LDAP: Fixed php type error when no cn provided for user

ssddanbrown · ssddanbrown · commit 35b45a2b8d81 · 2025-02-20T13:06:49.000Z
Changes default fallback for name to first DN part, otherwise the whole DN, rather than leave as null which was causing a type error. For #5443
diff --git a/app/Access/LdapService.php b/app/Access/LdapService.php
@@ -112,10 +112,14 @@ public function getUserDetails(string $userName): ?array
             return null;
         }
 
-        $userCn = $this->getUserResponseProperty($user, 'cn', null);
+        $nameDefault = $this->getUserResponseProperty($user, 'cn', null);
+        if (is_null($nameDefault)) {
+            $nameDefault = ldap_explode_dn($user['dn'], 1)[0] ?? $user['dn'];
+        }
+
         $formatted = [
             'uid'   => $this->getUserResponseProperty($user, $idAttr, $user['dn']),
-            'name'  => $this->getUserDisplayName($user, $displayNameAttrs, $userCn),
+            'name'  => $this->getUserDisplayName($user, $displayNameAttrs, $nameDefault),
             'dn'    => $user['dn'],
             'email' => $this->getUserResponseProperty($user, $emailAttr, null),
             'avatar' => $thumbnailAttr ? $this->getUserResponseProperty($user, $thumbnailAttr, null) : null,
diff --git a/tests/Auth/LdapTest.php b/tests/Auth/LdapTest.php
@@ -166,6 +166,26 @@ public function test_login_works_when_no_uid_provided_by_ldap_server()
         $this->assertDatabaseHas('users', ['email' => $this->mockUser->email, 'email_confirmed' => false, 'external_auth_id' => $ldapDn]);
     }
 
+    public function test_login_works_when_ldap_server_does_not_provide_a_cn_value()
+    {
+        $ldapDn = 'cn=test-user,dc=test' . config('services.ldap.base_dn');
+
+        $this->commonLdapMocks(1, 1, 1, 2, 1);
+        $this->mockLdap->shouldReceive('searchAndGetEntries')->times(1)
+            ->with($this->resourceId, config('services.ldap.base_dn'), \Mockery::type('string'), \Mockery::type('array'))
+            ->andReturn(['count' => 1, 0 => [
+                'dn'   => $ldapDn,
+                'mail' => [$this->mockUser->email],
+            ]]);
+
+        $resp = $this->mockUserLogin();
+        $resp->assertRedirect('/');
+        $this->assertDatabaseHas('users', [
+            'name' => 'test-user',
+            'email' => $this->mockUser->email,
+        ]);
+    }
+
     public function test_a_custom_uid_attribute_can_be_specified_and_is_used_properly()
     {
         config()->set(['services.ldap.id_attribute' => 'my_custom_id']);
