Fixed side-effect in binary LDAP handling

- Was not stripping prefix when sending value to LDAP server in search.
- Updated test to cover.

diff --git a/app/Auth/Access/LdapService.php b/app/Auth/Access/LdapService.php
index d377705583ac9011384de7aee2ddc092a984a452..92234edcf906bc2934a47443af011de388d2f853 100644 (file)
--- a/app/Auth/Access/LdapService.php
+++ b/app/Auth/Access/LdapService.php
@@ -45,6 +45,13 @@ class LdapService extends ExternalAuthService
         $ldapConnection = $this->getConnection();
         $this->bindSystemUser($ldapConnection);
 
+        // Clean attributes
+        foreach ($attributes as $index => $attribute) {
+            if (strpos($attribute, 'BIN;') === 0) {
+                $attributes[$index] = substr($attribute, strlen('BIN;'));
+            }
+        }
+
         // Find user
         $userFilter = $this->buildFilter($this->config['user_filter'], ['user' => $userName]);
         $baseDn = $this->config['base_dn'];

diff --git a/tests/Auth/LdapTest.php b/tests/Auth/LdapTest.php
index f6c5997b3c46708aa698ab11f53455c0bbb13e0a..324e3041fa5a6e29433116e1fb70a318bc08bcb5 100644 (file)
--- a/tests/Auth/LdapTest.php
+++ b/tests/Auth/LdapTest.php
@@ -598,7 +598,7 @@ class LdapTest extends BrowserKitTest
         $this->mockLdap->shouldReceive('setVersion')->once();
         $this->mockLdap->shouldReceive('setOption')->times(1);
         $this->mockLdap->shouldReceive('searchAndGetEntries')->times(1)
-            ->with($this->resourceId, config('services.ldap.base_dn'), \Mockery::type('string'), \Mockery::type('array'))
+            ->with($this->resourceId, config('services.ldap.base_dn'), \Mockery::type('string'), ['cn', 'dn', 'uid', 'mail', 'cn'])
             ->andReturn(['count' => 1, 0 => [
                 'uid' => [hex2bin('FFF8F7')],
                 'cn' => [$this->mockUser->name],