From a3a514d281998b2666d70778cd4fc0354ea73bfa Mon Sep 17 00:00:00 2001 From: SKS Parnic Date: Tue, 10 Mar 2020 13:35:30 -0500 Subject: [PATCH] Fixed failing oauth if username case changed If the user had previously logged into mattermost as "user" and then tried to connect another device as "User", a new set of entries would be created in the database which caused user IDs to not match up which caused Mattermost to throw an error about the account already being registered under a different service. This change ensures usernames are always processed in lowercase so that this can't happen. Note that manual fixups of any existing entries in the mattermost-ldap database may need to be performed to fully fix everything. This just prevents the issue from occurring again in a very simple way. A more thorough fix would be to make the db queries check in a case-insensitive matter, though multiple entries in the users database would still exist. --- oauth/authorize.php | 2 +- oauth/connexion.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/oauth/authorize.php b/oauth/authorize.php index 1b1defd..51813ac 100644 --- a/oauth/authorize.php +++ b/oauth/authorize.php @@ -111,7 +111,7 @@ if (empty($_POST)) { // print the authorization code if the user has authorized your client $is_authorized = ($_POST['authorized'] === 'Authorize'); -$server->handleAuthorizeRequest($request, $response, $is_authorized,$_SESSION['uid']); +$server->handleAuthorizeRequest($request, $response, $is_authorized,strtolower($_SESSION['uid'])); if ($is_authorized) { diff --git a/oauth/connexion.php b/oauth/connexion.php index 57edba1..6bd2480 100644 --- a/oauth/connexion.php +++ b/oauth/connexion.php @@ -33,7 +33,7 @@ else // Remove every html tag and useless space on username (to prevent XSS) $user=strip_tags(trim($_POST['user'])); - $user=$_POST['user']; + $user=strtolower($_POST['user']); $password=$_POST['password']; // Open a LDAP connection