Superuser access reauthentication is broken for LDAP authenticated users

[hostalp]

Note: This issue was originally open in the Sentry repository https://github.com/getsentry/self-hosted/issues/1955 but I was instructed to open it here instead.

Steps to Reproduce

1. Configure LDAP (Active Directory) authentication with the help of https://github.com/PMExtra/sentry-auth-ldap (according to the description provided there).
2. Login as LDAP authenticated user with Admin and Superuser special privileges assigned.
3. Go to Admin > Settings and let the page open without any further activity for approx. 10 minutes.
4. After approx. 10 minutes, perform any action that requires the Superuser authorization, such as open Admin > Users.
5. The Superuser authorization has expired at this point and you will be requested to reauthenticate ("You are attempting to access a resource that requires superuser access, please re-authenticate as a superuser."). Perform the reauthentication.
6. The reauthentication will always fail for LDAP users. You will be repeatedly asked to reauthenticate even though the entered password is correct.

Note: The reauthentication works correctly for local users.

Expected Result

The Superuser reauthentication should work for LDAP users.

Actual Result

WIth the LDAP module debug logging enabled all the time we can see that during the reauthentication attempt there's no LDAP activity logged at all - e.g. it looks like the whole reauthentication isn't performed via LDAP so it may fail somewhere in Sentry. However logs don't reveal much.

sentry-self-hosted-web-1 (with debug LDAP module logging enabled and working)

01:37:03 [INFO] sentry.superuser: superuser.session-expired (ip_address='10.10.12.1' user_id=3)
01:37:03 [INFO] sentry.access.api: api.access (method='GET' view='sentry.api.endpoints.user_index.UserIndexEndpoint' response=403 user_id='3' is_app='None' token_type='None' is_frontend_request='True' organization_id='None' auth_id='None' path='/api/0/users/' caller_ip='10.10.12.1' user_agent='Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/109.0' rate_limited='False' rate_limit_category='None' request_duration_seconds=0.0754690170288086 rate_limit_type='DNE' concurrent_limit='None' concurrent_requests='None' reset_time='None' group='None' limit='None' remaining='None')
01:37:03 [WARNING] django.request: Forbidden: /api/0/users/ (status_code=403 request=<WSGIRequest: GET '/api/0/users/?per_page=50&sortBy=date'>)
01:37:03 [INFO] sentry.access.api: api.access (method='GET' view='sentry.api.endpoints.authenticator_index.AuthenticatorIndexEndpoint' response=200 user_id='3' is_app='None' token_type='None' is_frontend_request='True' organization_id='None' auth_id='None' path='/api/0/authenticators/' caller_ip='10.10.12.1' user_agent='Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/109.0' rate_limited='False' rate_limit_category='None' request_duration_seconds=0.0164639949798584 rate_limit_type='DNE' concurrent_limit='None' concurrent_requests='None' reset_time='None' group='None' limit='None' remaining='None')
01:37:16 [INFO] sentry.access.api: api.access (method='PUT' view='sentry.api.endpoints.auth_index.AuthIndexEndpoint' response=403 user_id='3' is_app='None' token_type='None' is_frontend_request='True' organization_id='None' auth_id='None' path='/api/0/auth/' caller_ip='10.10.12.1' user_agent='Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/109.0' rate_limited='False' rate_limit_category='None' request_duration_seconds=0.01912689208984375 rate_limit_type='DNE' concurrent_limit='None' concurrent_requests='None' reset_time='None' group='None' limit='None' remaining='None')
01:37:16 [WARNING] django.request: Forbidden: /api/0/auth/ (status_code=403 request=<WSGIRequest: PUT '/api/0/auth/'>)

sentry-self-hosted-nginx-1

192.168.0.1 - - [04/Feb/2023:01:37:03 +0000] "GET /api/0/users/?per_page=50&sortBy=date HTTP/1.1" 403 106 "https://sentry.local.net/manage/users/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/109.0" "10.10.12.1"
192.168.0.1 - - [04/Feb/2023:01:37:03 +0000] "GET /_static/dist/sentry/chunks/vendors-node_modules_core-js_modules_es_typed-array_at_js-node_modules_core-js_modules_es_typ-06a003.5636c0cbbfd554229dab.js HTTP/1.1" 200 3373 "https://sentry.local.net/manage/users/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/109.0" "10.10.12.1"
192.168.0.1 - - [04/Feb/2023:01:37:03 +0000] "GET /_static/dist/sentry/chunks/app_components_modals_sudoModal_tsx.046324a25b268bcddd29.js HTTP/1.1" 200 5411 "https://sentry.local.net/manage/users/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/109.0" "10.10.12.1"
192.168.0.1 - - [04/Feb/2023:01:37:03 +0000] "GET /_static/dist/sentry/chunks/vendors-node_modules_cbor-web_dist_cbor_js-node_modules_core-js_modules_web_dom-exception_stack_js.ce1fadf94d1d59de2a16.js HTTP/1.1" 200 34309 "https://sentry.local.net/manage/users/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/109.0" "10.10.12.1"
192.168.0.1 - - [04/Feb/2023:01:37:03 +0000] "GET /api/0/authenticators/ HTTP/1.1" 200 2 "https://sentry.local.net/manage/users/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/109.0" "10.10.12.1"
192.168.0.1 - - [04/Feb/2023:01:37:16 +0000] "PUT /api/0/auth/ HTTP/1.1" 403 28 "https://sentry.local.net/manage/users/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/109.0" "10.10.12.1"

Sentry 23.1.1 sentry-auth-ldap 21.9.6