F #4924: LDAP auth - capture user part (#78)

2025-03-23 22:50:09 +03:00 · 2020-07-06 11:19:28 +02:00 · 2020-07-06 11:19:28 +02:00 · 3dde5d1ea9
commit 3dde5d1ea9
parent ed36cf6f5d
2 changed files with 9 additions and 4 deletions
--- a/src/authm_mad/remotes/ldap/authenticate
+++ b/src/authm_mad/remotes/ldap/authenticate
@ -63,7 +63,8 @@ end

 options=YAML.load(File.read(ETC_LOCATION+'/auth/ldap_auth.conf'))

-order = get_server_order(options, user)
+user_full = user
+order,user = get_server_order(options, user)

 STDERR.puts "Using group of servers: #{servers.join(', ')}" if order.length>1

@ -119,7 +120,7 @@ order.each do |servers|
                    # authentication success
                    group_list = groups.join(' ')

-                    escaped_user = URI_PARSER.escape(user).downcase
+                    escaped_user = URI_PARSER.escape(user_full).downcase
                    escaped_secret = URI_PARSER.escape(user_dn)

                    puts "ldap #{escaped_user} #{escaped_secret} #{group_list}"
--- a/src/authm_mad/remotes/ldap/ldap_auth.rb
+++ b/src/authm_mad/remotes/ldap/ldap_auth.rb
@ -267,7 +267,11 @@ def get_server_order(opts, user)
        end

        opts[:match_user_regex].each do |regex, server|
-            if user =~ /#{regex}/i
+            if m = user.match(/#{regex}/i)
+
+                # update user with the capture
+                user = m[1] if m[1]
+
                order << to_array(server)
            end
        end
@ -281,5 +285,5 @@ def get_server_order(opts, user)
        exit(-1)
    end

-    return order
+    return [order, user]
 end