From b7964a1a01e89266a1728209452a3517e963e989 Mon Sep 17 00:00:00 2001
From: Tim van Dijen <tvdijen@gmail.com>
Date: Mon, 14 Apr 2025 18:06:07 +0200
Subject: [PATCH 1/2] Implement search-filter

---
 src/Auth/Source/X509userCert.php | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/Auth/Source/X509userCert.php b/src/Auth/Source/X509userCert.php
index ebe810f..ac12ceb 100644
--- a/src/Auth/Source/X509userCert.php
+++ b/src/Auth/Source/X509userCert.php
@@ -292,11 +292,14 @@ public function findUserByAttribute(string $attr, string $value): ?Entry
         $searchPassword = $this->ldapConfig->getOptionalString('search.password', null);
         Assert::nullOrNotWhitespaceOnly($searchPassword);
 
+        $searchFilter = $this->ldapConfig->getOptionalString('search.filter', '({uid_key}={user_identifier})');
+        Assert::nullOrnotWhitespaceOnly($searchFilter);
+
         $ldap = ConnectorFactory::fromAuthSource($this->backend);
         $connection = new Ldap($ldap->getAdapter());
 
         foreach ($searchBase as $base) {
-            $ldapUserProvider = new LdapUserProvider($connection, $base, $searchUsername, $searchPassword, [], $attr);
+            $ldapUserProvider = new LdapUserProvider($connection, $base, $searchUsername, $searchPassword, [], $attr, $searchFilter);
             try {
                 return $ldapUserProvider->loadUserByIdentifier($value)->getEntry();
             } catch (UserNotFoundException $e) {

From dd1f713356aa4d60c75e4dd0e643457f37f174ef Mon Sep 17 00:00:00 2001
From: Tim van Dijen <tvdijen@gmail.com>
Date: Mon, 7 Jul 2025 22:45:33 +0200
Subject: [PATCH 2/2] Fix typo

---
 src/Auth/Source/X509userCert.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Auth/Source/X509userCert.php b/src/Auth/Source/X509userCert.php
index ac12ceb..a10e78e 100644
--- a/src/Auth/Source/X509userCert.php
+++ b/src/Auth/Source/X509userCert.php
@@ -293,7 +293,7 @@ public function findUserByAttribute(string $attr, string $value): ?Entry
         Assert::nullOrNotWhitespaceOnly($searchPassword);
 
         $searchFilter = $this->ldapConfig->getOptionalString('search.filter', '({uid_key}={user_identifier})');
-        Assert::nullOrnotWhitespaceOnly($searchFilter);
+        Assert::nullOrNotWhitespaceOnly($searchFilter);
 
         $ldap = ConnectorFactory::fromAuthSource($this->backend);
         $connection = new Ldap($ldap->getAdapter());