fix: ldap-authorization should be considered external (#8047)

* fix: ldap-authorization should be considered external When sso auth type was added (1c6b7a9), some code for getting a username was moved into HttpAuthAuthorizer. LdapAuthorizationAuthorizer uses the same process to get the username and needs to be updated as well. * Use common implementation of getExternalUsername Authorizers get the default implementation by setting AUTH_IS_EXTERNAL. ADAuthorizationAuthorizer is another candidate.
2024-10-07 16:52:45 +00:00 · 2018-01-09 17:13:47 -05:00
parent 803e5419f3
commit 2fb8dd7904
4 changed files with 7 additions and 10 deletions
--- a/LibreNMS/Authentication/ADAuthorizationAuthorizer.php
+++ b/LibreNMS/Authentication/ADAuthorizationAuthorizer.php
@@ -8,6 +8,7 @@ use LibreNMS\Exceptions\AuthenticationException;
 class ADAuthorizationAuthorizer extends AuthorizerBase
 {
    protected $ldap_connection;
+    protected static $AUTH_IS_EXTERNAL = 1;

    public function __construct()
    {
--- a/LibreNMS/Authentication/AuthorizerBase.php
+++ b/LibreNMS/Authentication/AuthorizerBase.php
@@ -252,6 +252,10 @@ abstract class AuthorizerBase implements Authorizer

    public function getExternalUsername()
    {
-        return null;
+        if (isset($_SERVER['REMOTE_USER'])) {
+            return clean($_SERVER['REMOTE_USER']);
+        } elseif (isset($_SERVER['PHP_AUTH_USER'])) {
+            return clean($_SERVER['PHP_AUTH_USER']);
+        }
    }
 }
--- a/LibreNMS/Authentication/HttpAuthAuthorizer.php
+++ b/LibreNMS/Authentication/HttpAuthAuthorizer.php
@@ -104,13 +104,4 @@ class HttpAuthAuthorizer extends AuthorizerBase
    {
        dbUpdate(array('realname' => $realname, 'level' => $level, 'can_modify_passwd' => $can_modify_passwd, 'email' => $email), 'users', '`user_id` = ?', array($user_id));
    }
-
-    public function getExternalUsername()
-    {
-        if (isset($_SERVER['REMOTE_USER'])) {
-            return clean($_SERVER['REMOTE_USER']);
-        } elseif (isset($_SERVER['PHP_AUTH_USER'])) {
-            return clean($_SERVER['PHP_AUTH_USER']);
-        }
-    }
 }
--- a/LibreNMS/Authentication/LdapAuthorizationAuthorizer.php
+++ b/LibreNMS/Authentication/LdapAuthorizationAuthorizer.php
@@ -45,6 +45,7 @@ use LibreNMS\Exceptions\AuthenticationException;
 class LdapAuthorizationAuthorizer extends AuthorizerBase
 {
    protected $ldap_connection;
+    protected static $AUTH_IS_EXTERNAL = 1;

    public function __construct()
    {