Author: Chad Sikorra (Chad.Sikorra@gmail.com)
 function let(LdapManager $ldap, LdapQueryBuilder $qb, LdapQuery $query, LdapConnectionInterface $connection)
 {
     $groups = new LdapObjectCollection();
     $groups->add(new LdapObject(['name' => 'Foo', 'dn' => 'cn=Foo,dc=example,dc=local']));
     $groups->add(new LdapObject(['guid' => '291d8444-9d5b-4b0a-a6d7-853408f704d5', 'dn' => 'cn=Bar,dc=example,dc=local']));
     $groups->add(new LdapObject(['sid' => 'S-1-5-18', 'dn' => 'cn=LocalSys,dc=example,dc=local']));
     $groups->add(new LdapObject(['name' => 'Just a DN', 'dn' => 'cn=Stuff,dc=example,dc=local']));
     $roleMap = ['ROLE_AWESOME' => ['foo'], 'ROLE_ADMIN' => ['291d8444-9d5b-4b0a-a6d7-853408f704d5'], 'ROLE_DN' => ['cn=Stuff,dc=example,dc=local'], 'ROLE_SID' => ['S-1-5-18']];
     $attrMap = ['username' => 'username', 'accountNonLocked' => 'locked', 'accountNonExpired' => 'accountExpirationDate', 'enabled' => 'disabled', 'credentialsNonExpired' => 'passwordMustChange', 'guid' => 'guid', 'groups' => 'groups', 'stringRepresentation' => 'username'];
     $config = new DomainConfiguration('foo.bar');
     $filter = new ADFilterBuilder();
     $ldapObject = new LdapObject($this->attr, ['user'], ['user'], 'user');
     $query->getSingleResult()->willReturn($ldapObject);
     $query->getResult()->willReturn($groups);
     $query->getArrayResult()->willReturn([['name' => 'foo'], ['name' => 'bar']]);
     $qb->from(LdapObjectType::USER)->willReturn($qb);
     $qb->from('group')->willReturn($qb);
     $qb->select(["username", "locked", "accountExpirationDate", "disabled", "passwordMustChange", "guid", "groups", "username"])->willReturn($qb);
     $qb->select(["name", "sid", "guid"])->willReturn($qb);
     $qb->select('name')->willReturn($qb);
     $qb->where(['username' => 'foo'])->willReturn($qb);
     $qb->getLdapQuery()->willReturn($query);
     $qb->filter()->willReturn($filter);
     $qb->where($filter->hasMemberRecursively($this->attr['guid'], 'members'))->willReturn($qb);
     $ldap->buildLdapQuery()->willReturn($qb);
     $connection->getConfig()->willReturn($config);
     $ldap->getConnection()->willReturn($connection);
     $this->beConstructedWith($ldap, $attrMap, $roleMap, true);
 }
 function let(LdapManager $ldap, LdapConnectionInterface $connection, RouterInterface $router, EventDispatcherInterface $dispatcher)
 {
     $this->userChecker = new LdapUserChecker();
     $this->request = new Request();
     $this->request->setSession(new Session());
     $router->generate('login')->willReturn('/login');
     $connection->getConfig()->willReturn(new DomainConfiguration('foo.bar'));
     $ldap->getConnection()->willReturn($connection);
     $ldap->getDomainContext()->willReturn('foo.bar');
     $this->beConstructedWith(true, $this->userChecker, $ldap, $router, $dispatcher);
 }
 /**
  * {@inheritdoc}
  */
 public function collect(Request $request, Response $response, \Exception $exception = null)
 {
     if (!$this->ldap) {
         return;
     }
     $this->data['domains'] = $this->ldap->getDomains();
     $this->data['operations_by_domain'] = [];
     foreach ($this->data['domains'] as $domain) {
         $this->data['operations_by_domain'][$domain] = $this->addOperationToData(...$this->logger->getOperations($domain));
     }
     $this->data['operations'] = $this->addOperationToData(...$this->logger->getOperations());
     $this->data['errors'] = $this->addOperationToData(...$this->logger->getErrors());
 }
 public function let(LdapManager $ldap, LdapQueryBuilder $qb, LdapQuery $query, LdapObjectCollection $collection)
 {
     $ldap->getDomainContext()->willReturn('foo.bar');
     $ldap->buildLdapQuery()->willReturn($qb);
     $qb->select(Argument::any())->willReturn($qb);
     $qb->from(Argument::any())->willReturn($qb);
     $qb->getLdapQuery()->willReturn($query);
     $query->getResult()->WillReturn($collection);
     $collection->toArray()->willReturn([]);
     $this->resolver = new OptionsResolver();
     if (Kernel::VERSION >= 2.6) {
         $this->resolver->setDefault('ldap_type', 'user');
     } else {
         $this->resolver->setDefaults(['ldap_type' => 'user']);
     }
     $this->beConstructedWith($ldap);
 }
 /**
  * @param \Symfony\Component\Security\Core\User\UserProviderInterface $up
  */
 function it_should_throw_bad_credentials_if_a_specified_domain_doesnt_exist_on_user_load_or_authenticate($up)
 {
     $credentials = $this->credentials;
     $credentials['ldap_domain'] = 'foo.local';
     $user = new LdapUser(new LdapObject(['username' => 'foo']));
     $this->ldap->switchDomain('foo.local')->willThrow(new InvalidArgumentException('invalid'));
     $this->shouldThrow('Symfony\\Component\\Security\\Core\\Exception\\BadCredentialsException')->duringCheckCredentials($credentials, $user);
     $this->shouldThrow('Symfony\\Component\\Security\\Core\\Exception\\BadCredentialsException')->duringGetUser($credentials, $up);
 }
 /**
  * Get the LDAP objects from LDAP. Optionally only get those specified by the passed values.
