deblan/php-censor
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Added ldap support as pluggable authentication provider

Browse source
This commit is contained in:
root 2016-03-14 20:46:55 +06:00 committed by Dmitry Khomutov
commit 542e7cd839
No known key found for this signature in database
GPG key ID: 7EB36C9576F9ECB9
2 changed files with 134 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

86
PHPCI/Command/RegisterLdapUserCommand.php Normal file
View file

@ -0,0 +1,86 @@
<?php
/**
* PHPCI - Continuous Integration for PHP
*
* @copyright Copyright 2014, Block 8 Limited.
* @license https://github.com/Block8/PHPCI/blob/master/LICENSE.md
* @link https://www.phptesting.org/
*/
namespace PHPCI\Command;
use PHPCI\Service\UserService;
use PHPCI\Helper\Lang;
use PHPCI\Store\UserStore;
use Symfony\Component\Console\Command\Command;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Output\OutputInterface;
/**
* Register user command - creates an user with provider (Adirelle pluggable-auth)
* @author Dmitrii Zolotov (@itherz)
* @package PHPCI
* @subpackage Console
*/
class RegisterLdapUserCommand extends Command
{
/**
* @var UserStore
*/
protected $userStore;
/**
* @param UserStore $userStore
*/
public function __construct(UserStore $userStore)
{
parent::__construct();
$this->userStore = $userStore;
}
protected function configure()
{
$this
->setName('phpci:register-ldap-user')
->setDescription(Lang::get('register_ldap_user'));
}
/**
* Creates an admin user in the existing PHPCI database
*
* {@inheritDoc}
*/
protected function execute(InputInterface $input, OutputInterface $output)
{
$userService = new UserService($this->userStore);
/** @var $dialog \Symfony\Component\Console\Helper\DialogHelper */
$dialog = $this->getHelperSet()->get('dialog');
// Function to validate mail address.
$mailValidator = function ($answer) {
if (!filter_var($answer, FILTER_VALIDATE_EMAIL)) {
throw new \InvalidArgumentException(Lang::get('must_be_valid_email'));
}
return $answer;
};
$email = $dialog->askAndValidate($output, Lang::get('enter_email'), $mailValidator, false);
$name = $dialog->ask($output, Lang::get('enter_name'));
$providerKey = "ldap";
$providerData = null;
$isAdmin = ($dialog->ask($output, Lang::get('enter_isadmin')));
$isAdmin = !empty($isAdmin);
$password = "";
try {
$userService->createUserWithProvider($name, $email, $password, $providerKey, $providerData, $isAdmin);
$output->writeln(Lang::get('user_created'));
} catch (\Exception $e) {
$output->writeln(sprintf('<error>%s</error>', Lang::get('failed_to_create')));
$output->writeln(sprintf('<error>%s</error>', $e->getMessage()));
}
}
}

48
PHPCI/Security/Authentication/UserProvider/Ldap.php Normal file
View file

@ -0,0 +1,48 @@
<?php
/**
* PHPCI - Continuous Integration for PHP
*
* @copyright Copyright 2014, Block 8 Limited.
* @license https://github.com/Block8/PHPCI/blob/master/LICENSE.md
* @link https://www.phptesting.org/
*/
namespace PHPCI\Security\Authentication\UserProvider;
use b8\Config;
use PHPCI\Model\User;
use PHPCI\Security\Authentication\LoginPasswordProvider;
/**
* Ldap user provider.
* @author Adirelle <adirelle@gmail.com>
*/
class Ldap extends AbstractProvider implements LoginPasswordProvider
{
public function verifyPassword(User $user, $password)
{
$config = Config::getInstance()->get('phpci.security.ldap', []);
$server = $config["server"];
$mailAttribute = $config["mailAttribute"];
$ldap = ldap_connect($server);
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
var_dump($mailAttribute."=".$user->getEmail());
$ls = ldap_search($ldap, $config["base"], $mailAttribute."=".$user->getEmail());
$le = ldap_get_entries($ldap, $ls);
if ($le["count"]==0) return false;
$dn = $le[0]["dn"];
return ldap_bind($ldap, $dn, $password);
}
public function checkRequirements()
{
// Always fine
}
public function provisionUser($identifier)
{
return null;
}
}