symfony
diff --git a/‎src/Symfony/Component/Security/Core/Tests/User/LdapUserProviderTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/Tests/User/LdapUserProviderTest.php
+47-5Lines changed: 47 additions & 5 deletions b/‎src/Symfony/Component/Security/Core/Tests/User/LdapUserProviderTest.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/Tests/User/LdapUserProviderTest.php
+47-5Lines changed: 47 additions & 5 deletions
diff --git a/‎src/Symfony/Component/Security/Core/User/LdapUserProvider.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/User/LdapUserProvider.php
+19-12Lines changed: 19 additions & 12 deletions b/‎src/Symfony/Component/Security/Core/User/LdapUserProvider.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Security/Core/User/LdapUserProvider.php
+19-12Lines changed: 19 additions & 12 deletions
@@ -119,7 +119,7 @@ public function testLoadUserByUsernameFailsIfMoreThanOneLdapPasswordsInEntry()
         ;
         $ldap = $this->getMockBuilder(LdapInterface::class)->getMock();
         $result
-            ->expects($this->exactly(2))
+            ->expects($this->once())
             ->method('offsetGet')
             ->with(0)
             ->will($this->returnValue(new Entry('foo', array(
@@ -151,6 +151,48 @@ public function testLoadUserByUsernameFailsIfMoreThanOneLdapPasswordsInEntry()
         );
     }
 
+    /**
+     * @expectedException \Symfony\Component\Security\Core\Exception\InvalidArgumentException
+     */
+    public function testLoadUserByUsernameFailsIfEntryHasNoUidKeyAttribute()
+    {
+        $result = $this->getMock(CollectionInterface::class);
+        $query = $this->getMock(QueryInterface::class);
+        $query
+            ->expects($this->once())
+            ->method('execute')
+            ->will($this->returnValue($result))
+        ;
+        $ldap = $this->getMock(LdapInterface::class);
+        $result
+            ->expects($this->once())
+            ->method('offsetGet')
+            ->with(0)
+            ->will($this->returnValue(new Entry('foo', array())))
+        ;
+        $result
+            ->expects($this->once())
+            ->method('count')
+            ->will($this->returnValue(1))
+        ;
+        $ldap
+            ->expects($this->once())
+            ->method('escape')
+            ->will($this->returnValue('foo'))
+        ;
+        $ldap
+            ->expects($this->once())
+            ->method('query')
+            ->will($this->returnValue($query))
+        ;
+
+        $provider = new LdapUserProvider($ldap, 'ou=MyBusiness,dc=symfony,dc=com', null, null, array(), 'sAMAccountName', '({uid_key}={username})');
+        $this->assertInstanceOf(
+            'Symfony\Component\Security\Core\User\User',
+            $provider->loadUserByUsername('foo')
+        );
+    }
+
     /**
      * @expectedException \Symfony\Component\Security\Core\Exception\InvalidArgumentException
      */
@@ -165,7 +207,7 @@ public function testLoadUserByUsernameFailsIfEntryHasNoPasswordAttribute()
         ;
         $ldap = $this->getMockBuilder(LdapInterface::class)->getMock();
         $result
-            ->expects($this->exactly(2))
+            ->expects($this->once())
             ->method('offsetGet')
             ->with(0)
             ->will($this->returnValue(new Entry('foo', array(
@@ -207,7 +249,7 @@ public function testLoadUserByUsernameIsSuccessfulWithoutPasswordAttribute()
         ;
         $ldap = $this->getMockBuilder(LdapInterface::class)->getMock();
         $result
-            ->expects($this->exactly(2))
+            ->expects($this->once())
             ->method('offsetGet')
             ->with(0)
             ->will($this->returnValue(new Entry('foo', array(
@@ -249,7 +291,7 @@ public function testLoadUserByUsernameIsSuccessfulWithoutPasswordAttributeAndWro
         ;
         $ldap = $this->getMockBuilder(LdapInterface::class)->getMock();
         $result
-            ->expects($this->exactly(2))
+            ->expects($this->once())
             ->method('offsetGet')
             ->with(0)
             ->will($this->returnValue(new Entry('foo', array(
@@ -288,7 +330,7 @@ public function testLoadUserByUsernameIsSuccessfulWithPasswordAttribute()
         ;
         $ldap = $this->getMock(LdapInterface::class);
         $result
-            ->expects($this->exactly(2))
+            ->expects($this->once())
             ->method('offsetGet')
             ->with(0)
             ->will($this->returnValue(new Entry('foo', array(
 
@@ -47,6 +47,10 @@ class LdapUserProvider implements UserProviderInterface
      */
     public function __construct(LdapInterface $ldap, $baseDn, $searchDn = null, $searchPassword = null, array $defaultRoles = array(), $uidKey = 'sAMAccountName', $filter = '({uid_key}={username})', $passwordAttribute = null)
     {
+        if (null === $uidKey) {
+            $uidKey = 'uid';
+        }
+
         $this->ldap = $ldap;
         $this->baseDn = $baseDn;
         $this->searchDn = $searchDn;
@@ -82,7 +86,10 @@ public function loadUserByUsername($username)
             throw new UsernameNotFoundException('More than one user found');
         }
 
-        return $this->loadUser($entries[0]->getAttribute($this->uidKey)[0], $entries[0]);
+        $entry = $entries[0];
+        $username = $this->getAttributeValue($entry, $this->uidKey);
+
+        return $this->loadUser($username, $entry);
     }
 
     /**
@@ -115,30 +122,30 @@ public function supportsClass($class)
      */
     protected function loadUser($username, Entry $entry)
     {
-        $password = $this->getPassword($entry);
+        $password = null;
+        if (null !== $this->passwordAttribute) {
+            $password = $this->getAttributeValue($entry, $this->passwordAttribute);
+        }
 
         return new User($username, $password, $this->defaultRoles);
     }
 
     /**
-     * Fetches the password from an LDAP entry.
+     * Fetches a required unique attribute value from an LDAP entry.
      *
      * @param null|Entry $entry
+     * @param string     $attribute
      */
-    private function getPassword(Entry $entry)
+    private function getAttributeValue(Entry $entry, $attribute)
     {
-        if (null === $this->passwordAttribute) {
-            return;
-        }
-
-        if (!$entry->hasAttribute($this->passwordAttribute)) {
-            throw new InvalidArgumentException(sprintf('Missing attribute "%s" for user "%s".', $this->passwordAttribute, $entry->getDn()));
+        if (!$entry->hasAttribute($attribute)) {
+            throw new InvalidArgumentException(sprintf('Missing attribute "%s" for user "%s".', $attribute, $entry->getDn()));
         }
 
-        $values = $entry->getAttribute($this->passwordAttribute);
+        $values = $entry->getAttribute($attribute);
 
         if (1 !== count($values)) {
-            throw new InvalidArgumentException(sprintf('Attribute "%s" has multiple values.', $this->passwordAttribute));
+            throw new InvalidArgumentException(sprintf('Attribute "%s" has multiple values.', $attribute));
         }
 
         return $values[0];