Page Menu
Home
c4science
Search
Configure Global Search
Log In
Files
F93085532
PhabricatorLDAPProvider.php
No One
Temporary
Actions
Download File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Tue, Nov 26, 02:41
Size
4 KB
Mime Type
text/x-php
Expires
Thu, Nov 28, 02:41 (1 d, 21 h)
Engine
blob
Format
Raw Data
Handle
22564447
Attached To
rPH Phabricator
PhabricatorLDAPProvider.php
View Options
<?php
/*
* Copyright 2012 Facebook, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
final
class
PhabricatorLDAPProvider
{
private
$userData
;
private
$connection
;
public
function
__construct
()
{
}
public
function
__destruct
()
{
if
(
isset
(
$this
->
connection
))
{
ldap_unbind
(
$this
->
connection
);
}
}
public
function
isProviderEnabled
()
{
return
PhabricatorEnv
::
getEnvConfig
(
'ldap.auth-enabled'
);
}
public
function
getHostname
()
{
return
PhabricatorEnv
::
getEnvConfig
(
'ldap.hostname'
);
}
public
function
getBaseDN
()
{
return
PhabricatorEnv
::
getEnvConfig
(
'ldap.base_dn'
);
}
public
function
getSearchAttribute
()
{
return
PhabricatorEnv
::
getEnvConfig
(
'ldap.search_attribute'
);
}
public
function
getLDAPVersion
()
{
return
PhabricatorEnv
::
getEnvConfig
(
'ldap.version'
);
}
public
function
retrieveUserEmail
()
{
return
$this
->
userData
[
'mail'
][
0
];
}
public
function
retrieveUserRealName
()
{
return
$this
->
retrieveUserRealNameFromData
(
$this
->
userData
);
}
public
function
retrieveUserRealNameFromData
(
$data
)
{
$name_attributes
=
PhabricatorEnv
::
getEnvConfig
(
'ldap.real_name_attributes'
);
$real_name
=
''
;
if
(
is_array
(
$name_attributes
))
{
foreach
(
$name_attributes
AS
$attribute
)
{
if
(
isset
(
$data
[
$attribute
][
0
]))
{
$real_name
.=
$data
[
$attribute
][
0
]
.
' '
;
}
}
trim
(
$real_name
);
}
else
if
(
isset
(
$data
[
$name_attributes
][
0
]))
{
$real_name
=
$data
[
$name_attributes
][
0
];
}
if
(
$real_name
==
''
)
{
return
null
;
}
return
$real_name
;
}
public
function
retrieveUsername
()
{
return
$this
->
userData
[
$this
->
getSearchAttribute
()][
0
];
}
public
function
getConnection
()
{
if
(!
isset
(
$this
->
connection
))
{
$this
->
connection
=
ldap_connect
(
$this
->
getHostname
());
if
(!
$this
->
connection
)
{
throw
new
Exception
(
'Could not connect to LDAP host at '
.
$this
->
getHostname
());
}
ldap_set_option
(
$this
->
connection
,
LDAP_OPT_PROTOCOL_VERSION
,
$this
->
getLDAPVersion
());
}
return
$this
->
connection
;
}
public
function
getUserData
()
{
return
$this
->
userData
;
}
public
function
auth
(
$username
,
$password
)
{
if
(
strlen
(
trim
(
$username
))
==
0
||
strlen
(
trim
(
$password
))
==
0
)
{
throw
new
Exception
(
'Username and/or password can not be empty'
);
}
$result
=
ldap_bind
(
$this
->
getConnection
(),
$this
->
getSearchAttribute
()
.
'='
.
$username
.
','
.
$this
->
getBaseDN
(),
$password
);
if
(!
$result
)
{
throw
new
Exception
(
'Bad username/password.'
);
}
$this
->
userData
=
$this
->
getUser
(
$username
);
return
$this
->
userData
;
}
private
function
getUser
(
$username
)
{
$result
=
ldap_search
(
$this
->
getConnection
(),
$this
->
getBaseDN
(),
$this
->
getSearchAttribute
()
.
'='
.
$username
);
if
(!
$result
)
{
throw
new
Exception
(
'Search failed. Please check your LDAP and HTTP '
.
'logs for more information.'
);
}
$entries
=
ldap_get_entries
(
$this
->
getConnection
(),
$result
);
if
(
$entries
===
false
)
{
throw
new
Exception
(
'Could not get entries'
);
}
if
(
$entries
[
'count'
]
>
1
)
{
throw
new
Exception
(
'Found more then one user with this '
.
$this
->
getSearchAttribute
());
}
if
(
$entries
[
'count'
]
==
0
)
{
throw
new
Exception
(
'Could not find user'
);
}
return
$entries
[
0
];
}
public
function
search
(
$query
)
{
$result
=
ldap_search
(
$this
->
getConnection
(),
$this
->
getBaseDN
(),
$query
);
if
(!
$result
)
{
throw
new
Exception
(
'Search failed. Please check your LDAP and HTTP '
.
'logs for more information.'
);
}
$entries
=
ldap_get_entries
(
$this
->
getConnection
(),
$result
);
if
(
$entries
===
false
)
{
throw
new
Exception
(
'Could not get entries'
);
}
if
(
$entries
[
'count'
]
==
0
)
{
throw
new
Exception
(
'No results found'
);
}
$rows
=
array
();
for
(
$i
=
0
;
$i
<
$entries
[
'count'
];
$i
++)
{
$row
=
array
();
$entry
=
$entries
[
$i
];
// Get username, email and realname
$username
=
$entry
[
$this
->
getSearchAttribute
()][
0
];
if
(
empty
(
$username
))
{
continue
;
}
$row
[]
=
$username
;
$row
[]
=
$entry
[
'mail'
][
0
];
$row
[]
=
$this
->
retrieveUserRealNameFromData
(
$entry
);
$rows
[]
=
$row
;
}
return
$rows
;
}
}
Event Timeline
Log In to Comment