2014-07-15 16:02:32 +02:00
|
|
|
<?php
|
|
|
|
/**
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
* as published by the Free Software Foundation; under version 2
|
|
|
|
* of the License (non-upgradable).
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU General Public License
|
|
|
|
* along with this program; if not, write to the Free Software
|
|
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
|
|
*
|
|
|
|
* Copyright (c) 2013 (original work) Open Assessment Technologies SA (under the project TAO-PRODUCT);
|
|
|
|
*
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Authentication adapter interface to be implemented by authentication methodes
|
|
|
|
*
|
|
|
|
* @author christophe massin
|
2014-07-29 14:25:07 +02:00
|
|
|
* @package authLdap
|
2014-07-15 16:02:32 +02:00
|
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
namespace oat\authLdap\model;
|
|
|
|
|
|
|
|
use core_kernel_users_Service;
|
|
|
|
use core_kernel_users_InvalidLoginException;
|
2014-07-29 14:25:07 +02:00
|
|
|
use oat\authLdap\model\LdapUser;
|
|
|
|
use oat\generisHard\models\hardsql\Exception;
|
2014-07-15 16:02:32 +02:00
|
|
|
use oat\oatbox\user\auth\LoginAdapter;
|
|
|
|
use Zend\Authentication\Adapter\Ldap;
|
2014-07-17 15:41:49 +02:00
|
|
|
use common_persistence_Manager;
|
2014-07-15 16:02:32 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Adapter to authenticate users stored in the Ldap implementation
|
|
|
|
*
|
|
|
|
* @author Christophe Massin <christope@taotesting.com>
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
class LdapAdapter implements LoginAdapter
|
|
|
|
{
|
2015-03-13 18:39:02 +01:00
|
|
|
const OPTION_ADAPTER_CONFIG = 'config';
|
|
|
|
|
|
|
|
const OPTION_USER_MAPPING = 'mapping';
|
|
|
|
|
2014-07-15 16:02:32 +02:00
|
|
|
/** @var $username string */
|
|
|
|
private $username;
|
|
|
|
|
|
|
|
/** @var $password string */
|
|
|
|
private $password;
|
|
|
|
|
|
|
|
/** @var $configuration array $configuration */
|
|
|
|
protected $configuration;
|
|
|
|
|
2014-07-17 15:41:49 +02:00
|
|
|
/**
|
|
|
|
* @var \Zend\Authentication\Adapter\Ldap
|
|
|
|
*/
|
|
|
|
protected $adapter;
|
2014-07-18 14:29:51 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Create an adapter from the configuration
|
|
|
|
*
|
|
|
|
* @param array $configuration
|
2014-07-18 14:39:37 +02:00
|
|
|
* @return oat\authLdap\model\LdapAdapter
|
2014-07-18 14:29:51 +02:00
|
|
|
*/
|
|
|
|
public static function createFromConfig(array $configuration) {
|
2015-12-18 14:54:42 +01:00
|
|
|
$adapter = new self();
|
|
|
|
$adapter->setOptions($configuration);
|
|
|
|
return $adapter;
|
|
|
|
}
|
|
|
|
|
2014-07-18 14:29:51 +02:00
|
|
|
/**
|
2015-11-30 09:49:24 +01:00
|
|
|
* Instantiates Zend Ldap adapter
|
2014-07-18 14:29:51 +02:00
|
|
|
*/
|
2015-11-30 09:49:24 +01:00
|
|
|
public function __construct() {
|
|
|
|
$this->adapter = new Ldap();
|
2014-07-18 14:29:51 +02:00
|
|
|
}
|
2014-07-17 15:41:49 +02:00
|
|
|
|
2014-07-15 16:02:32 +02:00
|
|
|
/**
|
|
|
|
* @param array $configuration
|
|
|
|
*/
|
|
|
|
public function __construct(array $configuration) {
|
|
|
|
$this->configuration = $configuration;
|
2014-07-17 15:41:49 +02:00
|
|
|
|
|
|
|
$this->adapter = new Ldap();
|
|
|
|
$this->adapter->setOptions($configuration['config']);
|
|
|
|
|
