Bug #48053 for RT-Authen-ExternalAuth: [Patch] Issues with multiple LDAP sources and available attributes

The use case I am trying to use is that I have two LDAP sources A and B configured as follows: Set($ExternalAuthPriority, ['A']); Set($ExternalInfoPriority, ['B','A']); The key to lookup information in B is not Name because the "Name" value is different between B and A. I have found that the code does not look at the attr_match_list when doing the lookup. The patch I have provided make the info lookup use the attr_match_list attributes to do the subsequent info lookup. Of course, Name is one of these on source A, so when the record doesn't exist in B the fallback would work as expected. I am not sure if my patch is general enough to be included in the main line, but is included in case it is. Also, this patch removes the issue referred to by 43538. Unfortunately I removed myself as the requestor so I now longer have any ability to make changes to that ticket:( Thanks...

--- RT/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm 2009-07-09 15:15:15.000000000 -0400 +++ RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm 2009-07-17 11:16:53.000000000 -0400 @@ -276,9 +276,9 @@ ") per External Service", "($val, $message)\n"); - # Update their info from external service...we don't know what fields to use - # until we are looking at a particular service, so wait until then to figure it out!! - # What we do know is that their name is, so we can safely set that here... + # Update their info from external service using the username as the lookup key + # CanonicalizeUserInfo will work out for itself which service to use + # Passing it a service instead could break other RT code my %args = (Name => $username); $UserObj->CanonicalizeUserInfo(\%args); @@ -470,11 +470,7 @@ foreach my $rt_attr (@{$config->{'attr_match_list'}}) { # Jump to the next attr in $args if this one isn't in the attr_match_list $RT::Logger->debug( "Attempting to use this canonicalization key:",$rt_attr); - my $value = $UserObj->$rt_attr; - unless(defined($value)) { - $value = $args->{$rt_attr}; - } - unless(defined($value)) { + unless(defined($args->{$rt_attr})) { $RT::Logger->debug("This attribute (", $rt_attr, ") is null or incorrectly defined in the attr_map for this service (", @@ -485,6 +481,7 @@ # Else, use it as a canonicalization key and lookup the user info my $key = $config->{'attr_map'}->{$rt_attr}; + my $value = $args->{$rt_attr}; # Check to see that the key being asked for is defined in the config's attr_map my $valid = 0; @@ -531,7 +528,6 @@ if ($params{'EmailAddress'}) { $params{'EmailAddress'} = $UserObj->CanonicalizeEmailAddress($params{'EmailAddress'}); } - %$args = (%$args, %params); }

--- RT/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm 2009-07-09 11:23:53.000000000 -0400 +++ RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth/LDAP.pm 2009-07-17 11:16:53.000000000 -0400 @@ -293,10 +293,6 @@ $username . '))' ); - } else { - # Don't want to bother with a slow query that will result in a ton of hits!! - $RT::Logger->info( "No 'Name' attribute mapped for service: $service - Skipping..."); - return 0; } my $ldap = _GetBoundLdapObj($config);