[bug]: Unable to properly use LDAP bind auth

[markv9401]

What happened?

When using LDAP backend (LLDAP namely, but almost certainly any, that won't expose password hashes - which none should optimally, really) and using LDAP Bind auth option, the "Secret" field (password hash) still needs to be filled with something. Cannot be left empty. If filled with garbage (nonexisting, or uid or anything else), it accepts and the bind auth happens, but in the logs:

Failed to generate OAuth token: Failed to obtain password hash

How can we reproduce the problem?

Set up LDAP auth with bind auth then try logging it with LLDAP, OpenLDAP or basically anything else without exposing hashes.

Version

v0.7.x

What database are you using?

None

What blob storage are you using?

None

Where is your directory located?

None

What operating system are you using?

None

Relevant log output

Failed to generate OAuth token: Failed to obtain password hash

Code of Conduct

• [X] I agree to follow this project's Code of Conduct

[mdecimus]

Not a bug, you missed this section of the documentation.

[markv9401]

No, I did see that in documentation. However, what I don't understand is, how users will be able to authenticate if OAuth is a must and OAuth breaks?

[mdecimus]

Users can still authenticate with any other SASL mechanism that is not OAuth, for example PLAIN and LOGIN. In any case, none of the popular email clients (Outlook, Thunderbird, Apple, etc) support OAuth anyway so this is won't be an issue. The only functionality that your users won't be able to access is the web-based self-service portal which requires OAuth. Also, as an administrator you'll have to use the Fallback admin account which does not rely on LDAP.

[markv9401]

Right. I missed this very part: users won't be able to access is the web-based self-service portal Indeed, IMAP/SMTP auth does work. I didn't even try until the web didn't work but it makes sense now, thanks! I'm having another issue with IMAP folders - webmail but that's for another thread :)

Thanks!