From 76263de067450bc92ff2259d45bfa34c2a8ca4f6 Mon Sep 17 00:00:00 2001 From: Ralf Haferkamp Date: Thu, 12 Oct 2023 09:42:21 +0200 Subject: [PATCH 1/3] ldap: fix GetUserByClaim for binary encoded UUIDs GetUserByClaim didn't correctly work for claim "userid" when "idIsOctetString" is set to true. Because the LDAP filter was not correctly hex-escaped. Fixes: https://github.com/owncloud/ocis/issues/7469 (cherry picked from commit 9b24c1780d57f98cad5fbcf982165fe47e47690b) --- changelog/unreleased/fix-ldap-getuserbyclaim-userid.md | 8 ++++++++ pkg/utils/ldap/identity.go | 4 ++-- 2 files changed, 10 insertions(+), 2 deletions(-) create mode 100644 changelog/unreleased/fix-ldap-getuserbyclaim-userid.md diff --git a/changelog/unreleased/fix-ldap-getuserbyclaim-userid.md b/changelog/unreleased/fix-ldap-getuserbyclaim-userid.md new file mode 100644 index 0000000000..124a9bda68 --- /dev/null +++ b/changelog/unreleased/fix-ldap-getuserbyclaim-userid.md @@ -0,0 +1,8 @@ +Bugfix: GetUserByClaim not working with MSAD for claim "userid" + +We fixed GetUserByClaim to correctly deal with binary encoded userid +as e.g. used for Active Directory. + +https://github.com/cs3org/reva/pull/4251 +https://github.com/cs3org/reva/pull/4249 +https://github.com/owncloud/ocis/issues/7469 diff --git a/pkg/utils/ldap/identity.go b/pkg/utils/ldap/identity.go index 3f3c4a8a5e..f438d33203 100644 --- a/pkg/utils/ldap/identity.go +++ b/pkg/utils/ldap/identity.go @@ -526,7 +526,7 @@ func (i *Identity) getUserAttributeFilter(attribute, value string) (string, erro default: return "", errors.New("ldap: invalid field " + attribute) } - if attribute == "userid" && i.User.Schema.IDIsOctetString { + if attribute == i.User.Schema.ID && i.User.Schema.IDIsOctetString { id, err := uuid.Parse(value) if err != nil { err := errors.Wrap(err, fmt.Sprintf("error parsing OpaqueID '%s' as UUID", value)) @@ -687,7 +687,7 @@ func (i *Identity) getGroupAttributeFilter(attribute, value string) (string, err default: return "", errors.New("ldap: invalid field " + attribute) } - if attribute == "group_id" && i.Group.Schema.IDIsOctetString { + if attribute == i.Group.Schema.ID && i.Group.Schema.IDIsOctetString { id, err := uuid.Parse(value) if err != nil { err := errors.Wrap(err, fmt.Sprintf("error parsing OpaqueID '%s' as UUID", value)) From 45df2ce338c38bce060a5bb2ba0ba8082a2c8fbb Mon Sep 17 00:00:00 2001 From: Ralf Haferkamp Date: Thu, 12 Oct 2023 14:45:09 +0200 Subject: [PATCH 2/3] create temp directory for calens when cloning repository Backport of https://github.com/cs3org/reva/pull/4212/commits/bebbd4cd8df578a2fc3df5447cbe0126a6df5d15 (cherry picked from commit 83964979026f600d07f4d461a8a84db5f4f9f292) --- Makefile | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index 9248e55eb5..9e0695acc8 100644 --- a/Makefile +++ b/Makefile @@ -43,9 +43,10 @@ lint-fix: $(GOLANGCI_LINT) $(CALENS): @mkdir -p $(@D) - git clone --depth 1 --branch v0.2.0 -c advice.detachedHead=false https://github.com/restic/calens.git /tmp/calens - cd /tmp/calens && GOBIN=$(@D) go install - rm -rf /tmp/calens + CALENS_DIR=`mktemp -d` + git clone --depth 1 --branch v0.2.0 -c advice.detachedHead=false https://github.com/restic/calens.git $(CALENS_DIR) + cd $(CALENS_DIR) && GOBIN=$(@D) go install + rm -rf $(CALENS_DIR) .PHONY: check-changelog check-changelog: $(CALENS) From 1c6a286c39e8e48cc12eabfe34a8fd4d1fa8b78c Mon Sep 17 00:00:00 2001 From: Ralf Haferkamp Date: Thu, 12 Oct 2023 15:23:18 +0200 Subject: [PATCH 3/3] Fix tmp dir creation in Makefile This fixes the previous commit to correctly initialize the CALENS_DIR variable (cherry picked from commit 3afd93e1a23e2f28de2ce894cad1f8b1af27d47b) --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 9e0695acc8..b036dc1229 100644 --- a/Makefile +++ b/Makefile @@ -41,9 +41,9 @@ lint-fix: $(GOLANGCI_LINT) gofmt -w . $(GOLANGCI_LINT) run --fix +CALENS_DIR := $(shell mktemp -d) $(CALENS): @mkdir -p $(@D) - CALENS_DIR=`mktemp -d` git clone --depth 1 --branch v0.2.0 -c advice.detachedHead=false https://github.com/restic/calens.git $(CALENS_DIR) cd $(CALENS_DIR) && GOBIN=$(@D) go install rm -rf $(CALENS_DIR)