Skip to content

Commit

Permalink
Fixed escaping error on LDAP filters (#10297)
Browse files Browse the repository at this point in the history
  • Loading branch information
@aidenfoxx
aidenfoxx committed Dec 4, 2021
1 parent c2c6f30 commit 58bc651
Showing 1 changed file with 6 additions and 2 deletions.
8 changes: 6 additions & 2 deletions api/src/auth/drivers/ldap.ts
View file
Expand Up @@ -2,6 +2,7 @@ import { Router } from 'express';
import ldap, {
Client,
Error,
EqualityFilter,
SearchCallbackResponse,
SearchEntry,
InappropriateAuthenticationError,
Expand Down Expand Up @@ -108,7 +109,10 @@ export class LDAPAuthDriver extends AuthDriver {
// Search for the user in LDAP by attribute
this.bindClient.search(
userDn,
{ filter: `(${userAttribute ?? 'cn'}=${identifier})`, scope: userScope ?? 'one' },
{
filter: new EqualityFilter({ attribute: userAttribute, value: identifier }),
scope: userScope ?? 'one',
},
(err: Error | null, res: SearchCallbackResponse) => {
if (err) {
reject(handleError(err));
Expand Down Expand Up @@ -186,7 +190,7 @@ export class LDAPAuthDriver extends AuthDriver {
groupDn,
{
attributes: ['cn'],
filter: `(${groupAttribute ?? 'member'}=${userDn})`,
filter: new EqualityFilter({ attribute: groupAttribute, value: userDn }),
scope: groupScope ?? 'one',
},
(err: Error | null, res: SearchCallbackResponse) => {
Expand Down

0 comments on commit 58bc651

Please sign in to comment.