* Fix warnings, improve performance
`QueryResult.Items` is now a `IReadOnlyList` so we don't need to
allocate a new `Array` when we have a `List` (and `Items` shouldn't need to
be mutable anyway)
* Update Providers .csproj to latest C#
* Remove extra newline from DtoService.cs
* Remove extra newline from UserLibraryService.cs
This reverts commit c230d49d7c.
This reenables an edge case where an admin might want to reset, with
the default auth provider, the password of an externally-provided
user so they could "unlock" the account while it was failing. There
might be minor security implications to this, but the malicious
actor would need FS access to do it (as they would with any password
resets) so it's probably best to keep it as-is.
Removing this in the first place was due to a misunderstanding
anyways so no harm.
Implements the InvalidAuthProvider, which acts as a fallback if a
configured authentication provider, e.g. LDAP, is unavailable due
to a load failure or removal. Until the user or the authentication
plugin is corrected, this will cause users with the missing provider
to be locked out, while throwing errors in the logs about the issue.
Fixes#1445 part 2
Pass back the Username directive returned by an AuthenticationProvider
to the calling code, so we may override the user-provided Username
value if the authentication provider passes this back. Useful for
instance in an LDAP scenario where what the user types may not
necessarily be the "username" that is mapped in the system, e.g.
the user providing 'mail' while 'uid' is the "username" value.
Could also then be extensible to other authentication providers
as well, should they wish to do a similar thing.
Bond-009
Joshua Boniface
dkanada
DrPandemic
bugfixin
LogicalPhallacy
Phallacy
Claus Vium