Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix case-sensitive username check #71

Merged
merged 2 commits into from
Feb 15, 2021
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions LDAP-Auth/Config/PluginConfiguration.cs
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ public PluginConfiguration()
UseSsl = true;
UseStartTls = false;
SkipSslVerify = false;
EnableCaseInsensitiveUsername = false;
}

/// <summary>
Expand Down Expand Up @@ -89,5 +90,10 @@ public PluginConfiguration()
/// Gets or sets a value indicating whether to skip ssl verification.
/// </summary>
public bool SkipSslVerify { get; set; }

/// <summary>
/// Gets or sets a value indicating whether to use case insensitive username comparison.
/// </summary>
public bool EnableCaseInsensitiveUsername { get; set; }
}
}
47 changes: 28 additions & 19 deletions LDAP-Auth/Config/configPage.html
Original file line number Diff line number Diff line change
Expand Up @@ -79,10 +79,17 @@ <h2 class="sectionTitle">LDAP Settings:</h2>
</label>
<div class="fieldDescription checkboxFieldDescription">Enable on first login creation of authorized users from LDAP</div>
</div>
<div class="checkboxContainer checkboxContainer-withDescription">
<label>
<input type="checkbox" is="emby-checkbox" id="chkEnableCaseInsensitiveUsername" />
<span>Enable Case Insensitive Username</span>
</label>
<div class="fieldDescription checkboxFieldDescription">Enable case insensitive username comparison</div>
</div>
</div>
<div>
<button is="emby-button" type="submit" data-theme="b" class="raised button-submit block">
<span>${ButtonSave}</span>
<span>${Save}</span>
</button>
<button is="emby-button" type="button" class="raised button-cancel block btnCancel" onclick="history.back();">
<span>${ButtonCancel}</span>
Expand All @@ -98,25 +105,26 @@ <h2 class="sectionTitle">LDAP Settings:</h2>
var LdapConfigurationPage = {
pluginUniqueId: "958aad66-3784-4d2a-b89a-a7b6fab6e25c",

txtLdapServer: document.getElementById("txtLdapServer"),
chkUseSsl: document.getElementById("chkUseSsl"),
chkUseStartTls: document.getElementById("chkUseStartTls"),
chkSkipSslVerify: document.getElementById("chkSkipSslVerify"),
txtLdapBaseDn: document.getElementById("txtLdapBaseDn"),
txtLdapPort: document.getElementById("txtLdapPort"),
txtLdapSearchAttributes: document.getElementById("txtLdapSearchAttributes"),
txtLdapUsernameAttribute: document.getElementById("txtLdapUsernameAttribute"),
txtLdapSearchFilter: document.getElementById("txtLdapSearchFilter"),
txtLdapAdminFilter: document.getElementById("txtLdapAdminFilter"),
txtLdapBindUser: document.getElementById("txtLdapBindUser"),
txtLdapBindPassword: document.getElementById("txtLdapBindPassword"),
chkEnableUserCreation: document.getElementById("chkEnableUserCreation")
txtLdapServer: document.querySelector("#txtLdapServer"),
chkUseSsl: document.querySelector("#chkUseSsl"),
chkUseStartTls: document.querySelector("#chkUseStartTls"),
chkSkipSslVerify: document.querySelector("#chkSkipSslVerify"),
txtLdapBaseDn: document.querySelector("#txtLdapBaseDn"),
txtLdapPort: document.querySelector("#txtLdapPort"),
txtLdapSearchAttributes: document.querySelector("#txtLdapSearchAttributes"),
txtLdapUsernameAttribute: document.querySelector("#txtLdapUsernameAttribute"),
txtLdapSearchFilter: document.querySelector("#txtLdapSearchFilter"),
txtLdapAdminFilter: document.querySelector("#txtLdapAdminFilter"),
txtLdapBindUser: document.querySelector("#txtLdapBindUser"),
txtLdapBindPassword: document.querySelector("#txtLdapBindPassword"),
chkEnableUserCreation: document.querySelector("#chkEnableUserCreation"),
chkEnableCaseInsensitiveUsername: document.querySelector("#chkEnableCaseInsensitiveUsername")
};

window.addEventListener("pageshow", function (_) {
Dashboard.showLoadingMsg();

ApiClient.getPluginConfiguration(LdapConfigurationPage.pluginUniqueId).then(function (config) {
window.ApiClient.getPluginConfiguration(LdapConfigurationPage.pluginUniqueId).then(function (config) {
LdapConfigurationPage.txtLdapServer.value = config.LdapServer || "ldap-server.contoso.com";
LdapConfigurationPage.chkUseSsl.checked = config.UseSsl;
LdapConfigurationPage.chkUseStartTls.checked = config.UseStartTls;
Expand All @@ -130,14 +138,16 @@ <h2 class="sectionTitle">LDAP Settings:</h2>
LdapConfigurationPage.txtLdapBindUser.value = config.LdapBindUser || "CN=BindUser,DC=contoso,DC=com";
LdapConfigurationPage.txtLdapBindPassword.value = config.LdapBindPassword || "";
LdapConfigurationPage.chkEnableUserCreation.checked = config.CreateUsersFromLdap;
LdapConfigurationPage.chkEnableCaseInsensitiveUsername.checked = config.EnableCaseInsensitiveUsername;
Dashboard.hideLoadingMsg();
});
});

document.querySelector(".esqConfigurationForm").addEventListener("submit", function(e){
e.preventDefault();
Dashboard.showLoadingMsg();

