mirror of
https://github.com/netzbegruenung/user_saml.git
synced 2024-05-02 17:14:53 +02:00
fixes provisioning of userids from encoded (objectguid) values
- is more tolerate when decoding, uuid structure is still tested later - ensures the uid is resolved on getCurrentId() Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
This commit is contained in:
Arthur Schiwon
parent
decb86d3b6
commit
9f53230eb6
|
|
@ -35,6 +35,7 @@ use OCP\IConfig;
|
||||||
use OCP\IURLGenerator;
|
use OCP\IURLGenerator;
|
||||||
use OCP\ISession;
|
use OCP\ISession;
|
||||||
use Symfony\Component\EventDispatcher\GenericEvent;
|
use Symfony\Component\EventDispatcher\GenericEvent;
|
||||||
|
use function base64_decode;
|
||||||
|
|
||||||
class UserBackend implements IApacheBackend, UserInterface, IUserBackend {
|
class UserBackend implements IApacheBackend, UserInterface, IUserBackend {
|
||||||
/** @var IConfig */
|
/** @var IConfig */
|
||||||
|
|
@ -506,6 +507,8 @@ class UserBackend implements IApacheBackend, UserInterface, IUserBackend {
|
||||||
} else {
|
} else {
|
||||||
$uid = $samlData[$uidMapping];
|
$uid = $samlData[$uidMapping];
|
||||||
}
|
}
|
||||||
|
$uid = $this->testEncodedObjectGUID($uid);
|
||||||
|
|
||||||
if($this->userExists($uid)) {
|
if($this->userExists($uid)) {
|
||||||
$this->session->set('last-password-confirm', strtotime('+4 year', time()));
|
$this->session->set('last-password-confirm', strtotime('+4 year', time()));
|
||||||
return $uid;
|
return $uid;
|
||||||
|
|
@ -699,7 +702,7 @@ class UserBackend implements IApacheBackend, UserInterface, IUserBackend {
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
public function testEncodedObjectGUID(string $uid): string {
|
public function testEncodedObjectGUID(string $uid): string {
|
||||||
$candidate = base64_decode($uid, true);
|
$candidate = base64_decode($uid, false);
|
||||||
if($candidate === false) {
|
if($candidate === false) {
|
||||||
return $uid;
|
return $uid;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue