From d5de89010181f4d25081bf79f6723193d4729ff3 Mon Sep 17 00:00:00 2001 From: tchapi Date: Mon, 21 Apr 2025 13:34:37 +0200 Subject: [PATCH] chore --- src/Services/LDAPAuth.php | 26 ++++++++++++++++++++++---- 1 file changed, 22 insertions(+), 4 deletions(-) diff --git a/src/Services/LDAPAuth.php b/src/Services/LDAPAuth.php index 321bf2d..b6dd286 100644 --- a/src/Services/LDAPAuth.php +++ b/src/Services/LDAPAuth.php @@ -172,12 +172,30 @@ protected function ldapOpen($username, $password) } if ($success && $this->autoCreate) { - $user = $this->doctrine->getRepository(User::class)->findOneBy(['username' => $username]); + // First, we'll be asking the LDAP server to give us the user name back, in case the LDAP server is case-insensitive + // See https://github.com/tchapi/davis/issues/167 + $realUsername = $username; + + try { + $search_results = ldap_read($ldap, $dn, '(objectclass=*)', ['uid']); + } catch (\Exception $e) { + // Probably a "No such object" error, ignore and use available credentials (username) + } + + if (false !== $search_results) { + $entry = ldap_get_entries($ldap, $search_results); + + if (false !== $entry && !empty($entry[0]['uid'])) { + $realUsername = $entry[0]['uid'][0]; + } + } + + $user = $this->doctrine->getRepository(User::class)->findOneBy(['username' => $realUsername]); if (!$user) { // Default fallback values - $displayName = $username; - $email = $username; + $displayName = $realUsername; + $email = $realUsername; // Try to extract display name and email for this user. // NB: We suppose display name is `cn` (email is configurable, generally `mail`) @@ -201,7 +219,7 @@ protected function ldapOpen($username, $password) } } - $this->utils->createPasswordlessUserWithDefaultObjects($username, $displayName, $email); + $this->utils->createPasswordlessUserWithDefaultObjects($realUsername, $displayName, $email); $em = $this->doctrine->getManager();