Attempt Base64-Decoding of mailcow_password when using Mailpassword

mailcow / mailcow-dockerized

mailcow: dockerized - 🐮 + 🐋 = 💕

https://mailcow.email

GNU General Public License v3.0

8.5k stars 1.14k forks source link

Attempt Base64-Decoding of mailcow_password when using Mailpassword #5568

Open MCMDEV opened 8 months ago

MCMDEV commented 8 months ago

Summary

Attempt to Base64-Decode the value of mailcow_password before denying login when using the Mailpassword Flow in the SSO feature of the nightly branch.

Motivation

This would enable easy integration when using an LDAP Backend. The userPassword could simply be mapped to mailcow_password in Keycloak.

Additional context

No response

flischi commented 7 months ago

+1 from me, this would really help! AFAIK all DS are responding to a userPassword request with a base64 encoded value. I've searched for something like Attribute Transformation in Keycloak but no luck. I'm wondering how the LDAP feature is intended to work with the mailcow_password then...

m-lindemann commented 7 months ago

+1 same for me. Stuck at base64 encoded value from openldap.