Allow the bind failure trait to be more extensible

#80
DirectoryTree · Mar 5, 2020 · 5ef0f62 · 5ef0f62
1 parent 53275dd
commit 5ef0f62
Showing 1 changed file with 21 additions and 5 deletions.
diff --git a/src/Auth/ListensForLdapBindFailure.php b/src/Auth/ListensForLdapBindFailure.php
@@ -35,22 +35,35 @@ protected function ldapBindFailed($errorMessage, $diagnosticMessage = null)
     {
         switch (true) {
             case $this->causedByLostConnection($errorMessage):
-                $this->throwLoginValidationException($errorMessage);
+                $this->handleLdapBindError($errorMessage);
                 break;
-            case $this->causedByInvalidCredentials($errorMessage):
+            case $this->causedByInvalidCredentials($errorMessage, $diagnosticMessage):
                 // We'll bypass any invalid LDAP credential errors and let
                 // the login controller handle it. This is so proper
                 // translation can be done on the validation error.
                 break;
             default:
                 foreach ($this->ldapDiagnosticCodeErrorMap() as $code => $message) {
                     if ($this->errorContainsMessage($diagnosticMessage, (string) $code)) {
-                        $this->throwLoginValidationException($message);
+                        $this->handleLdapBindError($message, $code);
                     }
                 }
         }
     }
 
+    /**
+     * Handle the LDAP bind error.
+     *
+     * @param string $message
+     * @param string $code
+     *
+     * @throws ValidationException
+     */
+    protected function handleLdapBindError($message, $code = null)
+    {
+        $this->throwLoginValidationException($message);
+    }
+
     /**
      * Throw a login validation exception.
      *
@@ -69,12 +82,15 @@ protected function throwLoginValidationException($message)
      * Determine if the LDAP error generated is caused by invalid credentials.
      *
      * @param string $errorMessage
+     * @param string $diagnosticMessage
      *
      * @return bool
      */
-    protected function causedByInvalidCredentials($errorMessage)
+    protected function causedByInvalidCredentials($errorMessage, $diagnosticMessage)
     {
-        return $this->errorContainsMessage($errorMessage, 'Invalid credentials');
+        return
+            $this->errorContainsMessage($errorMessage, 'Invalid credentials') &&
+            $this->errorContainsMessage($diagnosticMessage, '52e');
     }
 
     /**