Added complex rules to map the user attributes
This commit is contained in:
parent
9727c8efce
commit
d5d2ad9b03
@ -45,6 +45,10 @@ use common_persistence_Manager;
|
||||
*/
|
||||
class LdapAdapter implements LoginAdapter
|
||||
{
|
||||
const OPTION_ADAPTER_CONFIG = 'config';
|
||||
|
||||
const OPTION_USER_MAPPING = 'mapping';
|
||||
|
||||
/** @var $username string */
|
||||
private $username;
|
||||
|
||||
@ -80,9 +84,13 @@ class LdapAdapter implements LoginAdapter
|
||||
|
||||
$this->adapter = new Ldap();
|
||||
$this->adapter->setOptions($configuration['config']);
|
||||
$this->setMapping($configuration['mapping']);
|
||||
$this->setMapping(isset($configuration['mapping']) ? $configuration['mapping'] : array());
|
||||
|
||||
}
|
||||
|
||||
public function getOption($name) {
|
||||
return $this->configuration[$name];
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the credential
|
||||
@ -108,10 +116,10 @@ class LdapAdapter implements LoginAdapter
|
||||
|
||||
$result = $adapter->getAccountObject();
|
||||
$params = get_object_vars($result);
|
||||
|
||||
$factory = new LdapUserFactory($this->getOption(self::OPTION_USER_MAPPING));
|
||||
$user = $factory->createUser($params);
|
||||
|
||||
$user = new LdapUser($this->getMapping());
|
||||
|
||||
$user->setUserRawParameters($params);
|
||||
return $user;
|
||||
|
||||
} else {
|
||||
|
@ -33,230 +33,32 @@ use common_user_User;
|
||||
use core_kernel_classes_Resource;
|
||||
use core_kernel_classes_Property;
|
||||
use common_Logger;
|
||||
use SebastianBergmann\Exporter\Exception;
|
||||
|
||||
class LdapUser extends common_user_User {
|
||||
|
||||
/** @var array of configuration */
|
||||
protected $configuration;
|
||||
|
||||
/**
|
||||
* @var array
|
||||
*/
|
||||
protected $userRawParameters;
|
||||
|
||||
/**
|
||||
* @var array
|
||||
*/
|
||||
protected $userExtraParameters = array();
|
||||
|
||||
/**
|
||||
* @var string
|
||||
*/
|
||||
protected $identifier;
|
||||
|
||||
/** @var array $roles */
|
||||
protected $roles;
|
||||
|
||||
/**
|
||||
* Array that contains the language code as a single string
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
protected $languageUi = array(DEFAULT_LANG);
|
||||
|
||||
/**
|
||||
* Array that contains the language code as a single string
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
protected $languageDefLg = array(DEFAULT_LANG);
|
||||
|
||||
|
||||
/**
|
||||
* The mapping of custom parameter from ldap to TAO property
|
||||
*
|
||||
* @var array
|
||||
*/
|
||||
protected $mapping;
|
||||
|
||||
|
||||
public function __construct(array $mapping = null){
|
||||
$this->mapping = $mapping;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @return array
|
||||
*/
|
||||
public function getMapping()
|
||||
|
||||
private $identifier;
|
||||
|
||||
private $cache;
|
||||
|
||||
public function __construct($id, $data)
|
||||
{
|
||||
return $this->mapping;
|
||||
$this->identifier = $id;
|
||||
$this->cache = $data;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the language URI
|
||||
*
|
||||
* @param string $languageDefLgUri
|
||||
*/
|
||||
public function setLanguageDefLg($languageDefLgUri)
|
||||
|
||||
public function getIdentifier()
|
||||
{
|
||||
$this->languageDefLg = array((string)$languageDefLgUri);
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the language code
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public function getLanguageDefLg()
|
||||
{
|
||||
return $this->languageDefLg;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param $property string
|
||||
* @param $value string
|
||||
*/
|
||||
public function setUserParameter($property, $value){
|
||||
$this->userRawParameters[$property] = $value;
|
||||
}
|
||||
