New Field Request: Ability to set Profile Pic with LDAP #4144
Description
It would be neat to be able to set profile picture with LDAP. I suppose this would be best implemented as a URL, but I know there are multiple ways of implementing images in ldap.
Metadata
Metadata
Assignees
Labels
Type
Projects
Milestone
Relationships
Participants
Activity
tcs-ulli commentedon Nov 21, 2018
gogs can this maybe its easy to copy that feature ?
lunny commentedon Nov 21, 2018
@tcs-ulli could you point where is the code base?
mq2035 commentedon Mar 14, 2019
In openldap attribute name is jpegPhoto (from inetOrgPerson), it is binary and it is stored in LDAP.
working code example (in java)
https://github.com/xwiki-contrib/ldap/tree/master/ldap-authenticator
dl5rcw commentedon Jan 18, 2020
Using fusiondirectory, the jpegPhoto as mentioned by @mq2035 really makes sense. It should be updated like the other entries to pull changes from ldap.
helmut72 commentedon Feb 12, 2020
Yes, would be good, as I have stored jpegPhoto in my Samba4/LDAP server. Many Applications use the photo from LDAP server, which makes sense.
lafriks commentedon Feb 12, 2020
Only problem could be with sync, how to check and download images only if they have been changed to not download all user images on every sync
benyanke commentedon Feb 13, 2020
That would be an additional piece needed. Most apps I've seen do it on individual login, and then refetch on an administrator's cache clear, or when a scheduled job runs. Ideally it's something you could cache a day or two, since pictures don't change often, especially if you're updating on the login event.
helmut72 commentedon Feb 19, 2020
Let the user decide in his settings.
lafriks commentedon Feb 19, 2020
I was just thinking if there is more optimal way to check if image has changed
helmut72 commentedon Sep 1, 2020
It would be a good start if there is just a
sync every x day/hoursetting with 0 to disable. Then it's the administrators choice. Better than no ldap photo sync.nedvedad commentedon Feb 10, 2021
Or check/download avatar on each user login.
SonGokussj4 commentedon Aug 26, 2021
Any progress with this? I just got LDAP to work after days of fighting with it but no pictures sadly.
12 remaining items
SonGokussj4 commentedon Sep 7, 2021
Docker inspect gitea/gitea:1.16.0-dev, it will give me {"Config": {"Cmd": null, ...}, ...}
When I googled the problem it gave me "you have no Cmd in dockerfile".
Edit: after inspecting original 1.15 image, it is way too different. So my thoughts are it was not built correctly.
zeripath commentedon Sep 8, 2021
It'll be the way it was exported. Clearly
docker exportdid not work and is not the correct thing to do. I'm not certain how to make that work properly.I have pushed up an xz compressed binary to https://www.eldritchkitty.com/~andrew/gitea-v1.16.0-dev-219-g4b6e023a1-pr-16851-linux-amd64.xzwhich once decompressed you can use to replace the /app/gitea/gitea binary within a working docker.SonGokussj4 commentedon Sep 8, 2021
Thanks. I copied it to a running container and there is a new field "Avatar Attribute" and entered "thumbnailPhoto"
My
ldapsearch -x -W -D xxxshows:Admin --> Monitoring --> Synchronize external user dataUser Profile --> Avatar --> Look Up Avatar by Email AddresstoUse Custom Avatarand backStill the random avatar. What should I do so that it will pull it out from LDAP?
https://i.imgur.com/zA2LxYh.png
zeripath commentedon Sep 8, 2021
hmm... the avatar was only being updated if something else was updated on the user - I've changed that.
The other question is whether your ldap is giving us the data as []byte or as a base64 encoded string. If it's the latter then it's not currently handling that.
https://www.eldritchkitty.com/~andrew/gitea-v1.16.0-dev-225-g929885e0c-pr-16851-linux-amd64.xzSonGokussj4 commentedon Sep 8, 2021
If I enter my
thumbnailPhotointo https://codebeautify.org/base64-to-image-converter, it gives me my picture. So I think (and I can't change that) it's base64.zeripath commentedon Sep 10, 2021
@SonGokussj4 did you try the update above?
SonGokussj4 commentedon Sep 13, 2021
Hi. No I didn't. We use base64 for image and you wrote it doesn't handle the base64 so I didn't even try.
zeripath commentedon Sep 13, 2021
I don't think you can assume that you're using base64 from that output. If you look at your output above:
There is a double
:after the field's name. That could imply that the object is stored as []byte but it's being rendered as base64. My code explicitly asks for the bytes. Now you were previously expecting synchronization to occur - it wasn't because of an oversight - but it does happen now. So it would be helpful to know if my interpretation above is correct or if I have to read the data and detect it's base64 and then do a conversion.Because if I have to convert for you - it is very likely that there will have to be conversions for others.
If I don't then that's fine and I can save 200 lines of code messing around with dealing with this issue.
SonGokussj4 commentedon Sep 13, 2021
That makes sense. Thanks for the explanation.
I'll try that right away.
SonGokussj4 commentedon Sep 14, 2021
So I updated the file, restarted gitea
docker-compose restart, enteredthumbnailPhoto, then tried log-out, log-in, synchronize data, nothing.Then I downed docker
docker-compose downand started it againdocker-compose up -d, logs show me this:Edit:
Ignore the above. I repeated the copying (I forgot that when I
d-c downmy container, it will replace all default files...)I filled the
Avatar Attributefield but nothing happens.Interesting enough, I couldn't log back in.
The log was:
Not sure what's happening.
zeripath commentedon Sep 15, 2021
OK I think I've got it working completely now! (Discovered our test ldap actually had jpegPhoto attributes already so was able to use that.) I wasn't actually passing the attribute to the LDAP request.
https://www.eldritchkitty.com/~andrew/gitea-v1.16.0-dev-262-g5f7352645-pr-16851-linux-amd64.xz
SonGokussj4 commentedon Sep 20, 2021
Hi, sorry for the delay, I wasn't at work till now. And...
It WORKS!!
I had to do
Monitoring -> Synchronize external user databut I think the newly added user should have his picture there. Will through today.Edit: New user logged in and his picture was automatically applied. So nice!
If this could be a functional PR and have it in the next version, that would be awesome.
Allow LDAP Sources to provide Avatars (#16851)