Fixes for auth
This commit is contained in:
parent
f42bb7a4d2
commit
cda4c2e063
|
@ -34,7 +34,7 @@ class Service
|
|||
if (self::$instance === null) {
|
||||
$config = Config::getInstance()->get(
|
||||
'phpci.security.authentication',
|
||||
array('internal' => 'internal')
|
||||
['internal' => ['type' => 'internal']]
|
||||
);
|
||||
|
||||
$providers = [];
|
||||
|
@ -54,17 +54,9 @@ class Service
|
|||
*/
|
||||
public static function buildProvider($key, $config)
|
||||
{
|
||||
if (is_string($config)) {
|
||||
$config = array('type' => $config);
|
||||
}
|
||||
|
||||
$type = $config['type'];
|
||||
if (class_exists($type)) {
|
||||
$class = $type;
|
||||
} elseif (class_exists('PHPCI\\Security\\Authentication\\UserProvider\\' . $type)) {
|
||||
$class = 'PHPCI\\Security\\Authentication\\UserProvider\\' . $type;
|
||||
} else {
|
||||
// TODO: error
|
||||
$class = ucfirst($config['type']);
|
||||
if (class_exists('\\PHPCI\\Security\\Authentication\\UserProvider\\' . $class)) {
|
||||
$class = '\\PHPCI\\Security\\Authentication\\UserProvider\\' . $class;
|
||||
}
|
||||
|
||||
return new $class($key, $config);
|
||||
|
|
|
@ -18,6 +18,7 @@ use Symfony\Component\Console\Output\OutputInterface;
|
|||
|
||||
/**
|
||||
* Register user command - creates an user with provider (Adirelle pluggable-auth)
|
||||
*
|
||||
* @author Dmitrii Zolotov (@itherz)
|
||||
* @package PHPCI
|
||||
* @subpackage Console
|
||||
|
@ -67,16 +68,16 @@ class RegisterLdapUserCommand extends Command
|
|||
return $answer;
|
||||
};
|
||||
|
||||
$email = $dialog->askAndValidate($output, Lang::get('enter_email'), $mailValidator, false);
|
||||
$name = $dialog->ask($output, Lang::get('enter_name'));
|
||||
$providerKey = "ldap";
|
||||
$providerData = null;
|
||||
$isAdmin = ($dialog->ask($output, Lang::get('enter_isadmin')));
|
||||
$isAdmin = !empty($isAdmin);
|
||||
$password = "";
|
||||
$email = $dialog->askAndValidate($output, Lang::get('enter_email'), $mailValidator, false);
|
||||
$name = $dialog->ask($output, Lang::get('enter_name'));
|
||||
$providerKey = "ldap";
|
||||
$providerData = null;
|
||||
$isAdmin = ($dialog->ask($output, Lang::get('enter_isadmin')));
|
||||
$isAdmin = !empty($isAdmin);
|
||||
$password = "";
|
||||
|
||||
try {
|
||||
$userService->createUserWithProvider($name, $email, $password, $providerKey, $providerData, $isAdmin);
|
||||
$userService->createUserWithProvider($name, $email, $password, $providerKey, $providerData, $isAdmin);
|
||||
$output->writeln(Lang::get('user_created'));
|
||||
} catch (\Exception $e) {
|
||||
$output->writeln(sprintf('<error>%s</error>', Lang::get('failed_to_create')));
|
|
@ -67,17 +67,17 @@ class RegisterUserCommand extends Command
|
|||
return $answer;
|
||||
};
|
||||
|
||||
$id = $dialog->ask($output, Lang::get('enter_id'));
|
||||
$pass = $dialog->askHiddenResponse($output, Lang::get('enter_password'));
|
||||
$email = $dialog->askAndValidate($output, Lang::get('enter_email'), $mailValidator, false);
|
||||
$providerKey = $dialog->ask($output, Lang::get('enter_providerkey'));
|
||||
$providerData = $dialog->ask($output, Lang::get('enter_providerdata'));
|
||||
$isAdmin = $dialog->ask($output, Lang::get('enter_isadmin'));
|
||||
$isAdmin = !empty($isAdmin);
|
||||
$id = $dialog->ask($output, Lang::get('enter_id'));
|
||||
$password = $dialog->askHiddenResponse($output, Lang::get('enter_password'));
