Guwan
/
ldap-matter
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed failing oauth if username case changed 

If the user had previously logged into mattermost as "user" and then tried to connect another device as "User", a new set of entries would be created in the database which caused user IDs to not match up which caused Mattermost to throw an error about the account already being registered under a different service. This change ensures usernames are always processed in lowercase so that this can't happen.

Note that manual fixups of any existing entries in the mattermost-ldap database may need to be performed to fully fix everything. This just prevents the issue from occurring again in a very simple way. A more thorough fix would be to make the db queries check in a case-insensitive matter, though multiple entries in the users database would still exist.
This commit is contained in:
SKS Parnic 2020-03-10 13:35:30 -05:00
parent 0c1eaf3a31
commit a3a514d281
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
oauth/authorize.php
View File

@ -111,7 +111,7 @@ if (empty($_POST)) {
// print the authorization code if the user has authorized your client
$is_authorized = ($_POST['authorized'] === 'Authorize');
$server->handleAuthorizeRequest($request, $response, $is_authorized,$_SESSION['uid']);
$server->handleAuthorizeRequest($request, $response, $is_authorized,strtolower($_SESSION['uid']));
if ($is_authorized)
{

2
oauth/connexion.php
View File

@ -33,7 +33,7 @@ else
// Remove every html tag and useless space on username (to prevent XSS)
$user=strip_tags(trim($_POST['user']));
$user=$_POST['user'];
$user=strtolower($_POST['user']);
$password=$_POST['password'];
// Open a LDAP connection