mirror of
https://github.com/netzbegruenung/user_saml.git
synced 2024-05-05 02:23:42 +02:00
decode objectGUID to their ASCII representation if
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
This commit is contained in:
parent
1d0a8a7f1f
commit
c839dc1e73
|
@ -119,6 +119,8 @@ class SAMLController extends Controller {
|
||||||
throw new \InvalidArgumentException('No valid uid given, please check your attribute mapping. Given uid: ' . $uid);
|
throw new \InvalidArgumentException('No valid uid given, please check your attribute mapping. Given uid: ' . $uid);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$uid = $this->userBackend->testEncodedObjectGUID($uid);
|
||||||
|
|
||||||
// if this server acts as a global scale master and the user is not
|
// if this server acts as a global scale master and the user is not
|
||||||
// a local admin of the server we just create the user and continue
|
// a local admin of the server we just create the user and continue
|
||||||
// no need to update additional attributes
|
// no need to update additional attributes
|
||||||
|
|
|
@ -691,4 +691,46 @@ class UserBackend implements IApacheBackend, UserInterface, IUserBackend {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* returns the plain text UUID if the provided $uid string is a
|
||||||
|
* base64-encoded binary string representing e.g. the objectGUID. Otherwise
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
public function testEncodedObjectGUID(string $uid): string {
|
||||||
|
$candidate = base64_decode($uid, true);
|
||||||
|
if($candidate === false) {
|
||||||
|
return $uid;
|
||||||
|
}
|
||||||
|
$candidate = $this->convertObjectGUID2Str($candidate);
|
||||||
|
// the regex only matches the structure of the UUID, not its semantic
|
||||||
|
// (i.e. version or variant) simply to be future compatible
|
||||||
|
if(preg_match('/^[a-f0-9]{8}(-[a-f0-9]{4}){4}[a-f0-9]{8}$/i', $candidate) === 1) {
|
||||||
|
$uid = $candidate;
|
||||||
|
}
|
||||||
|
return $uid;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @see \OCA\User_LDAP\Access::convertObjectGUID2Str
|
||||||
|
*/
|
||||||
|
public function convertObjectGUID2Str($oguid) {
|
||||||
|
$hex_guid = bin2hex($oguid);
|
||||||
|
$hex_guid_to_guid_str = '';
|
||||||
|
for($k = 1; $k <= 4; ++$k) {
|
||||||
|
$hex_guid_to_guid_str .= substr($hex_guid, 8 - 2 * $k, 2);
|
||||||
|
}
|
||||||
|
$hex_guid_to_guid_str .= '-';
|
||||||
|
for($k = 1; $k <= 2; ++$k) {
|
||||||
|
$hex_guid_to_guid_str .= substr($hex_guid, 12 - 2 * $k, 2);
|
||||||
|
}
|
||||||
|
$hex_guid_to_guid_str .= '-';
|
||||||
|
for($k = 1; $k <= 2; ++$k) {
|
||||||
|
$hex_guid_to_guid_str .= substr($hex_guid, 16 - 2 * $k, 2);
|
||||||
|
}
|
||||||
|
$hex_guid_to_guid_str .= '-' . substr($hex_guid, 16, 4);
|
||||||
|
$hex_guid_to_guid_str .= '-' . substr($hex_guid, 20);
|
||||||
|
|
||||||
|
return strtoupper($hex_guid_to_guid_str);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue