NB-Public
/
user_saml
mirror of https://github.com/netzbegruenung/user_saml.git
14
0
Fork 0
Code Issues Projects Releases Wiki Activity

fixes provisioning of userids from encoded (objectguid) values 

- is more tolerate when decoding, uuid structure is still tested later
- ensures the uid is resolved on getCurrentId()

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
This commit is contained in:
Arthur Schiwon 2020-11-24 00:08:16 +01:00
parent decb86d3b6
commit 9f53230eb6
No known key found for this signature in database
GPG Key ID: 7424F1874854DF23
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/UserBackend.php
View File

@ -35,6 +35,7 @@ use OCP\IConfig;
use OCP\IURLGenerator;
use OCP\ISession;
use Symfony\Component\EventDispatcher\GenericEvent;
use function base64_decode;
class UserBackend implements IApacheBackend, UserInterface, IUserBackend {
/** @var IConfig */
@ -506,6 +507,8 @@ class UserBackend implements IApacheBackend, UserInterface, IUserBackend {
} else {
$uid = $samlData[$uidMapping];
}
$uid = $this->testEncodedObjectGUID($uid);
if($this->userExists($uid)) {
$this->session->set('last-password-confirm', strtotime('+4 year', time()));
return $uid;
@ -699,7 +702,7 @@ class UserBackend implements IApacheBackend, UserInterface, IUserBackend {
*
*/
public function testEncodedObjectGUID(string $uid): string {
$candidate = base64_decode($uid, true);
$candidate = base64_decode($uid, false);
if($candidate === false) {
return $uid;
}