regression(federation): LDAP using wrong federation settings and username (#37209)

rodrigok · web-flow · commit cae30c7024a0 · 2025-10-11T08:39:50.000-03:00
diff --git a/apps/meteor/server/lib/ldap/Manager.ts b/apps/meteor/server/lib/ldap/Manager.ts
@@ -197,10 +197,12 @@ export class LDAPManager {
 				},
 			},
 			...(homeServer && {
-				username: `${username}:${homeServer}`,
+				username: `@${username}:${homeServer}`,
 				federated: true,
 				federation: {
 					version: 1,
+					mui: `@${username}:${homeServer}`,
+					origin: homeServer,
 				},
 			}),
 		};
@@ -488,7 +490,7 @@ export class LDAPManager {
 	}
 
 	protected static getFederationHomeServer(ldapUser: ILDAPEntry): string | undefined {
-		if (!settings.get<boolean>('Federation_Matrix_enabled')) {
+		if (!settings.get<boolean>('Federation_Service_Enabled')) {
 			return;
 		}
 
@@ -501,25 +503,14 @@ export class LDAPManager {
 
 		logger.debug({ msg: 'User has a federation home server', homeServer });
 
-		const localServer = settings.get<string>('Federation_Matrix_homeserver_domain');
+		const localServer = settings.get<string>('Federation_Service_Domain');
 		if (localServer === homeServer) {
 			return;
 		}
 
 		return homeServer;
 	}
 
-	protected static getFederatedUsername(ldapUser: ILDAPEntry, requestUsername: string): string {
-		const username = this.slugifyUsername(ldapUser, requestUsername);
-		const homeServer = this.getFederationHomeServer(ldapUser);
-
-		if (homeServer) {
-			return `${username}:${homeServer}`;
-		}
-
-		return username;
-	}
-
 	// This method will find existing users by LDAP id or by username.
 	private static async findExistingUser(ldapUser: ILDAPEntry, slugifiedUsername: string): Promise<IUser | undefined | null> {
 		const user = await this.findExistingLDAPUser(ldapUser);