2014-07-15 16:02:32 +02:00
|
|
|
}
|
2015-12-18 14:54:42 +01:00
|
|
|
|
2015-11-30 09:49:24 +01:00
|
|
|
public function setOptions(array $options) {
|
|
|
|
$this->configuration = $options;
|
|
|
|
$this->adapter->setOptions($options['config']);
|
2015-12-18 14:54:42 +01:00
|
|
|
}
|
2015-03-13 18:39:02 +01:00
|
|
|
|
|
|
|
public function getOption($name) {
|
|
|
|
return $this->configuration[$name];
|
|
|
|
}
|
2014-07-15 16:02:32 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Set the credential
|
|
|
|
*
|
|
|
|
* @param string $login
|
|
|
|
* @param string $password
|
|
|
|
*/
|
|
|
|
public function setCredentials($login, $password){
|
|
|
|
$this->username = $login;
|
|
|
|
$this->password = $password;
|
|
|
|
}
|
|
|
|
|
|
|
|
public function authenticate() {
|
2014-07-17 15:41:49 +02:00
|
|
|
|
|
|
|
|
|
|
|
$adapter = $this->getAdapter();
|
2014-07-15 16:02:32 +02:00
|
|
|
|
|
|
|
$adapter->setUsername($this->getUsername());
|
|
|
|
$adapter->setPassword($this->getPassword());
|
2014-07-17 13:20:53 +02:00
|
|
|
$result = $adapter->authenticate();
|
2014-07-15 16:02:32 +02:00
|
|
|
|
2014-07-17 13:20:53 +02:00
|
|
|
if($result->isValid()){
|
2014-07-15 16:02:32 +02:00
|
|
|
|
2014-07-16 15:48:46 +02:00
|
|
|
$result = $adapter->getAccountObject();
|
|
|
|
$params = get_object_vars($result);
|
2015-03-13 18:39:02 +01:00
|
|
|
|
|
|
|
$factory = new LdapUserFactory($this->getOption(self::OPTION_USER_MAPPING));
|
|
|
|
$user = $factory->createUser($params);
|
2014-07-16 15:48:46 +02:00
|
|
|
|
2014-07-15 16:02:32 +02:00
|
|
|
return $user;
|
|
|
|
|
|
|
|
} else {
|
2015-03-10 15:09:27 +01:00
|
|
|
throw new core_kernel_users_InvalidLoginException('User "'.$this->getUsername().'" failed LDAP authentication.');
|
2014-07-15 16:02:32 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
2014-07-17 15:41:49 +02:00
|
|
|
/**
|
|
|
|
* @param \Zend\Authentication\Adapter\Ldap $adapter
|
|
|
|
*/
|
|
|
|
public function setAdapter($adapter)
|
|
|
|
{
|
|
|
|
$this->adapter = $adapter;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @return \Zend\Authentication\Adapter\Ldap
|
|
|
|
*/
|
|
|
|
public function getAdapter()
|
|
|
|
{
|
|
|
|
return $this->adapter;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2014-07-15 16:02:32 +02:00
|
|
|
/**
|
|
|
|
* @param array $configuration
|
|
|
|
*/
|
|
|
|
public function setConfiguration($configuration)
|
|
|
|
{
|
|
|
|
$this->configuration = $configuration;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @return array
|
|
|
|
*/
|
|
|
|
public function getConfiguration()
|
|
|
|
{
|
|
|
|
return $this->configuration;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @param string $password
|
|
|
|
*/
|
|
|
|
public function setPassword($password)
|
|
|
|
{
|
|
|
|
$this->password = $password;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
public function getPassword()
|
|
|
|
{
|
|
|
|
return $this->password;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @param string $username
|
|
|
|
*/
|
|
|
|
public function setUsername($username)
|
|
|
|
{
|
|
|
|
$this->username = $username;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
public function getUsername()
|
|
|
|
{
|
|
|
|
return $this->username;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2014-07-18 14:29:51 +02:00
|
|
|
}
|