diff --git a/app/Access/LdapService.php b/app/Access/LdapService.php index e5037ad2f..0f456efc2 100644 --- a/app/Access/LdapService.php +++ b/app/Access/LdapService.php @@ -112,10 +112,14 @@ class LdapService return null; } - $userCn = $this->getUserResponseProperty($user, 'cn', null); + $nameDefault = $this->getUserResponseProperty($user, 'cn', null); + if (is_null($nameDefault)) { + $nameDefault = ldap_explode_dn($user['dn'], 1)[0] ?? $user['dn']; + } + $formatted = [ 'uid' => $this->getUserResponseProperty($user, $idAttr, $user['dn']), - 'name' => $this->getUserDisplayName($user, $displayNameAttrs, $userCn), + 'name' => $this->getUserDisplayName($user, $displayNameAttrs, $nameDefault), 'dn' => $user['dn'], 'email' => $this->getUserResponseProperty($user, $emailAttr, null), 'avatar' => $thumbnailAttr ? $this->getUserResponseProperty($user, $thumbnailAttr, null) : null, diff --git a/tests/Auth/LdapTest.php b/tests/Auth/LdapTest.php index 9a00c983a..d1f128a50 100644 --- a/tests/Auth/LdapTest.php +++ b/tests/Auth/LdapTest.php @@ -166,6 +166,26 @@ class LdapTest extends TestCase $this->assertDatabaseHas('users', ['email' => $this->mockUser->email, 'email_confirmed' => false, 'external_auth_id' => $ldapDn]); } + public function test_login_works_when_ldap_server_does_not_provide_a_cn_value() + { + $ldapDn = 'cn=test-user,dc=test' . config('services.ldap.base_dn'); + + $this->commonLdapMocks(1, 1, 1, 2, 1); + $this->mockLdap->shouldReceive('searchAndGetEntries')->times(1) + ->with($this->resourceId, config('services.ldap.base_dn'), \Mockery::type('string'), \Mockery::type('array')) + ->andReturn(['count' => 1, 0 => [ + 'dn' => $ldapDn, + 'mail' => [$this->mockUser->email], + ]]); + + $resp = $this->mockUserLogin(); + $resp->assertRedirect('/'); + $this->assertDatabaseHas('users', [ + 'name' => 'test-user', + 'email' => $this->mockUser->email, + ]); + } + public function test_a_custom_uid_attribute_can_be_specified_and_is_used_properly() { config()->set(['services.ldap.id_attribute' => 'my_custom_id']);