ApiClient.getPluginConfiguration(LdapConfigurationPage.pluginUniqueId).then(function (config) {
window.ApiClient.getPluginConfiguration(LdapConfigurationPage.pluginUniqueId).then(function (config) {
config.LDAPServer = LdapConfigurationPage.txtLdapServer.value;
config.UseSsl = LdapConfigurationPage.chkUseSsl.checked;
config.UseStartTls = LdapConfigurationPage.chkUseStartTls.checked;
Expand All @@ -151,9 +161,8 @@ <h2 class="sectionTitle">LDAP Settings:</h2>
config.LdapBindUser = LdapConfigurationPage.txtLdapBindUser.value;
config.LdapBindPassword = LdapConfigurationPage.txtLdapBindPassword.value;
config.CreateUsersFromLdap = LdapConfigurationPage.chkEnableUserCreation.checked;

ApiClient.updatePluginConfiguration(LdapConfigurationPage.pluginUniqueId, config).then(Dashboard.processPluginConfigurationUpdateResult);
e.preventDefault();
config.EnableCaseInsensitiveUsername = LdapConfigurationPage.chkEnableCaseInsensitiveUsername.checked;
window.ApiClient.updatePluginConfiguration(LdapConfigurationPage.pluginUniqueId, config).then(Dashboard.processPluginConfigurationUpdateResult);
});

// Disable default form submission
Expand Down
7 changes: 3 additions & 4 deletions LDAP-Auth/LDAP-Auth.csproj
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,10 @@
<PropertyGroup>
<TargetFramework>net5.0</TargetFramework>
<RootNamespace>Jellyfin.Plugin.LDAP_Auth</RootNamespace>
<AssemblyVersion>10.0.0.0</AssemblyVersion>
<FileVersion>10.0.0.0</FileVersion>
<AssemblyVersion>11.0.0.0</AssemblyVersion>
<FileVersion>11.0.0.0</FileVersion>
<GenerateDocumentationFile>true</GenerateDocumentationFile>
<TreatWarningsAsErrors>true</TreatWarningsAsErrors>
<NoWarn>CA1707</NoWarn>
</PropertyGroup>

<ItemGroup>
Expand All @@ -22,7 +21,7 @@

<!-- Code Analyzers-->
<ItemGroup Condition=" '$(Configuration)' == 'Debug' ">
<PackageReference Include="Microsoft.CodeAnalysis.FxCopAnalyzers" Version="2.9.8" PrivateAssets="All" />
<PackageReference Include="Microsoft.CodeAnalysis.NetAnalyzers" Version="5.*" PrivateAssets="All" />
<PackageReference Include="SerilogAnalyzer" Version="0.15.0" PrivateAssets="All" />
<PackageReference Include="StyleCop.Analyzers" Version="1.1.118" PrivateAssets="All" />
<PackageReference Include="SmartAnalyzers.MultithreadingAnalyzer" Version="1.1.31" PrivateAssets="All" />
Expand Down
5 changes: 4 additions & 1 deletion LDAP-Auth/LDAPAuthenticationProviderPlugin.cs
Original file line number Diff line number Diff line change
Expand Up @@ -208,6 +208,9 @@ private LdapEntry LocateLdapUser(string username)

_logger.LogDebug("Search: {1} {2} @ {3}", LdapPlugin.Instance.Configuration.LdapBaseDn, SearchFilter, LdapPlugin.Instance.Configuration.LdapServer);

var usernameComparison = LdapPlugin.Instance.Configuration.EnableCaseInsensitiveUsername
? StringComparison.OrdinalIgnoreCase
: StringComparison.Ordinal;
while (ldapUsers.HasMore() && foundUser == false)
{
var currentUser = ldapUsers.Next();
Expand All @@ -218,7 +221,7 @@ private LdapEntry LocateLdapUser(string username)
{
foreach (var name in toCheck.StringValueArray)
{
if (username == name)
if (string.Equals(username, name, usernameComparison))
crobibero marked this conversation as resolved.
Show resolved Hide resolved
{
ldapUser = currentUser;
foundUser = true;
Expand Down
4 changes: 2 additions & 2 deletions build.yaml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
---
name: "LDAP Authentication"
guid: "958aad66-3784-4d2a-b89a-a7b6fab6e25c"
version: "10.0.0.0"
version: "11.0.0.0"
targetAbi: "10.7.0.0"
framework: "net5.0"
owner: "jellyfin"
Expand All @@ -15,4 +15,4 @@ artifacts:
- "LDAP-Auth.dll"
- "Novell.Directory.Ldap.NETStandard.dll"
changelog: >
Update for 10.7 support
Fix case-sensitive username check