remove base check (case in/sensitivity issues)

TeskaLabs · Sep 13, 2024 · b5809a1 · b5809a1
1 parent b2bcf34
commit b5809a1
Showing 1 changed file with 4 additions and 7 deletions.
diff --git a/seacatauth/credentials/providers/ldap.py b/seacatauth/credentials/providers/ldap.py
@@ -176,20 +176,17 @@ def _get_worker(self, prefix, credentials_id, include=None) -> Optional[dict]:
 
 		# TODO: Validate credetials_id with regex
 
-		# Ensure that the base lies within configured base
-		base = base64.urlsafe_b64decode(credentials_id[len(prefix):]).decode("utf-8")
-		if not base.endswith(self.Config["base"]):
-			raise KeyError("Credentials {!r} do not end with {!r}".format(credentials_id, self.Config["base"]))
-
+		cn = base64.urlsafe_b64decode(credentials_id[len(prefix):]).decode("utf-8")
 		with self._ldap_client() as lc:
 			try:
 				sr = lc.search_s(
-					base,
+					cn,
 					ldap.SCOPE_BASE,
 					filterstr=self.Config["filter"],
 					attrlist=self.AttrList,
 				)
-			except ldap.NO_SUCH_OBJECT:
+			except ldap.NO_SUCH_OBJECT as e:
+				L.error(e)
 				sr = []
 
 		if len(sr) == 0: