/**
* Fetches all possible LDAP/AD users for a given configuration and context.
*
* @param bool $partial TRUE to fetch remaining entries when a partial result set was returned
* @return array
*/
public function fetchLdapUsers($partial = FALSE)
{
// Get the users from LDAP/AD server
$ldapUsers = array();
if (!empty($this->configuration['users']['basedn'])) {
if (!$partial) {
$filter = Configuration::replaceFilterMarkers($this->configuration['users']['filter']);
if (Configuration::hasExtendedMapping($this->configuration['users']['mapping'])) {
// Fetch all attributes so that hooks may do whatever they want on any LDAP attribute
$attributes = array();
} else {
// Optimize the LDAP call by retrieving only attributes in use for the mapping
$attributes = Configuration::getLdapAttributes($this->configuration['users']['mapping']);
}
$ldapUsers = Ldap::getInstance()->search($this->configuration['users']['basedn'], $filter, $attributes);
} else {
$ldapUsers = Ldap::getInstance()->searchNext();
}
unset($ldapUsers['count']);
}
return $ldapUsers;
}
/**
* Merges a field from LDAP into a TYPO3 record.
*
* @param array $ldap
* @param array $typo3
* @param string $field
* @param string $value
* @return array Modified $typo3 array
* @throws \UnexpectedValueException
*/
protected static function mergeSimple(array $ldap, array $typo3, $field, $value)
{
// Standard marker or custom function
if (preg_match("`{([^\$]*)}`", $value, $matches)) {
switch ($value) {
case '{DATE}':
$mappedValue = $GLOBALS['EXEC_TIME'];
break;
case '{RAND}':
$mappedValue = rand();
break;
default:
$mappedValue = '';
$parameters = explode(';', $matches[1]);
$hookParameters = array();
foreach ($parameters as $parameter) {
list($parameterKey, $parameterValue) = explode('|', $parameter, 2);
$hookParameters[trim($parameterKey)] = $parameterValue;
}
if (empty($hookParameters['hookName'])) {
throw new \UnexpectedValueException(sprintf('Custom marker hook parameter "hookName" is undefined: %s', $matches[0]), 1430138379);
}
$hookName = $hookParameters['hookName'];
$ldapAttributes = Configuration::getLdapAttributes(array($value));
// hook for processing user information once inserted or updated in the database
if (is_array($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['ig_ldap_sso_auth']['extraMergeField']) && !empty($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['ig_ldap_sso_auth']['extraMergeField'][$hookName])) {
$_procObj = GeneralUtility::getUserObj($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['ig_ldap_sso_auth']['extraMergeField'][$hookName]);
if (!is_callable(array($_procObj, 'extraMerge'))) {
throw new \UnexpectedValueException(sprintf('Custom marker hook "%s" does not have a method "extraMerge"', $hookName), 1430140817);
}
$mappedValue = $_procObj->extraMerge($field, $typo3, $ldap, $ldapAttributes, $hookParameters);
}
break;
}
// LDAP attribute
} elseif (preg_match("`<([^\$]*)>`", $value, $attribute)) {
if ($field === 'tx_igldapssoauth_dn' || $field === 'title' && $value === '<dn>') {
$mappedValue = $ldap[strtolower($attribute[1])];
} else {
$mappedValue = static::replaceLdapMarkers($value, $ldap);
}
// Constant
} else {
$mappedValue = $value;
}
// If field exists in TYPO3, set it to the mapped value
if (array_key_exists($field, $typo3)) {
$typo3[$field] = $mappedValue;
// Otherwise, it is some extra value, which we store in a special sub-array
// This may be data that is meant to be mapped onto other database tables
} else {
if (!isset($typo3['__extraData'])) {
$typo3['__extraData'] = array();
}
$typo3['__extraData'][$field] = $mappedValue;
}
return $typo3;
}
/**
* Returns the LDAP user groups with information merged with local TYPO3 user groups.
*
* @param \Causal\IgLdapSsoAuth\Domain\Model\Configuration $configuration
* @param string $mode
* @return array
*/
protected function getAvailableUserGroups(\Causal\IgLdapSsoAuth\Domain\Model\Configuration $configuration, $mode)
{
$userGroups = array();
$config = $mode === 'be' ? Configuration::getBackendConfiguration() : Configuration::getFrontendConfiguration();
$ldapGroups = array();
if (!empty($config['groups']['basedn'])) {
$filter = Configuration::replaceFilterMarkers($config['groups']['filter']);
$attributes = Configuration::getLdapAttributes($config['groups']['mapping']);
$ldapGroups = Ldap::getInstance()->search($config['groups']['basedn'], $filter, $attributes);
unset($ldapGroups['count']);
}
// Populate an array of TYPO3 group records corresponding to the LDAP groups
// If a given LDAP group has no associated group in TYPO3, a fresh record
// will be created so that $ldapGroups[i] <=> $typo3Groups[i]
$typo3GroupPid = Configuration::getPid($config['groups']['mapping']);
$table = $mode === 'be' ? 'be_groups' : 'fe_groups';
$typo3Groups = Authentication::getTypo3Groups($ldapGroups, $table, $typo3GroupPid);
foreach ($ldapGroups as $index => $ldapGroup) {
$userGroup = Authentication::merge($ldapGroup, $typo3Groups[$index], $config['groups']['mapping']);
// Attempt to free memory by unsetting fields which are unused in the view
$keepKeys = array('uid', 'pid', 'deleted', 'title', 'tx_igldapssoauth_dn');
$keys = array_keys($userGroup);
foreach ($keys as $key) {
if (!in_array($key, $keepKeys)) {
unset($userGroup[$key]);
}
}
$userGroups[] = $userGroup;
}
return $userGroups;
}
