From eb325f075dc3d57e180acda25e128ae0ffeb70bc Mon Sep 17 00:00:00 2001
From: Akhil <akhil.potukuchi@gmail.com>
Date: Thu, 22 Dec 2022 16:43:24 +0530
Subject: [PATCH 1/2] Use cache in LDAP backend's checkPassword

Signed-off-by: Akhil <akhil@e.email>
---
 apps/user_ldap/lib/User_LDAP.php | 20 +++++++++-----------
 1 file changed, 9 insertions(+), 11 deletions(-)

diff --git a/apps/user_ldap/lib/User_LDAP.php b/apps/user_ldap/lib/User_LDAP.php
index d787bfea4d40c..5c14c71285605 100644
--- a/apps/user_ldap/lib/User_LDAP.php
+++ b/apps/user_ldap/lib/User_LDAP.php
@@ -113,11 +113,12 @@ public function canChangeAvatar($uid) {
 	 * @return string|false
 	 * @throws \Exception
 	 */
-	public function loginName2UserName($loginName) {
+	public function loginName2UserName($loginName, bool $forceLdapRefetch = false) {
 		$cacheKey = 'loginName2UserName-' . $loginName;
 		$username = $this->access->connection->getFromCache($cacheKey);
 
-		if ($username !== null) {
+		$ignoreCache = ($username === false && $forceLdapRefetch);
+		if ($username !== null && !$ignoreCache) {
 			return $username;
 		}
 
@@ -132,6 +133,9 @@ public function loginName2UserName($loginName) {
 			}
 			$username = $user->getUsername();
 			$this->access->connection->writeToCache($cacheKey, $username);
+			if ($forceLdapRefetch) {
+				$user->processAttributes($ldapRecord);
+			}
 			return $username;
 		} catch (NotOnLDAP $e) {
 			$this->access->connection->writeToCache($cacheKey, false);
@@ -175,16 +179,11 @@ public function getLDAPUserByLoginName($loginName) {
 	 * @return false|string
 	 */
 	public function checkPassword($uid, $password) {
-		try {
-			$ldapRecord = $this->getLDAPUserByLoginName($uid);
-		} catch (NotOnLDAP $e) {
-			$this->logger->debug(
-				$e->getMessage(),
-				['app' => 'user_ldap', 'exception' => $e]
-			);
+		$username = $this->loginName2UserName($uid, true);
+		if (!$username) {
 			return false;
 		}
-		$dn = $ldapRecord['dn'][0];
+		$dn = $this->access->username2dn($username);
 		$user = $this->access->userManager->get($dn);
 
 		if (!$user instanceof User) {
@@ -202,7 +201,6 @@ public function checkPassword($uid, $password) {
 			}
 
 			$this->access->cacheUserExists($user->getUsername());
-			$user->processAttributes($ldapRecord);
 			$user->markLogin();
 
 			return $user->getUsername();

From 2c8516524a06aeebcb1f320887579d38ebb33f49 Mon Sep 17 00:00:00 2001
From: Akhil <akhil@e.email>
Date: Thu, 21 Mar 2024 20:04:04 +0530
Subject: [PATCH 2/2] Explicitly check if username is false or not

Signed-off-by: Akhil <akhil@e.email>
---
 apps/user_ldap/lib/User_LDAP.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apps/user_ldap/lib/User_LDAP.php b/apps/user_ldap/lib/User_LDAP.php
index 5c14c71285605..148835b8ec6a7 100644
--- a/apps/user_ldap/lib/User_LDAP.php
+++ b/apps/user_ldap/lib/User_LDAP.php
@@ -180,7 +180,7 @@ public function getLDAPUserByLoginName($loginName) {
 	 */
 	public function checkPassword($uid, $password) {
 		$username = $this->loginName2UserName($uid, true);
-		if (!$username) {
+		if ($username === false) {
 			return false;
 		}
 		$dn = $this->access->username2dn($username);