outpost/ldap: search filter not working with multiple objectClass

[vherrlein]

Describe the bug When an LDAP search query is sent with multiple OR including objectClasses, the outpost LDAP filters on the latest objectClass attribute found within the query.

To Reproduce Use a query such as the following (| (&(objectclass=user)(uid=adm*)) (&(objectclass=group)(cn=adm*)) (&(objectclass=user)(mail=adm*)) (&(objectclass=group)(uid=adm*)) (&(objectclass=user)(sn=adm*)) )

Expected behavior It must return all users or groups which matches one of the following predicates:

• User attrbitue uid starts with the value adm
• User attrbitue mail starts with the value adm
• User attrbitue sn starts with the value adm
• Group attrbitue cn starts with the value adm
• Group attrbitue uid starts with the value adm

Screenshots If applicable, add screenshots to help explain your problem.

Logs N/A

Version and Deployment (please complete the following information):

• authentik version: 2023.10.4
• Deployment: helm

[vherrlein]

@BeryJu do you have an idea on how to implement that behavior ?

[authentik-automation[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[vherrlein]

The issue is still there …

[vuongpn1995]

I has a same problem but still not fixed

[authentik-automation[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[vherrlein]

Issue still there

[vherrlein]

For information, that issue is still present on the version: 2024.8.3

As it's a confirmed bug, any plan to fix it ?