|
||||
|
||||
public function getUserParameter($property) {
|
||||
if (isset ($this->userRawParameters[$property] ) )
|
||||
return $this->userRawParameters[$property];
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $params
|
||||
* @return AuthKeyValueUser
|
||||
*/
|
||||
public function setUserRawParameters(array $params)
|
||||
{
|
||||
$this->setRoles(array('http://www.tao.lu/Ontologies/TAO.rdf#DeliveryRole'));
|
||||
|
||||
// initialize parameter that should be set
|
||||
isset($params['preferredlanguage']) ? $this->setLanguageUi($params['preferredlanguage']) : DEFAULT_LANG;
|
||||
isset($params['preferredlanguage']) ? $this->setLanguageDefLg($params['preferredlanguage']) : DEFAULT_LANG;
|
||||
isset($params['mail']) ? $this->setUserParameter(PROPERTY_USER_MAIL, $params['mail']) : '';
|
||||
isset($params['displayname']) ? $this->setUserParameter(PROPERTY_USER_LASTNAME, $params['displayname']) : $this->setUserParameter(PROPERTY_USER_LASTNAME, $params['cn']) ;
|
||||
|
||||
|
||||
$mapping = $this->getMapping();
|
||||
foreach($params as $key => $value) {
|
||||
|
||||
if(! in_array($key, array('preferredlanguage','mail', 'displayname'))) {
|
||||
|
||||
if(array_key_exists($key, $mapping)){
|
||||
$this->setUserParameter($mapping[$key], $value);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return array
|
||||
*/
|
||||
public function getUserRawParameters()
|
||||
{
|
||||
return $this->userRawParameters;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param mixed $language
|
||||
*/
|
||||
public function setLanguageUi($languageUri)
|
||||
{
|
||||
$this->languageUi = array((string)$languageUri);
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return array
|
||||
*/
|
||||
public function getLanguageUi()
|
||||
{
|
||||
return $this->languageUi;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @return string
|
||||
*/
|
||||
public function getIdentifier(){
|
||||
return $this->identifier;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param $identifier
|
||||
* @return $this
|
||||
*/
|
||||
public function setIdentifier($identifier){
|
||||
$this->identifier = $identifier;
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @param $property string
|
||||
* @return array|null
|
||||
*/
|
||||
|
||||
public function getPropertyValues($property)
|
||||
{
|
||||
$returnValue = null;
|
||||
|
||||
switch ($property) {
|
||||
case PROPERTY_USER_DEFLG :
|
||||
$returnValue = $this->getLanguageDefLg();
|
||||
break;
|
||||
case PROPERTY_USER_UILG :
|
||||
$returnValue = $this->getLanguageUi();
|
||||
break;
|
||||
case PROPERTY_USER_ROLES :
|
||||
$returnValue = $this->getRoles();
|
||||
break;
|
||||
default:
|
||||
$returnValue = array($this->getUserParameter($property));
|
||||
}
|
||||
|
||||
return $returnValue;
|
||||
return isset($this->cache[$property])
|
||||
? $this->cache[$property]
|
||||
: array();
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Function that will refresh the parameters.
|
||||
*/
|
||||
|
||||
public function refresh() {
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @return array
|
||||
*/
|
||||
public function getRoles() {
|
||||
return $this->roles;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param array $roles
|
||||
* @return $this
|
||||
*/
|
||||
public function setRoles(array $roles ) {
|
||||
$this->roles = $roles;
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
||||
}
|
||||
|
122
model/LdapUserFactory.php
Normal file
122
model/LdapUserFactory.php
Normal file
@ -0,0 +1,122 @@
|
||||
<?php
|
||||
/**
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU General Public License
|
||||
* as published by the Free Software Foundation; under version 2
|
||||
* of the License (non-upgradable).
