ldap: transition to lowercase dn from case mixed in sessions (#50908)
This commit is contained in:
parent
19a8dfc2bd
commit
69254370cb
|
@ -257,6 +257,10 @@ class LDAPUser(User):
|
|||
def init_from_session(self, session):
|
||||
if self.SESSION_LDAP_DATA_KEY in session:
|
||||
self.ldap_data = session[self.SESSION_LDAP_DATA_KEY]
|
||||
# update dn case, can be removed in the future
|
||||
self.ldap_data['dn'] = self.ldap_data['dn'].lower()
|
||||
if self.ldap_data.get('password'):
|
||||
self.ldap_data['password'] = {key.lower(): value for key, value in self.ldap_data['password'].items()}
|
||||
|
||||
# retrieve encrypted bind pw if necessary
|
||||
encrypted_bindpw = self.ldap_data.get('block', {}).get('encrypted_bindpw')
|
||||
|
|
|
@ -245,10 +245,10 @@ def test_keep_password_in_session(slapd, settings, client, db):
|
|||
assert user.ou == get_default_ou()
|
||||
assert not user.check_password(PASS)
|
||||
assert client.session['ldap-data']['password']
|
||||
assert force_text(DN) in result.context['request'].user.ldap_data['password']
|
||||
assert DN.lower() in result.context['request'].user.ldap_data['password']
|
||||
assert crypto.aes_base64_decrypt(
|
||||
settings.SECRET_KEY,
|
||||
force_bytes(result.context['request'].user.ldap_data['password'][force_text(DN)])) == force_bytes(PASS)
|
||||
force_bytes(result.context['request'].user.ldap_data['password'][DN.lower()])) == force_bytes(PASS)
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
|
|
Loading…
Reference in New Issue