X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/e15fcf5b50e1831a90a04ded09f24e0c7b31d02e..refs/pull/2511/head:/app/Auth/Access/Guards/LdapSessionGuard.php

diff --git a/app/Auth/Access/Guards/LdapSessionGuard.php b/app/Auth/Access/Guards/LdapSessionGuard.php
index 3c98140f6..652141c0c 100644
--- a/app/Auth/Access/Guards/LdapSessionGuard.php
+++ b/app/Auth/Access/Guards/LdapSessionGuard.php
@@ -44,11 +44,14 @@ class LdapSessionGuard extends ExternalBaseSessionGuard
     public function validate(array $credentials = [])
     {
         $userDetails = $this->ldapService->getUserDetails($credentials['username']);
-        $this->lastAttempted = $this->provider->retrieveByCredentials([
-            'external_auth_id' => $userDetails['uid']
-        ]);
 
-        return $this->ldapService->validateUserCredentials($userDetails, $credentials['username'], $credentials['password']);
+        if (isset($userDetails['uid'])) {
+            $this->lastAttempted = $this->provider->retrieveByCredentials([
+                'external_auth_id' => $userDetails['uid']
+            ]);
+        }
+
+        return $this->ldapService->validateUserCredentials($userDetails, $credentials['password']);
     }
 
     /**
@@ -57,25 +60,31 @@ class LdapSessionGuard extends ExternalBaseSessionGuard
      * @param array $credentials
      * @param bool $remember
      * @return bool
-     * @throws LoginAttemptEmailNeededException
      * @throws LoginAttemptException
      * @throws LdapException
-     * @throws UserRegistrationException
      */
     public function attempt(array $credentials = [], $remember = false)
     {
         $username = $credentials['username'];
         $userDetails = $this->ldapService->getUserDetails($username);
-        $this->lastAttempted = $user = $this->provider->retrieveByCredentials([
-            'external_auth_id' => $userDetails['uid']
-        ]);
 
-        if (!$this->ldapService->validateUserCredentials($userDetails, $username, $credentials['password'])) {
+        $user = null;
+        if (isset($userDetails['uid'])) {
+            $this->lastAttempted = $user = $this->provider->retrieveByCredentials([
+                'external_auth_id' => $userDetails['uid']
+            ]);
+        }
+
+        if (!$this->ldapService->validateUserCredentials($userDetails, $credentials['password'])) {
             return false;
         }
 
         if (is_null($user)) {
-            $user = $this->createNewFromLdapAndCreds($userDetails, $credentials);
+            try {
+                $user = $this->createNewFromLdapAndCreds($userDetails, $credentials);
+            } catch (UserRegistrationException $exception) {
+                throw new LoginAttemptException($exception->message);
+            }
         }
 
         // Sync LDAP groups if required