milux / ctldap

LDAP Wrapper for ChurchTools
GNU General Public License v3.0
12 stars 8 forks source link

wrong password results in 400 (Bad Request) #47

Closed teleharry closed 1 year ago

teleharry commented 1 year ago

Lately since version 3.0.2 and Chuchtools 3.100 we have an issue on Nextcloud login with wrong passwords. In this case Nextcloud ends up with an Internal Server Error.

Nextcloud Log shows: version":"26.0.5.1","exception":{"Exception":"Exception","Message":"LDAP Operations error","Code":1,"Trace":[{"file":"/srv/nextcloud/nc/apps/user_ldap/lib/LDAP.php

ctldap log:

ctldap3  | 2023-08-11T06:53:59.316Z [ERROR] churchtools - Authentication error:
ctldap3  | HTTPError: Response code 400 (Bad Request)
ctldap3  |     at Request.<anonymous> (file:///app/node_modules/got/dist/source/as-promise/index.js:86:42)
ctldap3  |     at Object.onceWrapper (node:events:628:26)
ctldap3  |     at Request.emit (node:events:525:35)
ctldap3  |     at Request._onResponseBase (file:///app/node_modules/got/dist/source/core/index.js:726:22)
ctldap3  |     at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
ctldap3  |     at async Request._onResponse (file:///app/node_modules/got/dist/source/core/index.js:768:13)

Wrong users will fall back to login-page and therefore works. Also proper logins working fine.

Same on older Versions on Nextcloud 25, so it seems to be related to ctldap 3.0.2?

milux commented 1 year ago

~~Yes, I confirm this bug. Working on a fix, thanks for sharing!~~

Well, have to correct myself here, I guess... Apart from the logging output, the things happening behind the scenes are basically the same as before. An error is passed to LDAP if the user authentication fails. I'm experimenting with LDAPErrors instead, let's see if that helps here.

milux commented 1 year ago

Update: It was actually a wrong LDAP error type that caused this behavior. Probably this happened due to some change in semantics with the newer ldapjs version. Fix is on the way. (Docker containers with tags latest, 3 and 3.1.0 are available now.)