From dd670b1f5e4feb3c7bf7578456cb708164b20926 Mon Sep 17 00:00:00 2001
From: grueneedv <grueneedv@users.noreply.github.com>
Date: Tue, 3 May 2016 10:30:11 +0200
Subject: [PATCH] Update AttributeAddUsersGroups.php

Added OpenLDAP case in getgroups function
---
 .../Auth/Process/AttributeAddUsersGroups.php  | 25 ++++++++++++++++++-
 1 file changed, 24 insertions(+), 1 deletion(-)

diff --git a/modules/ldap/lib/Auth/Process/AttributeAddUsersGroups.php b/modules/ldap/lib/Auth/Process/AttributeAddUsersGroups.php
index 6364efe9e..a9ee77f70 100644
--- a/modules/ldap/lib/Auth/Process/AttributeAddUsersGroups.php
+++ b/modules/ldap/lib/Auth/Process/AttributeAddUsersGroups.php
@@ -113,7 +113,30 @@ class sspmod_ldap_Auth_Process_AttributeAddUsersGroups extends sspmod_ldap_Auth_
 				// Pass to the AD specific search
 				$groups = $this->searchActiveDirectory($attributes[$map['dn']][0]);
 				break;
-
+				
+            case 'OPENLDAP':
+                // Log the OpenLDAP specific search
+                SimpleSAML_Logger::debug(
+                    $this->title . 'Searching LDAP using OpenLDAP specific method.'
+                );
+                // Print group search string and search for all group names
+                $openldap_base = $this->config->getString('ldap.basedn','ou=groups,dc=example,dc=com');
+                SimpleSAML_Logger::debug(
+                    $this->title . "Searching for groups in ldap.basedn ".$openldap_base." with filter (".$map['memberof']."=".$attributes['uid'][0].") and attributes ".$map['member']
+                );
+                $groups = array();
+                try {
+                  // Intention is to filter in 'ou=groups,dc=example,dc=com' for '(memberUid = <UID>)' and take only the attributes 'cn' (=name of the group)
+                  $all_groups = $this->getLdap()->searchformultiple( $openldap_base, array($map['memberof'] => $attributes['uid'][0]) , array($map['member']));
+                } catch (SimpleSAML_Error_UserNotFound $e) {
+                  break; // if no groups found return with empty (still just initialized) groups array
+                }
+                // run through all groups and add each to our groups array
+                foreach ( $all_groups as $group_entry ) {
+                  $groups[] .= $group_entry[$map['member']][0];
+                }
+                break;
+                                
 			default:
 
 				// Log the general search
-- 
GitLab