Fix reported issues

simplesamlphp · Apr 7, 2024 · 876139b · 876139b
1 parent 4421401
commit 876139b
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 8 deletions.
diff --git a/composer.json b/composer.json
@@ -47,7 +47,8 @@
         "simplesamlphp/composer-module-installer": "^1.3.2",
         "simplesamlphp/simplesamlphp": "^2.2",
         "simplesamlphp/simplesamlphp-module-ldap": "^2.2",
-        "symfony/http-foundation": "^6.4"
+        "symfony/http-foundation": "^6.4",
+        "symfony/security-bundle": "^6.4"
     },
     "require-dev": {
         "simplesamlphp/simplesamlphp-test-framework": "^1.6.0"

diff --git a/src/Auth/Source/X509userCert.php b/src/Auth/Source/X509userCert.php
@@ -271,7 +271,7 @@ public function authSuccesful(array &$state): void
      */
     public function findUserByAttribute(string $attr, string $value): ?Entry
     {
-        $searchBase = $this->ldapConfig->getString('search.base');
+        $searchBase = $this->ldapConfig->getArray('search.base');
 
         $searchUsername = $this->ldapConfig->getString('search.username');
         Assert::notWhitespaceOnly($searchUsername);
@@ -280,13 +280,17 @@ public function findUserByAttribute(string $attr, string $value): ?Entry
         Assert::nullOrnotWhitespaceOnly($searchPassword);
 
         $ldap = ConnectorFactory::fromAuthSource($this->backend);
-        $ldapUserProvider = new LdapUserProvider($ldap, $searchBase, $searchUsername, $searchPassword, [], $attr);
 
-        try {
-            return $ldapUserProvider->loadUserByIdentifier($value)->getEntry();
-        } catch (UserNotFoundException $e) {
-            // We haven't found the user
-            return null;
+        foreach ($searchBase as $base) {
+            $ldapUserProvider = new LdapUserProvider($ldap, $base, $searchUsername, $searchPassword, [], $attr);
+            try {
+                return $ldapUserProvider->loadUserByIdentifier($value)->getEntry();
+            } catch (UserNotFoundException $e) {
+                continue;
+            }
         }
+
+        // We haven't found the user
+        return null;
     }
 }