From 49b9fc8078eeaa50fb755bf090e6834593a1525c Mon Sep 17 00:00:00 2001
From: "H. Shay" <hillerys@element.io>
Date: Mon, 25 Apr 2022 16:12:32 -0700
Subject: [PATCH 1/6] normalize localpart before interacting with synapse

---
 ldap_auth_provider.py | 5 ++++-
 tests/test_simple.py  | 9 +++++++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/ldap_auth_provider.py b/ldap_auth_provider.py
index 9398350..ac47dad 100644
--- a/ldap_auth_provider.py
+++ b/ldap_auth_provider.py
@@ -23,7 +23,7 @@
 import synapse
 from pkg_resources import parse_version
 from synapse.module_api import ModuleApi
-from synapse.types import JsonDict
+from synapse.types import JsonDict, map_username_to_mxid_localpart
 from twisted.internet import threads
 
 __version__ = "0.2.0"
@@ -182,6 +182,9 @@ async def check_auth(
                 )
                 return None
 
+            # normalize localpart for use with synapse
+            localpart = synapse.types.map_username_to_mxid_localpart(localpart)
+
             # Get full user id from localpart
             user_id = self.account_handler.get_qualified_user_id(localpart)
 
diff --git a/tests/test_simple.py b/tests/test_simple.py
index 0ffaf7f..6e570b0 100644
--- a/tests/test_simple.py
+++ b/tests/test_simple.py
@@ -95,6 +95,15 @@ def test_no_pwd(self):
         )
         self.assertFalse(result)
 
+    @defer.inlineCallbacks
+    def test_uppercase_username(self):
+        result = yield defer.ensureDeferred(
+            self.auth_provider.check_auth(
+                "BOB", "m.login.password", {"password": "secret"}
+            )
+        )
+        self.assertEqual(result, "@bob:test")
+
 
 class LdapSearchTestCase(unittest.TestCase):
     @defer.inlineCallbacks

From 1c16263012f9eb966b6c671bef182bd61b5a1191 Mon Sep 17 00:00:00 2001
From: "H. Shay" <hillerys@element.io>
Date: Mon, 25 Apr 2022 16:25:51 -0700
Subject: [PATCH 2/6] use better variables

---
 ldap_auth_provider.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ldap_auth_provider.py b/ldap_auth_provider.py
index ac47dad..5556262 100644
--- a/ldap_auth_provider.py
+++ b/ldap_auth_provider.py
@@ -183,10 +183,10 @@ async def check_auth(
                 return None
 
             # normalize localpart for use with synapse
-            localpart = synapse.types.map_username_to_mxid_localpart(localpart)
+            normalized_localpart = synapse.types.map_username_to_mxid_localpart(localpart)
 
             # Get full user id from localpart
-            user_id = self.account_handler.get_qualified_user_id(localpart)
+            user_id = self.account_handler.get_qualified_user_id(normalized_localpart)
 
             # check if user with user_id exists
             if await self.account_handler.check_user_exists(user_id):
@@ -226,7 +226,7 @@ async def check_auth(
                     mail = None
 
                 # Register the user
-                user_id = await self.register_user(localpart, display_name, mail)
+                user_id = await self.register_user(normalized_localpart, display_name, mail)
 
                 return user_id
 

From b21c00717246191e7dfff932e163285be5db59ca Mon Sep 17 00:00:00 2001
From: "H. Shay" <hillerys@element.io>
Date: Mon, 25 Apr 2022 16:30:28 -0700
Subject: [PATCH 3/6] properly use import

---
 ldap_auth_provider.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ldap_auth_provider.py b/ldap_auth_provider.py
index 5556262..8bfb8d3 100644
--- a/ldap_auth_provider.py
+++ b/ldap_auth_provider.py
@@ -183,7 +183,7 @@ async def check_auth(
                 return None
 
             # normalize localpart for use with synapse
-            normalized_localpart = synapse.types.map_username_to_mxid_localpart(localpart)
+            normalized_localpart = map_username_to_mxid_localpart(localpart)
 
