Skip to content

Commit 73be3e9

Browse files
committed
Auth: Make object_class configurable for LDAP queries and update default to 'inetOrgPerson' - refs BT#23146
1 parent 57ea2f6 commit 73be3e9

3 files changed

Lines changed: 7 additions & 2 deletions

File tree

config/authentication.dist.yaml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -92,6 +92,7 @@ parameters:
9292
phone: null
9393
active: null
9494
admin: null
95+
object_class: 'inetOrgPerson'
9596

9697
scim:
9798
enabled: false

src/CoreBundle/Helpers/AuthenticationConfigHelper.php

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -118,6 +118,7 @@ public function getLdapConfig(?AccessUrl $url = null): array
118118
'data_correspondence' => $this->getLdapDataCorrespondenceConfig(
119119
$ldapConfig['data_correspondence'] ?? []
120120
),
121+
'object_class' => $ldapConfig['object_class'] ?? 'inetOrgPerson',
121122
];
122123
}
123124

src/CoreBundle/Helpers/LdapAuthenticatorHelper.php

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,7 @@ private function queryAllUsers(): array
4444
$keywordType = trim($request->query->get('keyword_type', ''));
4545

4646
$ldapQuery = [
47-
'(objectClass=inetOrgPerson)',
47+
"(objectClass={$this->ldapConfig['object_class']})",
4848
];
4949

5050
if ($keywordUsername) {
@@ -84,7 +84,10 @@ private function queryByOu(string $ou): array
8484
}
8585

8686
return $this->ldap
87-
->query("ou=$ou,".$this->ldapConfig['base_dn'], '(objectClass=inetOrgPerson)')
87+
->query(
88+
"ou=$ou,".$this->ldapConfig['base_dn'],
89+
"(objectClass={$this->ldapConfig['object_class']})"
90+
)
8891
->execute()
8992
->toArray()
9093
;

0 commit comments

Comments
 (0)