|
||||
$emailAddress = $dialog->askAndValidate($output, Lang::get('enter_email'), $mailValidator, false);
|
||||
$providerKey = $dialog->ask($output, Lang::get('enter_providerkey'));
|
||||
$providerData = $dialog->ask($output, Lang::get('enter_providerdata'));
|
||||
$isAdmin = $dialog->ask($output, Lang::get('enter_isadmin'));
|
||||
$isAdmin = !empty($isAdmin);
|
||||
$name = $dialog->ask($output, Lang::get('enter_name'));
|
||||
|
||||
try {
|
||||
$userService->createUserWithProvider($name, $emailAddress, $id, $password, $providerKey, $providerData, $isAdmin = false);
|
||||
$userService->createUserWithProvider($name, $emailAddress, $id, $password, $providerKey, $providerData, $isAdmin = false);
|
||||
$output->writeln(Lang::get('user_created'));
|
||||
} catch (\Exception $e) {
|
||||
$output->writeln(sprintf('<error>%s</error>', Lang::get('failed_to_create')));
|
|
@ -16,23 +16,31 @@ use PHPCI\Security\Authentication\LoginPasswordProvider;
|
|||
|
||||
/**
|
||||
* Ldap user provider.
|
||||
* @author Adirelle <adirelle@gmail.com>
|
||||
*
|
||||
* @author Dmitrii Zolotov (@itherz)
|
||||
*/
|
||||
class Ldap extends AbstractProvider implements LoginPasswordProvider
|
||||
{
|
||||
|
||||
public function verifyPassword(User $user, $password)
|
||||
{
|
||||
$config = Config::getInstance()->get('phpci.security.ldap', []);
|
||||
$server = $config["server"];
|
||||
$mailAttribute = $config["mailAttribute"];
|
||||
$ldap = ldap_connect($server);
|
||||
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||
$ls = ldap_search($ldap, $config["base"], $mailAttribute."=".$user->getEmail());
|
||||
$le = ldap_get_entries($ldap, $ls);
|
||||
if ($le["count"]==0) return false;
|
||||
$dn = $le[0]["dn"];
|
||||
return ldap_bind($ldap, $dn, $password);
|
||||
$config = Config::getInstance()->get('phpci.security.ldap', []);
|
||||
$server = $config["server"];
|
||||
$mailAttribute = $config["mailAttribute"];
|
||||
$ldap = ldap_connect($server);
|
||||
|
||||
ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
|
||||
|
||||
$ls = ldap_search($ldap, $config["base"], $mailAttribute . "=" . $user->getEmail());
|
||||
$le = ldap_get_entries($ldap, $ls);
|
||||
|
||||
if ($le["count"] == 0) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$dn = $le[0]["dn"];
|
||||
|
||||
return ldap_bind($ldap, $dn, $password);
|
||||
}
|
||||
|
||||
public function checkRequirements()
|
|
@ -57,6 +57,31 @@ class UserService
|
|||
return $this->store->save($user);
|
||||
}
|
||||
|
||||
/**
|
||||
* Create a new user within PHPCI (with provider).
|
||||
* @param $name
|
||||
* @param $emailAddress
|
||||
* @param $id
|
||||
* @param $password
|
||||
* @param $providerKey
|
||||
* @param $providerData
|
||||
* @param bool $isAdmin
|
||||
* @return \PHPCI\Model\User
|
||||
*/
|
||||
|
||||
public function createUserWithProvider($name, $emailAddress, $id, $password, $providerKey, $providerData, $isAdmin = false)
|
||||
{
|
||||
$user = new User();
|
||||
$user->setName($name);
|
||||
$user->setEmail($emailAddress);
|
||||
$user->setHash("");
|
||||
$user->setProviderKey($providerKey);
|
||||
$user->setProviderData($providerData);
|
||||
$user->setIsAdmin(($isAdmin ? 1 : 0));
|
||||
|
||||
return $this->store->save($user);
|
||||
}
|
||||
|
||||
/**
|
||||
* Update a user.
|
||||
*
|
||||
|
|
Loading…
Reference in a new issue