             # Get full user id from localpart
             user_id = self.account_handler.get_qualified_user_id(normalized_localpart)

From 640715676e77cb0f27f4a18394e71e544d33be6d Mon Sep 17 00:00:00 2001
From: "H. Shay" <hillerys@element.io>
Date: Wed, 4 May 2022 09:51:04 -0700
Subject: [PATCH 4/6] lower the localpart

---
 ldap_auth_provider.py | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

diff --git a/ldap_auth_provider.py b/ldap_auth_provider.py
index 8bfb8d3..28fea7a 100644
--- a/ldap_auth_provider.py
+++ b/ldap_auth_provider.py
@@ -23,7 +23,7 @@
 import synapse
 from pkg_resources import parse_version
 from synapse.module_api import ModuleApi
-from synapse.types import JsonDict, map_username_to_mxid_localpart
+from synapse.types import JsonDict
 from twisted.internet import threads
 
 __version__ = "0.2.0"
@@ -182,11 +182,8 @@ async def check_auth(
                 )
                 return None
 
-            # normalize localpart for use with synapse
-            normalized_localpart = map_username_to_mxid_localpart(localpart)
-
             # Get full user id from localpart
-            user_id = self.account_handler.get_qualified_user_id(normalized_localpart)
+            user_id = self.account_handler.get_qualified_user_id(localpart.lower())
 
             # check if user with user_id exists
             if await self.account_handler.check_user_exists(user_id):
@@ -226,7 +223,7 @@ async def check_auth(
                     mail = None
 
                 # Register the user
-                user_id = await self.register_user(normalized_localpart, display_name, mail)
+                user_id = await self.register_user(localpart.lower(), display_name, mail)
 
                 return user_id
 

From f2cd96cbde7daf6387b18ebf0cc26d9e582b38b4 Mon Sep 17 00:00:00 2001
From: "H. Shay" <hillerys@element.io>
Date: Wed, 4 May 2022 09:55:23 -0700
Subject: [PATCH 5/6] lint

---
 ldap_auth_provider.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/ldap_auth_provider.py b/ldap_auth_provider.py
index 28fea7a..1dac22a 100644
--- a/ldap_auth_provider.py
+++ b/ldap_auth_provider.py
@@ -223,7 +223,9 @@ async def check_auth(
                     mail = None
 
                 # Register the user
-                user_id = await self.register_user(localpart.lower(), display_name, mail)
+                user_id = await self.register_user(
+                    localpart.lower(), display_name, mail
+                )
 
                 return user_id
 

From bc87e5a443317e230082f9e61f793877d6d134ca Mon Sep 17 00:00:00 2001
From: "H. Shay" <hillerys@element.io>
Date: Fri, 6 May 2022 14:21:02 -0700
Subject: [PATCH 6/6] only call .lower() once

---
 ldap_auth_provider.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/ldap_auth_provider.py b/ldap_auth_provider.py
index 1dac22a..dcefe15 100644
--- a/ldap_auth_provider.py
+++ b/ldap_auth_provider.py
@@ -133,6 +133,8 @@ async def check_auth(
             except ActiveDirectoryUPNException:
                 return None
 
+        localpart = localpart.lower()
+
         try:
             server = self._get_server()
             logger.debug("Attempting LDAP connection with %s", self.ldap_uris)
@@ -183,7 +185,7 @@ async def check_auth(
                 return None
 
             # Get full user id from localpart
-            user_id = self.account_handler.get_qualified_user_id(localpart.lower())
+            user_id = self.account_handler.get_qualified_user_id(localpart)
 
             # check if user with user_id exists
             if await self.account_handler.check_user_exists(user_id):
@@ -223,9 +225,7 @@ async def check_auth(
                     mail = None
 
                 # Register the user
-                user_id = await self.register_user(
-                    localpart.lower(), display_name, mail
-                )
+                user_id = await self.register_user(localpart, display_name, mail)
 
                 return user_id