patch adldap2 (#794)

vendor/adldap2/adldap2/src/Query/Factory.php

@@ -122,11 +122,18 @@ public function get()
      */
     public function users()
     {
-        return $this->where([
+        $wheres = [
             [$this->schema->objectClass(), Operator::$equals, $this->schema->objectClassUser()],
-            [$this->schema->objectCategory(), Operator::$equals, $this->schema->objectCategoryPerson()],
-            [$this->schema->objectClass(), Operator::$doesNotEqual, $this->schema->objectClassContact()],
-        ]);
+            [$this->schema->objectCategory(), Operator::$equals, $this->schema->objectCategoryPerson()]
+        ];
+
+        // OpenLDAP doesn't like specifying the omission of user objectclasses equal to `contact`.
+        // We'll make sure we're working with ActiveDirectory before adding this filter.
+        if (is_a($this->schema, ActiveDirectory::class)) {
+            $wheres[] = [$this->schema->objectClass(), Operator::$doesNotEqual, $this->schema->objectClassContact()];
+        }
+
+        return $this->where($wheres);
     }
 
     /**

vendor/libertempo/api/Tools/Services/LdapAuthentifierService.php

@@ -43,14 +43,13 @@ public function isAuthentificationSucceed(IRequest $request) : bool
 
         $this->ldap->addProvider($config);
 
-        $rdn = [
-            $configurationLdap->login . '=' . $this->getLogin(),
-            $configurationLdap->domaine,
-        ];
+
         $provider = $this->ldap->connect();
-        $connection = $provider->getConnection();
+        $search = $provider->search();
+        $search->select(['dn']);
+        $user = $search->where($configurationLdap->login, $this->getLogin())->firstOrFail();
 
-        return $connection->bind(implode(',', $rdn), $this->getPassword());
+        return $provider->auth()->attempt($user->getDn(), $this->getPassword());
     }
 
     /**