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program; if not, write to the Free Software
|
||||
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
||||
*
|
||||
* Copyright (c) 2014 (original work) Open Assessment Technologies SA;
|
||||
*
|
||||
*
|
||||
*/
|
||||
|
||||
/**
|
||||
* Authentication user for key value db access
|
||||
*
|
||||
* @author christophe massin
|
||||
* @package authLdap
|
||||
|
||||
*/
|
||||
|
||||
|
||||
namespace oat\authLdap\model;
|
||||
|
||||
use oat\oatbox\Configurable;
|
||||
|
||||
class LdapUserFactory extends Configurable {
|
||||
|
||||
public function createUser($rawData) {
|
||||
|
||||
if (!isset($rawData['dn'])) {
|
||||
throw new \common_exception_InconsistentData('Missing DN for LDAP user');
|
||||
} else {
|
||||
$id = $rawData['dn'];
|
||||
}
|
||||
|
||||
$data = array();
|
||||
foreach ($this->getRules() as $property => $rule) {
|
||||
$data[$property] = $this->map($rule, $rawData);
|
||||
}
|
||||
|
||||
return new LdapUser($id, $data);
|
||||
}
|
||||
|
||||
public function map($propertyConfig, $rawData) {
|
||||
$data = array();
|
||||
switch ($propertyConfig['type']) {
|
||||
case 'value' :
|
||||
$data = $propertyConfig['value'];
|
||||
break;
|
||||
case 'attributeValue' :
|
||||
if (isset($rawData[$propertyConfig['attribute']])) {
|
||||
$value = $rawData[$propertyConfig['attribute']];
|
||||
$data = is_array($value) ? $value : array($value);
|
||||
}
|
||||
break;
|
||||
case 'callback' :
|
||||
if (isset($rawData[$propertyConfig['attribute']])) {
|
||||
$callback = $propertyConfig['callable'];
|
||||
if (is_callable($callback)) {
|
||||
$data = call_user_func($callback, $rawData[$propertyConfig['attribute']]);
|
||||
}
|
||||
}
|
||||
break;
|
||||
default :
|
||||
throw new \common_exception_InconsistentData('Unknown mapping: '.$propertyConfig['type']);
|
||||
}
|
||||
return $data;
|
||||
}
|
||||
|
||||
public function getRules() {
|
||||
$rules = self::getDefaultConfig();
|
||||
foreach ($this->getOptions() as $key => $value) {
|
||||
$rules[$key] = $value;
|
||||
}
|
||||
return $rules;
|
||||
}
|
||||
|
||||
static public function getDefaultConfig()
|
||||
{
|
||||
return array(
|
||||
PROPERTY_USER_ROLES => self::rawValue(INSTANCE_ROLE_DELIVERY)
|
||||
,PROPERTY_USER_UILG => self::rawValue(DEFAULT_LANG)
|
||||
,PROPERTY_USER_DEFLG => self::rawValue(DEFAULT_LANG)
|
||||
,PROPERTY_USER_TIMEZONE => self::rawValue(TIME_ZONE)
|
||||
,PROPERTY_USER_MAIL => self::attributeValue('mail')
|
||||
,PROPERTY_USER_FIRSTNAME => self::attributeValue('givenName')
|
||||
,PROPERTY_USER_LASTNAME => self::attributeValue('sn')
|
||||
,RDFS_LABEL => self::attributeValue('displayName')
|
||||
);
|
||||
}
|
||||
|
||||
static protected function rawValue($value) {
|
||||
return array(
|
||||
'type' => 'value',
|
||||
'value' => array($value)
|
||||
);
|
||||
}
|
||||
|
||||
static protected function attributeValue($attributeName) {
|
||||
return array(
|
||||
'type' => 'attributeValue',
|
||||
'attribute' => $attributeName
|
||||
);
|
||||
}
|
||||
|
||||
static protected function callback($callable, $attributeName) {
|
||||
return array(
|
||||
'type' => 'callback',
|
||||
'callable' => $callable,
|
||||
'attribute' => $attributeName
|
||||
);
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user