CyberTest/generis-auth-ldap
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Added complex rules to map the user attributes

Browse Source
This commit is contained in:
Joel Bout 2015-03-13 18:39:02 +01:00
parent 9727c8efce
commit d5d2ad9b03
3 changed files with 150 additions and 218 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
model/LdapAdapter.php
View File

@ -45,6 +45,10 @@ use common_persistence_Manager;
*/
class LdapAdapter implements LoginAdapter
{
const OPTION_ADAPTER_CONFIG = 'config';
const OPTION_USER_MAPPING = 'mapping';
/** @var $username string */
private $username;
@ -80,9 +84,13 @@ class LdapAdapter implements LoginAdapter
$this->adapter = new Ldap();
$this->adapter->setOptions($configuration['config']);
$this->setMapping($configuration['mapping']);
$this->setMapping(isset($configuration['mapping']) ? $configuration['mapping'] : array());
}
public function getOption($name) {
return $this->configuration[$name];
}
/**
* Set the credential
@ -108,10 +116,10 @@ class LdapAdapter implements LoginAdapter
$result = $adapter->getAccountObject();
$params = get_object_vars($result);
$factory = new LdapUserFactory($this->getOption(self::OPTION_USER_MAPPING));
$user = $factory->createUser($params);
$user = new LdapUser($this->getMapping());
$user->setUserRawParameters($params);
return $user;
} else {

230
model/LdapUser.php
View File

@ -33,230 +33,32 @@ use common_user_User;
use core_kernel_classes_Resource;
use core_kernel_classes_Property;
use common_Logger;
use SebastianBergmann\Exporter\Exception;
class LdapUser extends common_user_User {
/** @var array of configuration */
protected $configuration;
/**
* @var array
*/
protected $userRawParameters;
/**
* @var array
*/
protected $userExtraParameters = array();
/**
* @var string
*/
protected $identifier;
/** @var array $roles */
protected $roles;
/**
* Array that contains the language code as a single string
*
* @var array
*/
protected $languageUi = array(DEFAULT_LANG);
/**
* Array that contains the language code as a single string
*
* @var array
*/
protected $languageDefLg = array(DEFAULT_LANG);
/**
* The mapping of custom parameter from ldap to TAO property
*
* @var array
*/
protected $mapping;
public function __construct(array $mapping = null){
$this->mapping = $mapping;
}
/**
* @return array
*/
public function getMapping()
private $identifier;
private $cache;
public function __construct($id, $data)
{
return $this->mapping;
$this->identifier = $id;
$this->cache = $data;
}
/**
* Sets the language URI
*
* @param string $languageDefLgUri
*/
public function setLanguageDefLg($languageDefLgUri)
public function getIdentifier()
{
$this->languageDefLg = array((string)$languageDefLgUri);
return $this;
}
/**
* Returns the language code
*
* @return array
*/
public function getLanguageDefLg()
{
return $this->languageDefLg;
}
/**
* @param $property string
* @param $value string
*/
public function setUserParameter($property, $value){
$this->userRawParameters[$property] = $value;
}
public function getUserParameter($property) {
if (isset ($this->userRawParameters[$property] ) )
return $this->userRawParameters[$property];
return null;
}
/**
* @param array $params
* @return AuthKeyValueUser
*/
public function setUserRawParameters(array $params)
{
$this->setRoles(array('http://www.tao.lu/Ontologies/TAO.rdf#DeliveryRole'));
// initialize parameter that should be set
isset($params['preferredlanguage']) ? $this->setLanguageUi($params['preferredlanguage']) : DEFAULT_LANG;
isset($params['preferredlanguage']) ? $this->setLanguageDefLg($params['preferredlanguage']) : DEFAULT_LANG;
isset($params['mail']) ? $this->setUserParameter(PROPERTY_USER_MAIL, $params['mail']) : '';
isset($params['displayname']) ? $this->setUserParameter(PROPERTY_USER_LASTNAME, $params['displayname']) : $this->setUserParameter(PROPERTY_USER_LASTNAME, $params['cn']) ;
$mapping = $this->getMapping();
foreach($params as $key => $value) {
if(! in_array($key, array('preferredlanguage','mail', 'displayname'))) {
if(array_key_exists($key, $mapping)){
$this->setUserParameter($mapping[$key], $value);
}
}
}
return $this;
}
/**
* @return array
*/
public function getUserRawParameters()
{
return $this->userRawParameters;
}
/**
* @param mixed $language
*/
public function setLanguageUi($languageUri)
{
$this->languageUi = array((string)$languageUri);
return $this;
}
/**
* @return array
*/
public function getLanguageUi()
{
return $this->languageUi;
}
/**
* @return string
*/
public function getIdentifier(){
return $this->identifier;
}
/**
* @param $identifier
* @return $this
*/
public function setIdentifier($identifier){
$this->identifier = $identifier;
return $this;
}
/**
* @param $property string
* @return array|null
*/
public function getPropertyValues($property)
{
$returnValue = null;
switch ($property) {
case PROPERTY_USER_DEFLG :
$returnValue = $this->getLanguageDefLg();
break;
case PROPERTY_USER_UILG :
$returnValue = $this->getLanguageUi();
break;
case PROPERTY_USER_ROLES :
$returnValue = $this->getRoles();
break;
default:
$returnValue = array($this->getUserParameter($property));
}
return $returnValue;
return isset($this->cache[$property])
? $this->cache[$property]
: array();
}
/**
* Function that will refresh the parameters.
*/
public function refresh() {
return false;
}
/**
* @return array
*/
public function getRoles() {
return $this->roles;
}
/**
* @param array $roles
* @return $this
*/
public function setRoles(array $roles ) {
$this->roles = $roles;
return $this;
}
}

