Subject: | lookup_user croaks on multiple "user_fields" |
Date: | Wed, 10 Oct 2018 22:45:11 +0200 |
To: | <bug-Catalyst-Authentication-Store-LDAP [...] rt.cpan.org> |
From: | Marco Schumann <marco.schumann [...] pyur.com> |
Hi,
we attempt to use a complex filter (like "(|(uid=%s)(mail=%s))" to allow
customers to login with either their UID or their email address. We use
a Catalyst config like this:
Plugin::Authentication:
default_realm: realm
realms:
realm:
credential:
class: Password
password_field: password
password_type: self_check
store:
binddn: ...
bindpw: ...
class: LDAP
ldap_server: ...
start_tls: 0
user_field:
- 'uid'
- 'mail'
user_basedn: ...
user_filter: '(!(uid=%s)(mail=%s))'
According to
https://metacpan.org/source/ILMARI/Catalyst-Authentication-Store-LDAP-1.016/lib/Catalyst/Authentication/Store/LDAP.pm#L219
the "user_field" may be an array. Unfortunately this is not true:
Use of uninitialized value in lc at
lib/Catalyst/Authentication/Store/LDAP/Backend.pm line 344.
LDAP claims 'ARRAY(0x55839c32b820)' equals 'somebody' but results entry
does not match.# Tests were run but no plan was declared and
done_testing() was not seen.
In lib/Catalyst/Authentication/Store/LDAP/Backend.pm
(https://metacpan.org/source/ILMARI/Catalyst-Authentication-Store-LDAP-1.016/lib/Catalyst/Authentication/Store/LDAP/Backend.pm#L323)
is asumed "user_field" is a string resulting in a wrong interpolation of
a given array.
Please review the appended prove of the issue and my proposal to make
the package work as expected. Hints are very welcome as we plan to
backport the Debian stretch version 0.1005 locally.
Thank you
--
Marco Schumann
Platform Architect
Tele Columbus Betriebs GmbH
Kaiserin-Augusta-Allee 108
10553 Berlin
E-Mail: marco.schumann@pyur.com
Telefon: +49 30 3388 1233
Mobil: +49 176 19061115
Fax: +49 30 3388 913333
http://www.pyur.com/
Geschäftsführer: Timm Degenhardt, Eike Walters, Ludwig Modra
Sitz der Gesellschaft: Kaiserin-Augusta-Allee 108, 10553 Berlin
Amtsgericht Berlin-Charlottenburg HRB 176365 B
Message body is not shown because sender requested not to inline it.
Message body is not shown because sender requested not to inline it.