From b80b94e408b245c4fe1843bcbc8f919e7de6501e Mon Sep 17 00:00:00 2001
From: Bjoern Schiessle <bjoern@schiessle.org>
Date: Tue, 9 Oct 2018 16:57:03 +0200
Subject: [PATCH] we need to store some basic user information, even in the
 global scale scenario

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
---
 appinfo/info.xml                  |  3 ++-
 lib/Controller/SAMLController.php | 12 ++++++------
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/appinfo/info.xml b/appinfo/info.xml
index 7bb5c25..9886cbb 100644
--- a/appinfo/info.xml
+++ b/appinfo/info.xml
@@ -33,7 +33,8 @@ While theoretically any other authentication provider implementing either one of
 	<screenshot>https://raw.githubusercontent.com/nextcloud/user_saml/master/screenshots/1.png</screenshot>
 	<screenshot>https://raw.githubusercontent.com/nextcloud/user_saml/master/screenshots/2.png</screenshot>
 	<dependencies>
-		<nextcloud min-version="15" max-version="15" />
+		<lib>mcrypt</lib>
+		<nextcloud min-version="14" max-version="15" />
 	</dependencies>
 	<settings>
 		<admin>OCA\User_SAML\Settings\Admin</admin>
diff --git a/lib/Controller/SAMLController.php b/lib/Controller/SAMLController.php
index b333d74..2721f4f 100644
--- a/lib/Controller/SAMLController.php
+++ b/lib/Controller/SAMLController.php
@@ -100,11 +100,6 @@ class SAMLController extends Controller {
 	 */
 	private function autoprovisionIfPossible(array $auth) {
 
-		// nothing to do here, in case of a global scale setup
-		if ($this->config->getSystemValue('gs.enabled', false)) {
-			return;
-		}
-
 		$prefix = $this->SAMLSettings->getPrefix();
 		$uidMapping = $this->config->getAppValue('user_saml', $prefix . 'general-uid_mapping');
 		if(isset($auth[$uidMapping])) {
@@ -120,6 +115,11 @@ class SAMLController extends Controller {
 				throw new \InvalidArgumentException('No valid uid given, please check your attribute mapping. Given uid: ' . $uid);
 			}
 
+			// in case of a global scale setup we make sure that the server knows the user and leave
+			if ($this->config->getSystemValue('gs.enabled', false)) {
+				$this->userBackend->createUserIfNotExists($uid);
+				return;
+			}
 			$userExists = $this->userManager->userExists($uid);
 			$autoProvisioningAllowed = $this->userBackend->autoprovisionAllowed();
 			if($userExists === true) {
@@ -265,7 +265,7 @@ class SAMLController extends Controller {
 		$this->session->set('user_saml.samlSessionExpiration', $auth->getSessionExpiration());
 		try {
 			$user = $this->userManager->get($this->userBackend->getCurrentUserId());
-			if(!($user instanceof IUser)) {
+			if (!($user instanceof IUser)) {
 				throw new \InvalidArgumentException('User is not valid');
 			}
 			$user->updateLastLoginTimestamp();