Added dump_user_details option to LDAP and added binary attribute decode option

Related to #1872
2025-07-30 04:23:11 +03:00 · 2020-02-15 20:31:23 +00:00
parent 6caedc7a37
commit 29cc35a304
4 changed files with 79 additions and 5 deletions
--- a/app/Auth/Access/LdapService.php
+++ b/app/Auth/Access/LdapService.php
@ -1,6 +1,7 @@
 <?php namespace BookStack\Auth\Access;

 use BookStack\Auth\User;
+use BookStack\Exceptions\JsonDebugException;
 use BookStack\Exceptions\LdapException;
 use ErrorException;

@ -76,26 +77,47 @@ class LdapService extends ExternalAuthService
        }

        $userCn = $this->getUserResponseProperty($user, 'cn', null);
-        return [
+        $formatted = [
            'uid'   => $this->getUserResponseProperty($user, $idAttr, $user['dn']),
            'name'  => $this->getUserResponseProperty($user, $displayNameAttr, $userCn),
            'dn'    => $user['dn'],
            'email' => $this->getUserResponseProperty($user, $emailAttr, null),
        ];
+
+        if ($this->config['dump_user_details']) {
+            throw new JsonDebugException([
+                'details_from_ldap' => $user,
+                'details_bookstack_parsed' => $formatted,
+            ]);
+        }
+
+        return $formatted;
    }

    /**
     * Get a property from an LDAP user response fetch.
     * Handles properties potentially being part of an array.
+     * If the given key is prefixed with 'BIN;', that indicator will be stripped
+     * from the key and any fetched values will be converted from binary to hex.
     */
    protected function getUserResponseProperty(array $userDetails, string $propertyKey, $defaultValue)
    {
+        $isBinary = strpos($propertyKey, 'BIN;') === 0;
        $propertyKey = strtolower($propertyKey);
-        if (isset($userDetails[$propertyKey])) {
-            return (is_array($userDetails[$propertyKey]) ? $userDetails[$propertyKey][0] : $userDetails[$propertyKey]);
+        $value = $defaultValue;
+
+        if ($isBinary) {
+            $propertyKey = substr($propertyKey, strlen('BIN;'));
        }

-        return $defaultValue;
+        if (isset($userDetails[$propertyKey])) {
+            $value = (is_array($userDetails[$propertyKey]) ? $userDetails[$propertyKey][0] : $userDetails[$propertyKey]);
+            if ($isBinary) {
+                $value = bin2hex($value);
+            }
+        }
+
+        return $value;
    }

    /**