From cda4c2e06306a267bf2441a7f1421082cfe22c7d Mon Sep 17 00:00:00 2001 From: Dmitry Khomutov Date: Sun, 17 Jul 2016 16:55:42 +0600 Subject: [PATCH] Fixes for auth --- PHPCI/Security/Authentication/Service.php | 16 +++------- .../Command/RegisterLdapUserCommand.php | 17 ++++++----- .../PHPCI}/Command/RegisterUserCommand.php | 16 +++++----- .../Authentication/UserProvider/Ldap.php | 30 ++++++++++++------- src/PHPCensor/Service/UserService.php | 25 ++++++++++++++++ 5 files changed, 65 insertions(+), 39 deletions(-) rename {PHPCI => src/PHPCI}/Command/RegisterLdapUserCommand.php (80%) rename {PHPCI => src/PHPCI}/Command/RegisterUserCommand.php (76%) rename {PHPCI => src/PHPCI}/Security/Authentication/UserProvider/Ldap.php (53%) diff --git a/PHPCI/Security/Authentication/Service.php b/PHPCI/Security/Authentication/Service.php index 7b3ce929..ba1bf4ea 100644 --- a/PHPCI/Security/Authentication/Service.php +++ b/PHPCI/Security/Authentication/Service.php @@ -34,7 +34,7 @@ class Service if (self::$instance === null) { $config = Config::getInstance()->get( 'phpci.security.authentication', - array('internal' => 'internal') + ['internal' => ['type' => 'internal']] ); $providers = []; @@ -54,17 +54,9 @@ class Service */ public static function buildProvider($key, $config) { - if (is_string($config)) { - $config = array('type' => $config); - } - - $type = $config['type']; - if (class_exists($type)) { - $class = $type; - } elseif (class_exists('PHPCI\\Security\\Authentication\\UserProvider\\' . $type)) { - $class = 'PHPCI\\Security\\Authentication\\UserProvider\\' . $type; - } else { - // TODO: error + $class = ucfirst($config['type']); + if (class_exists('\\PHPCI\\Security\\Authentication\\UserProvider\\' . $class)) { + $class = '\\PHPCI\\Security\\Authentication\\UserProvider\\' . $class; } return new $class($key, $config); diff --git a/PHPCI/Command/RegisterLdapUserCommand.php b/src/PHPCI/Command/RegisterLdapUserCommand.php similarity index 80% rename from PHPCI/Command/RegisterLdapUserCommand.php rename to src/PHPCI/Command/RegisterLdapUserCommand.php index 1bd57a65..1106195e 100644 --- a/PHPCI/Command/RegisterLdapUserCommand.php +++ b/src/PHPCI/Command/RegisterLdapUserCommand.php @@ -18,6 +18,7 @@ use Symfony\Component\Console\Output\OutputInterface; /** * Register user command - creates an user with provider (Adirelle pluggable-auth) + * * @author Dmitrii Zolotov (@itherz) * @package PHPCI * @subpackage Console @@ -67,16 +68,16 @@ class RegisterLdapUserCommand extends Command return $answer; }; - $email = $dialog->askAndValidate($output, Lang::get('enter_email'), $mailValidator, false); - $name = $dialog->ask($output, Lang::get('enter_name')); - $providerKey = "ldap"; - $providerData = null; - $isAdmin = ($dialog->ask($output, Lang::get('enter_isadmin'))); - $isAdmin = !empty($isAdmin); - $password = ""; + $email = $dialog->askAndValidate($output, Lang::get('enter_email'), $mailValidator, false); + $name = $dialog->ask($output, Lang::get('enter_name')); + $providerKey = "ldap"; + $providerData = null; + $isAdmin = ($dialog->ask($output, Lang::get('enter_isadmin'))); + $isAdmin = !empty($isAdmin); + $password = ""; try { - $userService->createUserWithProvider($name, $email, $password, $providerKey, $providerData, $isAdmin); + $userService->createUserWithProvider($name, $email, $password, $providerKey, $providerData, $isAdmin); $output->writeln(Lang::get('user_created')); } catch (\Exception $e) { $output->writeln(sprintf('%s', Lang::get('failed_to_create'))); diff --git a/PHPCI/Command/RegisterUserCommand.php b/src/PHPCI/Command/RegisterUserCommand.php similarity index 76% rename from PHPCI/Command/RegisterUserCommand.php rename to src/PHPCI/Command/RegisterUserCommand.php index 15c5a3e4..eb6c1ce9 100644 --- a/PHPCI/Command/RegisterUserCommand.php +++ b/src/PHPCI/Command/RegisterUserCommand.php @@ -67,17 +67,17 @@ class RegisterUserCommand extends Command return $answer; }; - $id = $dialog->ask($output, Lang::get('enter_id')); - $pass = $dialog->askHiddenResponse($output, Lang::get('enter_password')); - $email = $dialog->askAndValidate($output, Lang::get('enter_email'), $mailValidator, false); - $providerKey = $dialog->ask($output, Lang::get('enter_providerkey')); - $providerData = $dialog->ask($output, Lang::get('enter_providerdata')); - $isAdmin = $dialog->ask($output, Lang::get('enter_isadmin')); - $isAdmin = !empty($isAdmin); + $id = $dialog->ask($output, Lang::get('enter_id')); + $password = $dialog->askHiddenResponse($output, Lang::get('enter_password')); + $emailAddress = $dialog->askAndValidate($output, Lang::get('enter_email'), $mailValidator, false); + $providerKey = $dialog->ask($output, Lang::get('enter_providerkey')); + $providerData = $dialog->ask($output, Lang::get('enter_providerdata')); + $isAdmin = $dialog->ask($output, Lang::get('enter_isadmin')); + $isAdmin = !empty($isAdmin); $name = $dialog->ask($output, Lang::get('enter_name')); try { - $userService->createUserWithProvider($name, $emailAddress, $id, $password, $providerKey, $providerData, $isAdmin = false); + $userService->createUserWithProvider($name, $emailAddress, $id, $password, $providerKey, $providerData, $isAdmin = false); $output->writeln(Lang::get('user_created')); } catch (\Exception $e) { $output->writeln(sprintf('%s', Lang::get('failed_to_create'))); diff --git a/PHPCI/Security/Authentication/UserProvider/Ldap.php b/src/PHPCI/Security/Authentication/UserProvider/Ldap.php similarity index 53% rename from PHPCI/Security/Authentication/UserProvider/Ldap.php rename to src/PHPCI/Security/Authentication/UserProvider/Ldap.php index dcc6fcd1..7f362605 100644 --- a/PHPCI/Security/Authentication/UserProvider/Ldap.php +++ b/src/PHPCI/Security/Authentication/UserProvider/Ldap.php @@ -16,23 +16,31 @@ use PHPCI\Security\Authentication\LoginPasswordProvider; /** * Ldap user provider. - * @author Adirelle + * + * @author Dmitrii Zolotov (@itherz) */ class Ldap extends AbstractProvider implements LoginPasswordProvider { public function verifyPassword(User $user, $password) { - $config = Config::getInstance()->get('phpci.security.ldap', []); - $server = $config["server"]; - $mailAttribute = $config["mailAttribute"]; - $ldap = ldap_connect($server); - ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); - $ls = ldap_search($ldap, $config["base"], $mailAttribute."=".$user->getEmail()); - $le = ldap_get_entries($ldap, $ls); - if ($le["count"]==0) return false; - $dn = $le[0]["dn"]; - return ldap_bind($ldap, $dn, $password); + $config = Config::getInstance()->get('phpci.security.ldap', []); + $server = $config["server"]; + $mailAttribute = $config["mailAttribute"]; + $ldap = ldap_connect($server); + + ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); + + $ls = ldap_search($ldap, $config["base"], $mailAttribute . "=" . $user->getEmail()); + $le = ldap_get_entries($ldap, $ls); + + if ($le["count"] == 0) { + return false; + } + + $dn = $le[0]["dn"]; + + return ldap_bind($ldap, $dn, $password); } public function checkRequirements() diff --git a/src/PHPCensor/Service/UserService.php b/src/PHPCensor/Service/UserService.php index bf0688e8..75f6cf3f 100644 --- a/src/PHPCensor/Service/UserService.php +++ b/src/PHPCensor/Service/UserService.php @@ -57,6 +57,31 @@ class UserService return $this->store->save($user); } + /** + * Create a new user within PHPCI (with provider). + * @param $name + * @param $emailAddress + * @param $id + * @param $password + * @param $providerKey + * @param $providerData + * @param bool $isAdmin + * @return \PHPCI\Model\User + */ + + public function createUserWithProvider($name, $emailAddress, $id, $password, $providerKey, $providerData, $isAdmin = false) + { + $user = new User(); + $user->setName($name); + $user->setEmail($emailAddress); + $user->setHash(""); + $user->setProviderKey($providerKey); + $user->setProviderData($providerData); + $user->setIsAdmin(($isAdmin ? 1 : 0)); + + return $this->store->save($user); + } + /** * Update a user. *