  *
  * @param array $values The values used to narrow the LDAP query.
  * @return \LdapTools\Object\LdapObjectCollection
  */
 protected function getLdapObjectsByQuery($values = [])
 {
     if (!$this->ldapQueryBuilder) {
         $query = $this->ldap->buildLdapQuery()->select([$this->id, $this->labelAttribute])->from($this->type);
     } else {
         $query = clone $this->ldapQueryBuilder;
     }
     if (!empty($values)) {
         foreach ($values as $value) {
             $query->orWhere([$this->id => $value]);
         }
     }
     if ($this->queryCallback) {
         $closure = $this->queryCallback;
         $closure($query);
     }
     return $query->getLdapQuery()->getResult();
 }
 function it_should_switch_the_domain_if_the_token_has_the_ldap_domain_set()
 {
     // It first grabs a copy of the domain context, then checks against it, then checks it at the end...
     $this->ldap->getDomainContext()->willReturn('foo.bar', 'foo.bar', 'example.local');
     $this->token->hasAttribute('ldap_domain')->willReturn(true);
     $this->token->getAttribute('ldap_domain')->willReturn('example.local');
     $this->ldap->switchDomain('example.local')->shouldBeCalledTimes(1);
     $this->ldap->switchDomain('foo.bar')->shouldBeCalledTimes(1);
     $this->authenticate($this->token)->shouldReturnAnInstanceOf('\\Symfony\\Component\\Security\\Core\\Authentication\\Token\\UsernamePasswordToken');
 }
 function let(LdapManager $ldap)
 {
     $logger = new LdapProfilerLogger();
     // Add some log data...
     $addOperation = (new AddOperation())->setAttributes(['username' => 'foo', 'unicodePwd' => 'bar']);
     $deleteOperation = new DeleteOperation('foo');
     $addLog = new LogOperation($addOperation);
     $addLog->setDomain('foo.bar');
     $addLog->setError('fail');
     $deleteLog = new LogOperation($deleteOperation);
     $deleteLog->setDomain('example.local');
     /** @var LogOperation $log */
     foreach ([$addLog, $deleteLog] as $log) {
         $logger->start($log->start());
         $logger->end($log->stop());
     }
     $ldap->getDomains()->willReturn(['foo.bar', 'example.local']);
     $this->beConstructedWith($logger, $ldap);
 }
Ejemplo n.º 9
0
 /**
  * {@inheritdoc}
  */
 public function configureOptions(OptionsResolver $resolver)
 {
     $ldap = $this->ldap;
     $resolver->setDefaults(['ldap_domain' => $this->ldap->getDomainContext(), 'ldap_attributes' => null, 'ldap_query_builder' => null, 'choice_name' => 'name', 'choice_value' => 'guid', 'choices' => [], 'choice_loader' => function (Options $options) use($ldap) {
         if (!interface_exists('\\Symfony\\Component\\Form\\ChoiceList\\Loader\\ChoiceLoaderInterface')) {
             return null;
         }
         return new LdapObjectChoiceLoader($ldap, $options['ldap_type'], $options['choice_name'], $options['choice_value'], $options['ldap_query_builder']);
     }, 'choice_list' => function (Options $options) use($ldap) {
         // Always prefer the ChoiceLoader if it exists. Fall back to the ObjectChoiceList...
