diff --git a/oauth/LDAP/LDAP.php b/oauth/LDAP/LDAP.php
index 42ed2fc..b81231d 100755
--- a/oauth/LDAP/LDAP.php
+++ b/oauth/LDAP/LDAP.php
@@ -237,9 +237,7 @@ class LDAP implements LDAPInterface
throw new Exception('An error has occured during ldap_get_values execution (complete name). Please check parameter of LDAP/getData.');
}
- $return_data = array("mail" => $mail[0], "cn" => $cn[0]);
- error_log("LDAP \$return_data = " . json_encode($return_data));
- return $return_data;
+ return array("mail" => $mail[0], "cn" => $cn[0]);
}
/*
diff --git a/oauth/config.php b/oauth/config.php
new file mode 100644
index 0000000..db0f72e
--- /dev/null
+++ b/oauth/config.php
@@ -0,0 +1,5 @@
+
diff --git a/oauth/connexion.php b/oauth/connexion.php
index f1127c0..90eab96 100644
--- a/oauth/connexion.php
+++ b/oauth/connexion.php
@@ -20,18 +20,13 @@ else
// Check received data length (to prevent code injection)
if (strlen($_POST['user']) > 15)
{
- echo 'Username is longer than 15 characters ... Please try again
';
+ echo 'Username has incorrect format ... Please try again
';
echo 'Click here to come back to login page';
}
- elseif (strlen($_POST['password']) > 50)
+ elseif (strlen($_POST['password']) > 50 || strlen($_POST['password']) <= 7)
{
- echo 'Password is longer than 50 characters ... Please try again
';
- echo 'Click here to come back to login page';
-
- } elseif (strlen($_POST['password']) <= 7)
- {
- echo 'Password is shorter than 7 characters ... Please try again
';
- echo 'Click here to come back to login page';
+ echo 'Password has incorrect format ... Please try again
';
+ echo 'Click here to come back to login page';
}
else
{
diff --git a/oauth/resource.php b/oauth/resource.php
index a93fb59..b31658a 100755
--- a/oauth/resource.php
+++ b/oauth/resource.php
@@ -34,52 +34,8 @@ try
{
$data = $ldap->getDataForMattermost($ldap_base_dn,$ldap_filter,$ldap_bind_dn,$ldap_bind_pass,$ldap_search_attribute,$user);
- /* Here is the patch for Mattermost 4.4 and older. Gitlab has changed
- the JSON output of oauth service. Many data are not used by
- Mattermost, but there is a stack error if we delete them. That's the
- reason why date and many parameters are null or empty.
- */
- if ($data) {
- error_log("resource.php \$data = " . json_encode($data));
- } else {
- error_log("$data is null");
- }
-
- $resp = array(
- "id" => $assoc_id,
- "name" => $data['cn'],
- "username" => $user,
- "state" => "active",
- "avatar_url" => "",
- "web_url" => "",
- "created_at" => "0000-00-00T00:00:00.000Z",
- "bio" => null,"location" => null,
- "skype" => "",
- "linkedin" => "",
- "twitter" => "",
- "website_url" => "",
- "organization" => null,
- "last_sign_in_at" => "0000-00-00T00:00:00.000Z",
- "confirmed_at" => "0000-00-00T00:00:00.000Z",
- "last_activity_on" => null,
- "email" => $data['mail'],
- "theme_id" => 1,
- "color_scheme_id" => 1,
- "projects_limit" => 100000,
- "current_sign_in_at" => "0000-00-00T00:00:00.000Z",
- "identities" => array(
- array(
- "provider" => "ldapmain",
- "extern_uid" => $data['cn']
- )
- ),
- "can_create_group" => true,
- "can_create_project" => true,
- "two_factor_enabled" => false,
- "external" => false,
- "shared_runners_minutes_limit" => null
- );
- error_log("\$resp = " . json_encode($resp));
+ // Here is the patch for Mattermost 4.4 and older. Gitlab has changed the JSON output of oauth service. Many data are not used by Mattermost, but there is a stack error if we delete them. That's the reason why date and many parameters are null or empty.
+ $resp = array("id" => $assoc_id,"name" => $data['cn'],"username" => $user,"state" => "active","avatar_url" => "","web_url" => "","created_at" => "0000-00-00T00:00:00.000Z","bio" => null,"location" => null,"skype" => "","linkedin" => "","twitter" => "","website_url" => "","organization" => null,"last_sign_in_at" => "0000-00-00T00:00:00.000Z","confirmed_at" => "0000-00-00T00:00:00.000Z","last_activity_on" => null,"email" => $data['mail'],"theme_id" => 1,"color_scheme_id" => 1,"projects_limit" => 100000,"current_sign_in_at" => "0000-00-00T00:00:00.000Z","identities" => array(array("provider" => "ldapmain","extern_uid" => $data['dn'])),"can_create_group" => true,"can_create_project" => true,"two_factor_enabled" => false,"external" => false,"shared_runners_minutes_limit" => null);
// Below is the old version, still consistent with Mattermost before version 4.4
// $resp = array("name" => $data['cn'],"username" => $user,"id" => $assoc_id,"state" => "active","email" => $data['mail']);
diff --git a/oauth/token.php b/oauth/token.php
index fc38279..6d69e55 100644
--- a/oauth/token.php
+++ b/oauth/token.php
@@ -6,14 +6,27 @@
// include our OAuth2 Server object
require_once __DIR__.'/server.php';
+require_once __DIR__.'/config.php';
-// Handle a request for an OAuth2.0 Access Token and send the response to the client
-error_log("token.php \$_POST = " . json_encode($_POST));
-// The Mattermost server seems to be returning bare http urls, even though there is no http url in the config.json
-if (substr($_POST["redirect_uri"],0,5) == "http:") {
- $_POST["redirect_uri"] = "https" . substr($_POST["redirect_uri"],4);
+/*
+
+ The Mattermost server seems to be returning bare http urls, even if
+ there is no http url in the config.json. If we are using https we
+ need to modify them.
+
+*/
+$redirect_url_scheme = substr($_POST["redirect_uri"], 0, 5);
+
+if ($url_scheme == "https" && $redirect_url_scheme == "http:") {
+ $_POST["redirect_uri"] = "https" . substr($_POST["redirect_uri"], 4);
}
+/*
+
+ Handle a request for an OAuth2.0 Access Token and send the response
+ to the client
+
+*/
$server->handleTokenRequest(OAuth2\Request::createFromGlobals())->send();
?>