From fcfff9748ccfa0076bf5029de78a1236eb190ca1 Mon Sep 17 00:00:00 2001 From: James Elliott Date: Wed, 16 Jun 2021 12:50:14 +1000 Subject: [PATCH] feat(handlers): synology password complexity err on reset (#2083) This responds to the client with the correct error when used with Synology LDAP servers. --- internal/handlers/const.go | 9 +++++++-- internal/handlers/handler_reset_password_step2.go | 5 ++--- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/internal/handlers/const.go b/internal/handlers/const.go index 5a076b1b..2d53febf 100644 --- a/internal/handlers/const.go +++ b/internal/handlers/const.go @@ -44,8 +44,13 @@ const mfaValidationFailedMessage = "Authentication failed, please retry later." const ldapPasswordComplexityCode = "0000052D." -var ldapPasswordComplexityCodes = []string{"0000052D"} -var ldapPasswordComplexityErrors = []string{"LDAP Result Code 19 \"Constraint Violation\": Password fails quality checking policy"} +var ldapPasswordComplexityCodes = []string{ + "0000052D", "SynoNumber", "SynoMixedCase", "SynoExcludeNameDesc", "SynoSpecialChar", +} +var ldapPasswordComplexityErrors = []string{ + "LDAP Result Code 19 \"Constraint Violation\": Password fails quality checking policy", + "LDAP Result Code 19 \"Constraint Violation\": Password is too young to change", +} const testInactivity = "10" const testRedirectionURL = "http://redirection.local" diff --git a/internal/handlers/handler_reset_password_step2.go b/internal/handlers/handler_reset_password_step2.go index 93d7dc38..6c9df059 100644 --- a/internal/handlers/handler_reset_password_step2.go +++ b/internal/handlers/handler_reset_password_step2.go @@ -31,9 +31,8 @@ func ResetPasswordPost(ctx *middlewares.AutheliaCtx) { if err != nil { switch { - case utils.IsStringInSliceContains(err.Error(), ldapPasswordComplexityCodes): - ctx.Error(fmt.Errorf("%s", err), ldapPasswordComplexityCode) - case utils.IsStringInSliceContains(err.Error(), ldapPasswordComplexityErrors): + case utils.IsStringInSliceContains(err.Error(), ldapPasswordComplexityCodes), + utils.IsStringInSliceContains(err.Error(), ldapPasswordComplexityErrors): ctx.Error(fmt.Errorf("%s", err), ldapPasswordComplexityCode) default: ctx.Error(fmt.Errorf("%s", err), unableToResetPasswordMessage)