From 6177e28f6fb4ece824f5f9eafd81bc1328e6950e Mon Sep 17 00:00:00 2001
From: matt6697 <32440697+matt6697@users.noreply.github.com>
Date: Wed, 13 Dec 2023 14:48:24 +0100
Subject: [PATCH] Fix LDAP+SSO authentication (AUTH_TYPE == 4) Use ldap.php in
 auth phase to extract user LDAP attributes Check user existence with
 search_on_loginnt($login) Do not check password validity when $affich_method
 == 'SSO'

---
 backend/AUTH/methode/ldap.php    | 8 +++++++-
 backend/require/auth.manager.php | 5 ++++-
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/backend/AUTH/methode/ldap.php b/backend/AUTH/methode/ldap.php
index a9ed72782..e0023ca2c 100755
--- a/backend/AUTH/methode/ldap.php
+++ b/backend/AUTH/methode/ldap.php
@@ -68,7 +68,13 @@ function verif_pw_ldap($login, $pw) {
         // login doesn't exist
         return ("BAD LOGIN OR PASSWORD");
     }
-    return (ldap_test_pw($info[0]["dn"], $pw) ? "OK" : "BAD LOGIN OR PASSWORD");
+
+    $affich_method = get_affiche_methode();
+    if($affich_method == 'SSO') {
+        return (isset($info[0]["dn"]) ? "OK" : "BAD LOGIN OR PASSWORD");
+    } else {
+        return (ldap_test_pw($info[0]["dn"], $pw) ? "OK" : "BAD LOGIN OR PASSWORD");
+    }
 }
 
 function search_on_loginnt($login) {
diff --git a/backend/require/auth.manager.php b/backend/require/auth.manager.php
index d6d57131d..8b1ddd67a 100644
--- a/backend/require/auth.manager.php
+++ b/backend/require/auth.manager.php
@@ -51,7 +51,10 @@ function get_list_methode($identity = false){
             );
 
         case 4:
-
+            return array(
+                0 => "ldap.php"
+            );
+            break;
         case 5:
             if($identity){
                 return array(