diff --git a/lib/AutodiscoverMicrosoft.php b/lib/AutodiscoverMicrosoft.php --- a/lib/AutodiscoverMicrosoft.php +++ b/lib/AutodiscoverMicrosoft.php @@ -42,13 +42,6 @@ { $post = $_SERVER['REQUEST_METHOD'] == 'POST' ? file_get_contents('php://input') : null; - // check for basic authentication - Log::debug('Request [microsoft]: Basic Auth Username: ' . ($_SERVER['PHP_AUTH_USER'] ?: 'none')); - if (empty($_SERVER['PHP_AUTH_USER']) || empty($_SERVER['PHP_AUTH_PW'])) { - $this->unauthorized(); - } - $this->password = $_SERVER['PHP_AUTH_PW']; - // check for request object Log::debug('Request [microsoft]: ' . $post); if (empty($post)) { @@ -82,9 +75,19 @@ $this->error("Invalid input"); } - // basic auth username must match with given email address - if ($_SERVER['PHP_AUTH_USER'] != $this->email) { - $this->unauthorized(); + // check for basic authentication if ldap is available + if (!empty($this->_ldap_server)) { + Log::debug('Request [microsoft]: Basic Auth Username: ' . ($_SERVER['PHP_AUTH_USER'] ?: 'none')); + if (empty($_SERVER['PHP_AUTH_USER']) || empty($_SERVER['PHP_AUTH_PW'])) { + $this->unauthorized(); + } + + // basic auth username must match with given email address + if ($_SERVER['PHP_AUTH_USER'] != $this->email) { + $this->unauthorized(); + } + + $this->password = $_SERVER['PHP_AUTH_PW']; } } @@ -93,9 +96,11 @@ */ public function handle_response() { - // authenticate the user found during configure() against ldap - if (empty($this->config['dn']) || !$this->authenticate($this->config['dn'], $this->password)) { - $this->unauthorized(); + if (!empty($this->_ldap_server)) { + // authenticate the user found during configure() against ldap + if (empty($this->config['dn']) || !$this->authenticate($this->config['dn'], $this->password)) { + $this->unauthorized(); + } } $method = $this->type . '_response';