Skip to content

Commit

Permalink
Handle the case where we have attributes set to null in the LDAP modu…
Browse files Browse the repository at this point in the history 
…le for all attributes
  • Loading branch information
Craig Huckabee committed Sep 18, 2024
1 parent 811cb91 commit 230bbdd
Showing 1 changed file with 16 additions and 8 deletions.
24 changes: 16 additions & 8 deletions src/Auth/Source/X509userCert.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -191,10 +191,14 @@ public function authenticate(array &$state): void

if ($this->ldapusercert === null) {
// do not check for certificate match
$attributes = array_intersect_key(
$entry->getAttributes(),
array_fill_keys(array_values($this->ldapConfig->getArray('attributes')), null),
);
if (is_null($this->ldapConfig->getOptionalArray('attributes',null))) {
$attributes = $entry->getAttributes();
} else {
$attributes = array_intersect_key(
$entry->getAttributes(),
array_fill_keys(array_values($this->ldapConfig->getArray('attributes')), null),
);
}

$state['Attributes'] = $attributes;
$this->authSuccesful($state);
Expand Down Expand Up @@ -232,10 +236,14 @@ public function authenticate(array &$state): void
}

if ($ldap_cert_data === $client_cert_data) {
$attributes = array_intersect_key(
$entry->getAttributes(),
array_fill_keys(array_values($this->ldapConfig->getArray('attributes')), null),
);
if (is_null($this->ldapConfig->getOptionalArray('attributes',null))) {
$attributes = $entry->getAttributes();
} else {
$attributes = array_intersect_key(
$entry->getAttributes(),
array_fill_keys(array_values($this->ldapConfig->getArray('attributes')), null),
);
}
$state['Attributes'] = $attributes;
$this->authSuccesful($state);

Expand Down

0 comments on commit 230bbdd

Please sign in to comment.