Normalize values, reusing DN normalization code

I first attempted to extract logic from the code that normalizes DNs, but I was unsuccessful. This is a hack but it works.

2 files changed, 8 insertions, 33 deletions

diff --git a/lib/gitlab/ldap/dn.rb b/lib/gitlab/ldap/dn.rb
index 751219b7334..87a7f1c6bc0 100644
--- a/lib/gitlab/ldap/dn.rb
+++ b/lib/gitlab/ldap/dn.rb
@@ -25,6 +25,12 @@ module Gitlab
     UnsupportedDnFormatError = Class.new(StandardError)
 
     class DN
+      def self.normalize_value(given_value)
+        dummy_dn = "placeholder=#{given_value}"
+        normalized_dn = new(*dummy_dn).to_normalized_s
+        normalized_dn.sub(/\Aplaceholder=/, '')
+      end
+
       ##
       # Initialize a DN, escaping as required. Pass in attributes in name/value
       # pairs. If there is a left over argument, it will be appended to the dn
diff --git a/lib/gitlab/ldap/person.rb b/lib/gitlab/ldap/person.rb
index af8aab2444b..e91e3a176e6 100644
--- a/lib/gitlab/ldap/person.rb
+++ b/lib/gitlab/ldap/person.rb
@@ -41,8 +41,8 @@ module Gitlab
       # 1. Excess spaces are stripped
       # 2. The string is downcased (for case-insensitivity)
       def self.normalize_uid(uid)
-        normalize_dn_part(uid)
-      rescue StandardError => e
+        ::Gitlab::LDAP::DN.normalize_value(uid)
+      rescue ::Gitlab::LDAP::MalformedDnError, ::Gitlab::LDAP::UnsupportedDnFormatError => e
         Rails.logger.info("Returning original UID \"#{uid}\" due to error during normalization attempt: #{e.message}")
         Rails.logger.info(e.backtrace.join("\n"))
 
@@ -77,37 +77,6 @@ module Gitlab
 
       private
 
-      def self.normalize_dn_part(part)
-        cleaned = part.strip.downcase
-
-        if cleaned.ends_with?('\\')
-          # If it ends with an escape character that is not followed by a
-          # character to be escaped, then this part may be malformed. But let's
-          # not worry too much about it, and just return it unmodified.
-          #
-          # Why? Because the reason we clean DNs is to make our simplistic
-          # string comparisons work better, even though there are all kinds of
-          # ways that equivalent DNs can vary as strings. If we run into a
-          # strange DN, we should just try to work with it.
-          #
-          # See https://www.ldap.com/ldap-dns-and-rdns for more.
-          return part unless part.ends_with?(' ')
-
-          # Ends with an escaped space (which is valid).
-          cleaned = cleaned + ' '
-        end
-
-        # Get rid of blanks. This can happen if a split character is followed by
-        # whitespace and then another split character.
-        #
-        # E.g. this DN: 'uid=john+telephoneNumber= +1 555-555-5555'
-        #
-        # Should be returned as: 'uid=john+telephoneNumber=+1 555-555-5555'
-        cleaned = '' if cleaned.blank?
-
-        cleaned
-      end
-
       def entry
         @entry
       end