From cf794db595072d0923b0a24e76c30fbd0aa20f8e Mon Sep 17 00:00:00 2001
From: Ahmad Farhat <ahmad.af.farhat@gmail.com>
Date: Thu, 11 Jun 2020 11:28:55 -0400
Subject: [PATCH] Added ability to map attributes for LDAP (#1779)

---
 Gemfile                                | 2 +-
 Gemfile.lock                           | 4 ++--
 app/controllers/sessions_controller.rb | 2 +-
 sample.env                             | 2 ++
 4 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/Gemfile b/Gemfile
index 0c712a2a..17f17ca3 100644
--- a/Gemfile
+++ b/Gemfile
@@ -52,7 +52,7 @@ gem 'omniauth-twitter'
 gem 'omniauth-google-oauth2'
 gem 'omniauth-bn-launcher', '~> 0.1.3'
 gem 'net-ldap'
-gem 'bn-ldap-authentication', '~> 0.1.3'
+gem 'bn-ldap-authentication', '~> 0.1.4'
 gem 'omniauth-bn-office365', '~> 0.1.1'
 
 # BigBlueButton API wrapper.
diff --git a/Gemfile.lock b/Gemfile.lock
index 79d6ef0e..06be1aca 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -62,7 +62,7 @@ GEM
     bigbluebutton-api-ruby (1.7.0)
       xml-simple (~> 1.1)
     bindex (0.8.1)
-    bn-ldap-authentication (0.1.3)
+    bn-ldap-authentication (0.1.4)
       net-ldap (~> 0)
     bootsnap (1.4.6)
       msgpack (~> 1.0)
@@ -337,7 +337,7 @@ DEPENDENCIES
   action-cable-testing
   bcrypt (~> 3.1.7)
   bigbluebutton-api-ruby
-  bn-ldap-authentication (~> 0.1.3)
+  bn-ldap-authentication (~> 0.1.4)
   bootsnap (>= 1.1.0)
   bootstrap (~> 4.3.1)
   byebug
diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb
index 359efbfd..c3db89c5 100644
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -146,7 +146,7 @@ class SessionsController < ApplicationController
 
     return redirect_to(ldap_signin_path, alert: I18n.t("invalid_credentials")) unless result
 
-    @auth = parse_auth(result.first, ENV['LDAP_ROLE_FIELD'])
+    @auth = parse_auth(result.first, ENV['LDAP_ROLE_FIELD'], ENV['LDAP_ATTRIBUTE_MAPPING'])
 
     begin
       process_signin
diff --git a/sample.env b/sample.env
index 2b53286b..6b3d67a8 100644
--- a/sample.env
+++ b/sample.env
@@ -73,6 +73,7 @@ OAUTH2_REDIRECT=
 #   LDAP_PASSWORD=password
 #   LDAP_ROLE_FIELD=ou
 #   LDAP_FILTER=(&(attr1=value1)(attr2=value2))
+#   LDAP_ATTRIBUTE_MAPPING=name=displayName;uid=uid; (See link above for more details)
 LDAP_SERVER=
 LDAP_PORT=
 LDAP_METHOD=
@@ -83,6 +84,7 @@ LDAP_AUTH=
 LDAP_PASSWORD=
 LDAP_ROLE_FIELD=
 LDAP_FILTER=
+LDAP_ATTRIBUTE_MAPPING=
 
 # Set this to true if you want GreenLight to support user signup and login without
 # Omniauth. For more information, see: