diff options
| author | Arthur Schiwon <blizzz@arthur-schiwon.de> | 2018-03-14 16:58:20 +0300 |
|---|---|---|
| committer | Arthur Schiwon <blizzz@arthur-schiwon.de> | 2018-03-14 19:53:07 +0300 |
| commit | bed32b460fdba7d8d8ef0586c63272c6d2575643 (patch) | |
| tree | 4e402dca076ef5df4ca61cc51155df5e330beed1 | |
| parent | 2d167fd365e64c291f1bcd50ddaf9d6644034043 (diff) | |
try to lookup a user if the uid does not resolve and autoprov is disabled
it might well may be that the user exists but is not yet known to the
specific backend in Nextcloud and need to be mapped first.
This assumes that searching for the uid will actually find the user. This
is not necessarily given by the backend configuration.
Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
| -rw-r--r-- | lib/Controller/SAMLController.php | 7 | ||||
| -rw-r--r-- | tests/unit/Controller/SAMLControllerTest.php | 53 |
2 files changed, 59 insertions, 1 deletions
diff --git a/lib/Controller/SAMLController.php b/lib/Controller/SAMLController.php index b3e53d4d..aa4c163f 100644 --- a/lib/Controller/SAMLController.php +++ b/lib/Controller/SAMLController.php @@ -121,6 +121,13 @@ class SAMLController extends Controller { } if(!$userExists && !$autoProvisioningAllowed) { + // it is possible that the user was not logged in before and + // thus is not known to the original backend. A search can + // help with it and make the user known + $this->userManager->search($uid); + if($this->userManager->userExists($uid)) { + return; + } throw new NoUserFoundException(); } elseif(!$userExists && $autoProvisioningAllowed) { $this->userBackend->createUserIfNotExists($uid); diff --git a/tests/unit/Controller/SAMLControllerTest.php b/tests/unit/Controller/SAMLControllerTest.php index d0ad4e0a..def38c1f 100644 --- a/tests/unit/Controller/SAMLControllerTest.php +++ b/tests/unit/Controller/SAMLControllerTest.php @@ -367,7 +367,7 @@ class SAMLControllerTest extends TestCase { ->with('user_saml', 'general-uid_mapping') ->willReturn('uid'); $this->userManager - ->expects($this->once()) + ->expects($this->any()) ->method('userExists') ->with('MyUid') ->willReturn(false); @@ -385,6 +385,57 @@ class SAMLControllerTest extends TestCase { $this->assertEquals($expected, $this->samlController->login()); } + public function testLoginWithEnvVariableAndNotYetMappedUserWithoutProvisioning() { + $this->config + ->expects($this->at(0)) + ->method('getAppValue') + ->with('user_saml', 'type') + ->willReturn('environment-variable'); + $this->session + ->expects($this->once()) + ->method('get') + ->with('user_saml.samlUserData') + ->willReturn([ + 'foo' => 'bar', + 'uid' => 'MyUid', + 'bar' => 'foo', + ]); + $this->config + ->expects($this->at(1)) + ->method('getAppValue') + ->with('user_saml', 'general-uid_mapping') + ->willReturn('uid'); + $this->userManager + ->expects($this->exactly(2)) + ->method('userExists') + ->with('MyUid') + ->willReturnOnConsecutiveCalls(false, true); + $this->userManager + ->expects($this->once()) + ->method('get') + ->with('MyUid') + ->willReturn($this->createMock(IUser::class)); + $this->urlGenerator + ->expects($this->once()) + ->method('getAbsoluteUrl') + ->with('/') + ->willReturn('https://nextcloud.com/absolute/'); + $this->urlGenerator + ->expects($this->never()) + ->method('linkToRouteAbsolute'); + $this->userBackend + ->expects($this->once()) + ->method('autoprovisionAllowed') + ->willReturn(false); + $this->userBackend + ->expects($this->once()) + ->method('getCurrentUserId') + ->willReturn('MyUid'); + + $expected = new RedirectResponse('https://nextcloud.com/absolute/'); + $this->assertEquals($expected, $this->samlController->login()); + } + public function testNotProvisioned() { $expected = new TemplateResponse('user_saml', 'notProvisioned', [], 'guest'); $this->assertEquals($expected, $this->samlController->notProvisioned()); |