Fixed #15926 : wrong LDAP service account login behavior

[shkuviak]

Description

Currently, credentials used to bind to LDAP server are the one entered in login form, (username = uid).
Bind fails because users cannot directly bind to ldap using their uid. They must use DN to bind.

Instead of trying to bind to ldap server with users credentials, a search should be made using bind_user service account and user_filter to find the user.
Then, we should save the user DN and try to bind to the LDAP using DN

Fixes #15926

Type of change

Please delete options that are not relevant.

• Bug fix (non-breaking change which fixes an issue)

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration

• Create an openldap server

• Create an user witch a uid field (user can only bind to ldap using DN.

• Configure user login with uid.

• Snipe-it can sync users and authentication works

Test Configuration: dev docker compose build

• PHP version: 8.2.26
• MySQL version: mariadb:11.5.2
• Webserver version:
• OS version: alpine:3.19

Checklist:

• I have read the Contributing documentation available here: https://snipe-it.readme.io/docs/contributing-overview
• I have formatted this PR according to the project guidelines: https://snipe-it.readme.io/docs/contributing-overview#pull-request-guidelines
• My code follows the style guidelines of this project
• I have performed a self-review of my own code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes

[welcome]

💖 Thanks for this pull request! 💖

We use semantic commit messages to streamline the release process and easily generate changelogs between versions. Before your pull request can be merged, you should update your pull request title to start with a semantic prefix if it doesn't have one already.

Examples of commit messages with semantic prefixes:

• Fixed #<issue number>: don't overwrite prevent_default if default wasn't prevented
• Added #<issue number>: add checkout functionality to assets
• Improved Asset Checkout: use new notification method for checkout

Things that will help get your PR across the finish line:

• Document any user-facing changes you've made.
• Include tests when adding/changing behavior.
• Include screenshots and animated GIFs whenever possible.

We get a lot of pull requests on this repo, so please be patient and we will get back to you as soon as we can.

[what-the-diff]

PR Summary

• Refinements to User Identity Assignment
  The earlier approach to assigning $userDn used a complex string format. These changes simplify this process by initially setting $userDn to null.

• Simplified User-LDAP Binding Process
  Previous comments and code related to the intricate process of binding users to LDAP have been removed to streamline the codebase.

• Switched to a Custom LDAP User Search
  Instead of the previous ldap_search() method for finding LDAP users, the PR introduces a call to self::findLdapUsers(), which is aimed to find users more efficiently.

• Added Checks in User Authentication
  We've supplemented the functionality to conduct checks ensuring that precisely one user is found and the username coincides perfectly with the supplied one. This will ensure the accuracy of the user identity in our system.

• Enhanced User-LDAP Binding Using 'dn'
  The PR modifies the LDAP binding process. Now, if $userDn is null, the program uses the dn from the located user, unlike the prior approach where a complex string was built. This change entails a more straightforward and reliable method for binding users to LDAP.