Merge branch 'abg_token_https' into abg_user_not_found
This commit is contained in:
Angus B. Grieve-Smith
commit
d0f241b206
|
|
@ -237,9 +237,7 @@ class LDAP implements LDAPInterface
|
|||
throw new Exception('An error has occured during ldap_get_values execution (complete name). Please check parameter of LDAP/getData.');
|
||||
}
|
||||
|
||||
$return_data = array("mail" => $mail[0], "cn" => $cn[0]);
|
||||
error_log("LDAP \$return_data = " . json_encode($return_data));
|
||||
return $return_data;
|
||||
return array("mail" => $mail[0], "cn" => $cn[0]);
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
|
|||
|
|
@ -0,0 +1,5 @@
|
|||
<?php
|
||||
|
||||
$url_scheme = "https";
|
||||
|
||||
?>
|
||||
|
|
@ -20,17 +20,12 @@ else
|
|||
// Check received data length (to prevent code injection)
|
||||
if (strlen($_POST['user']) > 15)
|
||||
{
|
||||
echo 'Username is longer than 15 characters ... Please try again<br /><br />';
|
||||
echo 'Username has incorrect format ... Please try again<br /><br />';
|
||||
echo 'Click <a href="./index.php">here</a> to come back to login page';
|
||||
}
|
||||
elseif (strlen($_POST['password']) > 50)
|
||||
elseif (strlen($_POST['password']) > 50 || strlen($_POST['password']) <= 7)
|
||||
{
|
||||
echo 'Password is longer than 50 characters ... Please try again<br /><br />';
|
||||
echo 'Click <a href="./index.php">here</a> to come back to login page';
|
||||
|
||||
} elseif (strlen($_POST['password']) <= 7)
|
||||
{
|
||||
echo 'Password is shorter than 7 characters ... Please try again<br /><br />';
|
||||
echo 'Password has incorrect format ... Please try again<br /><br />';
|
||||
echo 'Click <a href="./index.php">here</a> to come back to login page';
|
||||
}
|
||||
else
|
||||
|
|
|
|||
|
|
@ -34,52 +34,8 @@ try
|
|||
{
|
||||
$data = $ldap->getDataForMattermost($ldap_base_dn,$ldap_filter,$ldap_bind_dn,$ldap_bind_pass,$ldap_search_attribute,$user);
|
||||
|
||||
/* Here is the patch for Mattermost 4.4 and older. Gitlab has changed
|
||||
the JSON output of oauth service. Many data are not used by
|
||||
Mattermost, but there is a stack error if we delete them. That's the
|
||||
reason why date and many parameters are null or empty.
|
||||
*/
|
||||
if ($data) {
|
||||
error_log("resource.php \$data = " . json_encode($data));
|
||||
} else {
|
||||
error_log("$data is null");
|
||||
}
|
||||
|
||||
$resp = array(
|
||||
"id" => $assoc_id,
|
||||
"name" => $data['cn'],
|
||||
"username" => $user,
|
||||
"state" => "active",
|
||||
"avatar_url" => "",
|
||||
"web_url" => "",
|
||||
"created_at" => "0000-00-00T00:00:00.000Z",
|
||||
"bio" => null,"location" => null,
|
||||
"skype" => "",
|
||||
"linkedin" => "",
|
||||
"twitter" => "",
|
||||
"website_url" => "",
|
||||
"organization" => null,
|
||||
"last_sign_in_at" => "0000-00-00T00:00:00.000Z",
|
||||
"confirmed_at" => "0000-00-00T00:00:00.000Z",
|
||||
"last_activity_on" => null,
|
||||
"email" => $data['mail'],
|
||||
"theme_id" => 1,
|
||||
"color_scheme_id" => 1,
|
||||
"projects_limit" => 100000,
|
||||
"current_sign_in_at" => "0000-00-00T00:00:00.000Z",
|
||||
"identities" => array(
|
||||
array(
|
||||
"provider" => "ldapmain",
|
||||
"extern_uid" => $data['cn']
|
||||
)
|
||||
),
|
||||
"can_create_group" => true,
|
||||
"can_create_project" => true,
|
||||
"two_factor_enabled" => false,
|
||||
"external" => false,
|
||||
"shared_runners_minutes_limit" => null
|
||||
);
|
||||
error_log("\$resp = " . json_encode($resp));
|
||||
// Here is the patch for Mattermost 4.4 and older. Gitlab has changed the JSON output of oauth service. Many data are not used by Mattermost, but there is a stack error if we delete them. That's the reason why date and many parameters are null or empty.
|
||||
$resp = array("id" => $assoc_id,"name" => $data['cn'],"username" => $user,"state" => "active","avatar_url" => "","web_url" => "","created_at" => "0000-00-00T00:00:00.000Z","bio" => null,"location" => null,"skype" => "","linkedin" => "","twitter" => "","website_url" => "","organization" => null,"last_sign_in_at" => "0000-00-00T00:00:00.000Z","confirmed_at" => "0000-00-00T00:00:00.000Z","last_activity_on" => null,"email" => $data['mail'],"theme_id" => 1,"color_scheme_id" => 1,"projects_limit" => 100000,"current_sign_in_at" => "0000-00-00T00:00:00.000Z","identities" => array(array("provider" => "ldapmain","extern_uid" => $data['dn'])),"can_create_group" => true,"can_create_project" => true,"two_factor_enabled" => false,"external" => false,"shared_runners_minutes_limit" => null);
|
||||
|
||||
// Below is the old version, still consistent with Mattermost before version 4.4
|
||||
// $resp = array("name" => $data['cn'],"username" => $user,"id" => $assoc_id,"state" => "active","email" => $data['mail']);
|
||||
|
|
|
|||
|
|
@ -6,14 +6,27 @@
|
|||
|
||||
// include our OAuth2 Server object
|
||||
require_once __DIR__.'/server.php';
|
||||
require_once __DIR__.'/config.php';
|
||||
|
||||
// Handle a request for an OAuth2.0 Access Token and send the response to the client
|
||||
error_log("token.php \$_POST = " . json_encode($_POST));
|
||||
// The Mattermost server seems to be returning bare http urls, even though there is no http url in the config.json
|
||||
|
||||
if (substr($_POST["redirect_uri"],0,5) == "http:") {
|
||||
$_POST["redirect_uri"] = "https" . substr($_POST["redirect_uri"],4);
|
||||
/*
|
||||
|
||||
The Mattermost server seems to be returning bare http urls, even if
|
||||
there is no http url in the config.json. If we are using https we
|
||||
need to modify them.
|
||||
|
||||
*/
|
||||
$redirect_url_scheme = substr($_POST["redirect_uri"], 0, 5);
|
||||
|
||||
if ($url_scheme == "https" && $redirect_url_scheme == "http:") {
|
||||
$_POST["redirect_uri"] = "https" . substr($_POST["redirect_uri"], 4);
|
||||
}
|
||||
|
||||
/*
|
||||
|
||||
Handle a request for an OAuth2.0 Access Token and send the response
|
||||
to the client
|
||||
|
||||
*/
|
||||
$server->handleTokenRequest(OAuth2\Request::createFromGlobals())->send();
|
||||
?>
|
||||
|
|
|
|||
Loading…
Reference in New Issue