@@ -35,9 +35,9 class AuthSourceLdap < AuthSource | |||
|
35 | 35 | return nil if login.blank? || password.blank? |
|
36 | 36 | attrs = get_user_dn(login) |
|
37 | 37 | |
|
38 |
if attrs |
|
|
38 | if attrs && attrs[:dn] && authenticate_dn(attrs[:dn], password) | |
|
39 | 39 | logger.debug "Authentication successful for '#{login}'" if logger && logger.debug? |
|
40 |
return |
|
|
40 | return attrs.except(:dn) | |
|
41 | 41 | end |
|
42 | 42 | rescue Net::LDAP::LdapError => text |
|
43 | 43 | raise "LdapError: " + text |
@@ -73,13 +73,13 class AuthSourceLdap < AuthSource | |||
|
73 | 73 | end |
|
74 | 74 | |
|
75 | 75 | def get_user_attributes_from_ldap_entry(entry) |
|
76 |
|
|
|
76 | { | |
|
77 | 77 | :dn => entry.dn, |
|
78 | 78 | :firstname => AuthSourceLdap.get_attr(entry, self.attr_firstname), |
|
79 | 79 | :lastname => AuthSourceLdap.get_attr(entry, self.attr_lastname), |
|
80 | 80 | :mail => AuthSourceLdap.get_attr(entry, self.attr_mail), |
|
81 | 81 | :auth_source_id => self.id |
|
82 |
|
|
|
82 | } | |
|
83 | 83 | end |
|
84 | 84 | |
|
85 | 85 | # Return the attributes needed for the LDAP search. It will only |
@@ -104,7 +104,7 class AuthSourceLdap < AuthSource | |||
|
104 | 104 | ldap_con = initialize_ldap_con(self.account, self.account_password) |
|
105 | 105 | login_filter = Net::LDAP::Filter.eq( self.attr_login, login ) |
|
106 | 106 | object_filter = Net::LDAP::Filter.eq( "objectClass", "*" ) |
|
107 |
attrs = |
|
|
107 | attrs = {} | |
|
108 | 108 | |
|
109 | 109 | ldap_con.search( :base => self.base_dn, |
|
110 | 110 | :filter => object_filter & login_filter, |
@@ -113,10 +113,10 class AuthSourceLdap < AuthSource | |||
|
113 | 113 | if onthefly_register? |
|
114 | 114 | attrs = get_user_attributes_from_ldap_entry(entry) |
|
115 | 115 | else |
|
116 |
attrs = |
|
|
116 | attrs = {:dn => entry.dn} | |
|
117 | 117 | end |
|
118 | 118 | |
|
119 |
logger.debug "DN found for #{login}: #{attrs |
|
|
119 | logger.debug "DN found for #{login}: #{attrs[:dn]}" if logger && logger.debug? | |
|
120 | 120 | end |
|
121 | 121 | |
|
122 | 122 | attrs |
@@ -111,7 +111,7 class User < Principal | |||
|
111 | 111 | # user is not yet registered, try to authenticate with available sources |
|
112 | 112 | attrs = AuthSource.authenticate(login, password) |
|
113 | 113 | if attrs |
|
114 |
user = new( |
|
|
114 | user = new(attrs) | |
|
115 | 115 | user.login = login |
|
116 | 116 | user.language = Setting.default_language |
|
117 | 117 | if user.save |
@@ -149,7 +149,7 class AccountTest < ActionController::IntegrationTest | |||
|
149 | 149 | def test_onthefly_registration |
|
150 | 150 | # disable registration |
|
151 | 151 | Setting.self_registration = '0' |
|
152 |
AuthSource.expects(:authenticate).returns( |
|
|
152 | AuthSource.expects(:authenticate).returns({:login => 'foo', :firstname => 'Foo', :lastname => 'Smith', :mail => 'foo@bar.com', :auth_source_id => 66}) | |
|
153 | 153 | |
|
154 | 154 | post 'account/login', :username => 'foo', :password => 'bar' |
|
155 | 155 | assert_redirected_to 'my/page' |
@@ -163,7 +163,7 class AccountTest < ActionController::IntegrationTest | |||
|
163 | 163 | def test_onthefly_registration_with_invalid_attributes |
|
164 | 164 | # disable registration |
|
165 | 165 | Setting.self_registration = '0' |
|
166 |
AuthSource.expects(:authenticate).returns( |
|
|
166 | AuthSource.expects(:authenticate).returns({:login => 'foo', :lastname => 'Smith', :auth_source_id => 66}) | |
|
167 | 167 | |
|
168 | 168 | post 'account/login', :username => 'foo', :password => 'bar' |
|
169 | 169 | assert_response :success |
@@ -43,10 +43,8 class AuthSourceLdapTest < ActiveSupport::TestCase | |||
|
43 | 43 | |
|
44 | 44 | context 'with a valid LDAP user' do |
|
45 | 45 | should 'return the user attributes' do |
|
46 |
res |
|
|
47 |
assert res |
|
|
48 | assert response.first.present?, "No user data returned" | |
|
49 | attributes = response.first | |
|
46 | attributes = @auth.authenticate('example1','123456') | |
|
47 | assert attributes.is_a?(Hash), "An hash was not returned" | |
|
50 | 48 | assert_equal 'Example', attributes[:firstname] |
|
51 | 49 | assert_equal 'One', attributes[:lastname] |
|
52 | 50 | assert_equal 'example1@redmine.org', attributes[:mail] |
General Comments 0
You need to be logged in to leave comments.
Login now