From 221d823f3b9a0a44d4d28dd4b8a52d6b8e49a5ee Mon Sep 17 00:00:00 2001
From: Maxime Dor <max@kamax.io>
Date: Sun, 17 Sep 2017 14:01:38 +0200
Subject: [PATCH] Update LDAP library to fix auth filter bug

---
 application.example.yaml                                       | 2 --
 build.gradle                                                   | 2 +-
 .../groovy/io/kamax/mxisd/backend/ldap/LdapAuthProvider.java   | 3 +++
 3 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/application.example.yaml b/application.example.yaml
index 05d3891..4b96bac 100644
--- a/application.example.yaml
+++ b/application.example.yaml
@@ -227,8 +227,6 @@ key.path: '/path/to/sign.key'
 #
 # Example: (memberOf=CN=Matrix Users,CN=Users,DC=example,DC=org)
 #
-# /!\ Currently NOT supported due to a possible bug in LDAP library /!\
-#
 #ldap.auth.filter: ''
 
 
diff --git a/build.gradle b/build.gradle
index cfd8162..69df987 100644
--- a/build.gradle
+++ b/build.gradle
@@ -83,7 +83,7 @@ dependencies {
     compile 'net.i2p.crypto:eddsa:0.1.0'
 
     // LDAP connector
-    compile 'org.apache.directory.api:api-all:1.0.0-RC2'
+    compile 'org.apache.directory.api:api-all:1.0.0'
 
     // DNS lookups
     compile 'dnsjava:dnsjava:2.1.8'
diff --git a/src/main/groovy/io/kamax/mxisd/backend/ldap/LdapAuthProvider.java b/src/main/groovy/io/kamax/mxisd/backend/ldap/LdapAuthProvider.java
index 30a0fc9..0717d20 100644
--- a/src/main/groovy/io/kamax/mxisd/backend/ldap/LdapAuthProvider.java
+++ b/src/main/groovy/io/kamax/mxisd/backend/ldap/LdapAuthProvider.java
@@ -64,6 +64,9 @@ public class LdapAuthProvider extends LdapGenericBackend implements Authenticato
             MatrixID mxIdExt = new MatrixID(id);
             String userFilterValue = StringUtils.equals(LdapThreePidProvider.UID, uidType) ? mxIdExt.getLocalPart() : mxIdExt.getId();
             String userFilter = "(" + getCfg().getAttribute().getUid().getValue() + "=" + userFilterValue + ")";
+            if (!StringUtils.isBlank(getCfg().getAuth().getFilter())) {
+                userFilter = "(&" + getCfg().getAuth().getFilter() + userFilter + ")";
+            }
             EntryCursor cursor = conn.search(getCfg().getConn().getBaseDn(), userFilter, SearchScope.SUBTREE, getUidAttribute(), getCfg().getAttribute().getName());
             try {
                 while (cursor.next()) {