive('setVersion')->once();
|
||||||
@ -186,6 +186,23 @@ class LdapTest extends BrowserKitTest
|
|||||||
->dontSeeInDatabase('users', ['external_auth_id' => $this->mockUser->name]);
|
->dontSeeInDatabase('users', ['external_auth_id' => $this->mockUser->name]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function test_login_not_found_username()
|
||||||
|
{
|
||||||
|
$this->mockLdap->shouldReceive('connect')->once()->andReturn($this->resourceId);
|
||||||
|
$this->mockLdap->shouldReceive('setVersion')->once();
|
||||||
|
$this->mockLdap->shouldReceive('setOption')->times(1);
|
||||||
|
$this->mockLdap->shouldReceive('searchAndGetEntries')->times(1)
|
||||||
|
->with($this->resourceId, config('services.ldap.base_dn'), \Mockery::type('string'), \Mockery::type('array'))
|
||||||
|
->andReturn(['count' => 0]);
|
||||||
|
$this->mockLdap->shouldReceive('bind')->times(1)->andReturn(true, false);
|
||||||
|
$this->mockEscapes(1);
|
||||||
|
|
||||||
|
$this->mockUserLogin()
|
||||||
|
->seePageIs('/login')->see('These credentials do not match our records.')
|
||||||
|
->dontSeeInDatabase('users', ['external_auth_id' => $this->mockUser->name]);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
public function test_create_user_form()
|
public function test_create_user_form()
|
||||||
{
|
{
|
||||||
$this->asAdmin()->visit('/settings/users/create')
|
$this->asAdmin()->visit('/settings/users/create')
|
||||||
|
Loading…
Reference in New Issue
Block a user