diff options
| author | Morris Jobke <hey@morrisjobke.de> | 2021-01-07 14:14:50 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-01-07 14:14:50 +0100 |
| commit | 7001f036453f5d79d3c44fdb82fdccf43c6e60db (patch) | |
| tree | a2528c910abc1183962ae92f3a2ef973eb789b35 | |
| parent | 38e534e7c16cb6f7e1b64a022cdcc816ba6d6fad (diff) | |
| parent | 72f16a46e85632408d3b764c2622cc77d9aa1082 (diff) | |
| download | nextcloud-server-7001f036453f5d79d3c44fdb82fdccf43c6e60db.tar.gz nextcloud-server-7001f036453f5d79d3c44fdb82fdccf43c6e60db.zip | |
Merge pull request #25010 from nextcloud/revert-24955-external-storage-login-ldap
Revert "allow using any ldap property as login name when using login credentials"
| -rw-r--r-- | apps/files_external/lib/Lib/Auth/Password/LoginCredentials.php | 40 |
1 files changed, 2 insertions, 38 deletions
diff --git a/apps/files_external/lib/Lib/Auth/Password/LoginCredentials.php b/apps/files_external/lib/Lib/Auth/Password/LoginCredentials.php index 889030d87cd..6bf6b61f164 100644 --- a/apps/files_external/lib/Lib/Auth/Password/LoginCredentials.php +++ b/apps/files_external/lib/Lib/Auth/Password/LoginCredentials.php @@ -30,7 +30,6 @@ use OCA\Files_External\Lib\Auth\AuthMechanism; use OCA\Files_External\Lib\InsufficientDataForMeaningfulAnswerException; use OCA\Files_External\Lib\StorageConfig; use OCA\Files_External\Listener\StorePasswordListener; -use OCA\User_LDAP\IUserLDAP; use OCP\Authentication\Exceptions\CredentialsUnavailableException; use OCP\Authentication\LoginCredentials\IStore as CredentialsStore; use OCP\EventDispatcher\IEventDispatcher; @@ -82,7 +81,7 @@ class LoginCredentials extends AuthMechanism { $credentials = [ 'user' => $sessionCredentials->getLoginName(), - 'password' => $sessionCredentials->getPassword(), + 'password' => $sessionCredentials->getPassword() ]; $this->credentialsManager->store($user->getUID(), self::CREDENTIALS_IDENTIFIER, $credentials); @@ -100,42 +99,7 @@ class LoginCredentials extends AuthMechanism { } $credentials = $this->getCredentials($user); - $loginKey = $storage->getBackendOption("login_ldap_attr"); - if ($loginKey) { - $backend = $user->getBackend(); - if ($backend instanceof IUserLDAP) { - $value = $this->getLdapPropertyForUser($backend, $user, $loginKey); - if ($value === null) { - throw new InsufficientDataForMeaningfulAnswerException('Custom ldap attribute not set for user ' . $user->getUID()); - } - $storage->setBackendOption('user', $value); - } else { - throw new InsufficientDataForMeaningfulAnswerException('Custom ldap attribute configured but user ' . $user->getUID() . ' is not an ldap user'); - } - } else { - $storage->setBackendOption('user', $credentials['user']); - } + $storage->setBackendOption('user', $credentials['user']); $storage->setBackendOption('password', $credentials['password']); } - - private function getLdapPropertyForUser(IUserLDAP $ldap, IUser $user, string $property): ?string { - $access = $ldap->getLDAPAccess($user->getUID()); - $connection = $access->getConnection(); - $key = "external_login::" . $user->getUID() . "::" . $property; - $cached = $connection->getFromCache($key); - - if ($cached !== null) { - return $cached; - } - - $value = $access->readAttribute($access->username2dn($user->getUID()), $property); - if (count($value) > 0) { - $value = current($value); - } else { - return null; - } - $connection->writeToCache($key, $value); - - return $value; - } } |