* */ class LdapAdapter implements LoginAdapter { const OPTION_ADAPTER_CONFIG = 'config'; const OPTION_USER_MAPPING = 'mapping'; /** @var $username string */ private $username; /** @var $password string */ private $password; /** @var $configuration array $configuration */ protected $configuration; /** * @var \Zend\Authentication\Adapter\Ldap */ protected $adapter; /** * Create an adapter from the configuration * * @param array $configuration * @return oat\authLdap\model\LdapAdapter */ public static function createFromConfig(array $configuration) { $adapter = new self(); $adapter->setOptions($configuration); return $adapter; } /** * Instantiates Zend Ldap adapter */ public function __construct() { $this->adapter = new Ldap(); } public function setOptions(array $options) { $this->configuration = $options; $this->adapter->setOptions($options['config']); } public function getOption($name) { return $this->configuration[$name]; } public function hasOption($name) { return isset($this->configuration[$name]); } /** * Set the credential * * @param string $login * @param string $password */ public function setCredentials($login, $password){ $this->username = $login; $this->password = $password; } public function authenticate() { $adapter = $this->getAdapter(); $adapter->setUsername($this->getUsername()); $adapter->setPassword($this->getPassword()); $result = $adapter->authenticate(); if($result->isValid()){ $result = $adapter->getAccountObject(); $params = get_object_vars($result); $mapping = $this->hasOption(self::OPTION_USER_MAPPING) ? $this->getOption(self::OPTION_USER_MAPPING) : array(); $user = $this->createTestTaker($this->getUsername(), $this->getPassword(), $params); $this->addUserToGroup($user, 'LDAP'); return LoginService::authenticate($this->getUsername(), $this->getPassword()); } else { throw new core_kernel_users_InvalidLoginException('User "'.$this->getUsername().'" failed LDAP authentication.'); } } private function createTestTaker($login, $password, $params) { $testTakerCrudService = CrudService::singleton(); $testTakerClass = new core_kernel_classes_Class(('http://www.tao.lu/Ontologies/TAO.rdf#User')); $data = [ PROPERTY_USER_LOGIN => $login, PROPERTY_USER_PASSWORD => $password, RDFS_LABEL => $login . ' - ' . $params['givenname'] . ' ' . $params['sn'], PROPERTY_USER_FIRSTNAME => $params['givenname'], PROPERTY_USER_LASTNAME => $params['sn'], ]; try { $testTaker = $testTakerCrudService->createFromLdapData($data); } catch (\common_exception_PreConditionFailure $e) { //TODO: throw better exception throw new core_kernel_users_InvalidLoginException('Error while creating test taker: ' . $login); } return $testTaker; } private function addUserToGroup($user, $groupLabel) { $groupCrudService = CrudGroupsService::singleton(); $groupService = GroupsService::singleton(); $groupClass = $groupService->getRootClass(); $instances = $groupClass->searchInstances(array( RDFS_LABEL => $groupLabel ), array( 'recursive' => true, 'like' => false )); if (count($instances)) { $group = current($instances); } else { $group = $groupCrudService->createFromArray([ RDFS_LABEL => $groupLabel ]); } $groupService->addUser($user->getUri(), $group); } /** * @param \Zend\Authentication\Adapter\Ldap $adapter */ public function setAdapter($adapter) { $this->adapter = $adapter; } /** * @return \Zend\Authentication\Adapter\Ldap */ public function getAdapter() { return $this->adapter; } /** * @param array $configuration */ public function setConfiguration($configuration) { $this->configuration = $configuration; } /** * @return array */ public function getConfiguration() { return $this->configuration; } /** * @param string $password */ public function setPassword($password) { $this->password = $password; } /** * @return string */ public function getPassword() { return $this->password; } /** * @param string $username */ public function setUsername($username) { $this->username = $username; } /** * @return string */ public function getUsername() { return $this->username; } }