122
model/LdapUserFactory.php Normal file
View File

@ -0,0 +1,122 @@
<?php
/**
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; under version 2
* of the License (non-upgradable).
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*
* Copyright (c) 2014 (original work) Open Assessment Technologies SA;
*
*
*/
/**
* Authentication user for key value db access
*
* @author christophe massin
* @package authLdap
*/
namespace oat\authLdap\model;
use oat\oatbox\Configurable;
class LdapUserFactory extends Configurable {
public function createUser($rawData) {
if (!isset($rawData['dn'])) {
throw new \common_exception_InconsistentData('Missing DN for LDAP user');
} else {
$id = $rawData['dn'];
}
$data = array();
foreach ($this->getRules() as $property => $rule) {
$data[$property] = $this->map($rule, $rawData);
}
return new LdapUser($id, $data);
}
public function map($propertyConfig, $rawData) {
$data = array();
switch ($propertyConfig['type']) {
case 'value' :
$data = $propertyConfig['value'];
break;
case 'attributeValue' :
if (isset($rawData[$propertyConfig['attribute']])) {
$value = $rawData[$propertyConfig['attribute']];
$data = is_array($value) ? $value : array($value);
}
break;
case 'callback' :
if (isset($rawData[$propertyConfig['attribute']])) {
$callback = $propertyConfig['callable'];
if (is_callable($callback)) {
$data = call_user_func($callback, $rawData[$propertyConfig['attribute']]);
}
}
break;
default :
throw new \common_exception_InconsistentData('Unknown mapping: '.$propertyConfig['type']);
}
return $data;
}
public function getRules() {
$rules = self::getDefaultConfig();
foreach ($this->getOptions() as $key => $value) {
$rules[$key] = $value;
}
return $rules;
}
static public function getDefaultConfig()
{
return array(
PROPERTY_USER_ROLES => self::rawValue(INSTANCE_ROLE_DELIVERY)
,PROPERTY_USER_UILG => self::rawValue(DEFAULT_LANG)
,PROPERTY_USER_DEFLG => self::rawValue(DEFAULT_LANG)
,PROPERTY_USER_TIMEZONE => self::rawValue(TIME_ZONE)
,PROPERTY_USER_MAIL => self::attributeValue('mail')
,PROPERTY_USER_FIRSTNAME => self::attributeValue('givenName')
,PROPERTY_USER_LASTNAME => self::attributeValue('sn')
,RDFS_LABEL => self::attributeValue('displayName')
);
}
static protected function rawValue($value) {
return array(
'type' => 'value',
'value' => array($value)
);
}
static protected function attributeValue($attributeName) {
return array(
'type' => 'attributeValue',
'attribute' => $attributeName
);
}
static protected function callback($callable, $attributeName) {
return array(
'type' => 'callback',
'callable' => $callable,
'attribute' => $attributeName
);
}
}