         if (interface_exists('\\Symfony\\Component\\Form\\ChoiceList\\Loader\\ChoiceLoaderInterface')) {
             return null;
         }
         $legacyChoiceLoader = new LegacyLdapChoiceLoader($ldap, $options['ldap_type'], $options['choice_name'], $options['choice_value'], $options['ldap_query_builder']);
         $preferred = isset($options['preferred_choices']) ? $options['preferred_choices'] : [];
         return new LdapObjectChoiceList($legacyChoiceLoader->load(), $options['choice_name'], $preferred, null, $options['choice_value']);
     }]);
     $resolver->setRequired(['ldap_type']);
     $this->setAllowedTypes($resolver);
 }
Ejemplo n.º 10
0
 /**
  * @param LdapUser $user
  * @return LdapObjectCollection
  */
 protected function getGroupsForUser(LdapUser $user)
 {
     $select = $this->roleAttrMap;
     unset($select['members']);
     $query = $this->ldap->buildLdapQuery()->from($this->groupObjectType)->select(array_values($select));
     if ($this->checkGroupsRecursively) {
         $query->where($query->filter()->hasMemberRecursively($user->getLdapGuid(), $this->roleAttrMap['members']));
     } else {
         $query->where([$this->roleAttrMap['members'] => $user->getLdapGuid()]);
     }
     return $query->getLdapQuery()->getResult();
 }
 function let(UserProviderInterface $userProvider, LdapUserChecker $userChecker, LdapManager $ldap, TokenInterface $token, LdapUser $user, LdapConnectionInterface $connection, AuthenticationResponse $response, \Symfony\Component\EventDispatcher\EventDispatcherInterface $dispatcher)
 {
     $this->operation = (new AuthenticationOperation())->setUsername('foo')->setPassword('bar');
     $token->getUsername()->willReturn('foo');
     $token->getCredentials()->willReturn('bar');
     $token->hasAttribute('ldap_domain')->willReturn(false);
     $token->getAttributes()->willReturn([]);
     $token->getUser()->willReturn($user);
     $userProvider->loadUserByUsername('foo')->willReturn($user);
     $connection->getConfig()->willReturn(new DomainConfiguration('foo.bar'));
     $connection->execute($this->operation)->willReturn($response);
     $response->isAuthenticated()->willReturn(true);
     $ldap->getConnection()->willReturn($connection);
     $ldap->getDomainContext()->willReturn('foo.bar');
     $user->getUsername()->willReturn('foo');
     $user->getRoles()->willReturn(['ROLE_USER']);
     $user->isAccountNonLocked()->willReturn(true);
     $user->isEnabled()->willReturn(true);
     $user->isAccountNonExpired()->willReturn(true);
     $user->isCredentialsNonExpired()->willReturn(true);
     $this->beConstructedWith('restricted', true, $userProvider, new LdapUserChecker(), $ldap, $dispatcher);
 }
 /**
  * {@inheritdoc}
  */
 public function warmUp($cacheDir)
 {
     $domain = $this->ldap->getDomainContext();
     foreach ($this->config->getDomainConfiguration() as $domainConfig) {
         $this->ldap->switchDomain($domainConfig->getDomainName());
         $schemaFactory = $this->ldap->getSchemaFactory();
         $parser = $this->ldap->getSchemaParser();
         $schema = empty($domainConfig->getSchemaName()) ? $domainConfig->getLdapType() : $domainConfig->getSchemaName();
         $ldapObjects = $parser->parseAll($schema);
         $this->cacheAllLdapSchemaObjects($schemaFactory, ...$ldapObjects);
     }
     $this->ldap->switchDomain($domain);
 }
 /**
  * @param \ReflectionProperty $property
  * @param LdapObjectAnnotation $annotation
  * @param $entity
  * @return LdapObject|LdapObjectCollection|null
  */
 protected function queryLdapForObjects(\ReflectionProperty $property, LdapObjectAnnotation $annotation, $entity)
 {
     $query = $this->ldap->buildLdapQuery()->select($this->getLdapAttributesToSelect($annotation))->from($annotation->type);
     $values = $property->getValue($entity);
     // A single LdapObject type...
     if (is_string($values) && !empty($values)) {
         $query->where([$annotation->id => $values]);
         // A LdapObjectCollection type...
     } elseif (is_array($values) && !empty($values)) {
         foreach ($values as $value) {
             $query->orWhere([$annotation->id => $value]);
         }
         // A currently null/empty value?
     } else {
         return null;
     }
     if ($annotation->collection) {
         $results = $query->getLdapQuery()->getResult();
     } else {
         $results = $query->getLdapQuery()->getOneOrNullResult();
     }
     return $results;
 }
 function let(Reader $reader, LdapManager $ldap, LifecycleEventArgs $eventArgs, ObjectManager $om, ClassMetadata $metadata, LdapObjectSchemaFactory $schemaFactory, LdapConnectionInterface $connection, LdapObjectSchema $schema, LdapQueryBuilder $qb, LdapQuery $query, $entity)
 {
     $rc = new \ReflectionClass('Doctrine\\Common\\Persistence\\Event\\LifecycleEventArgs');
     if ($rc->hasMethod('getObjectManager')) {
         $eventArgs->getObjectManager()->willReturn($om);
         $eventArgs->getObject()->willReturn($entity);
     } else {
         $eventArgs->getEntityManager()->willReturn($om);
         $eventArgs->getEntity()->willReturn($entity);
     }
     $om->getClassMetadata(Argument::any())->willReturn($metadata);
     $this->config = new DomainConfiguration('foo.bar');
     $connection->getConfig()->willReturn($this->config);
     $ldap->getDomainContext()->willReturn('foo.bar');
     $ldap->getSchemaFactory()->willReturn($schemaFactory);
     $ldap->getConnection()->willReturn($connection);
     $ldap->buildLdapQuery()->willReturn($qb);
     $qb->getLdapQuery()->willReturn($query);
     $this->beConstructedWith($reader, $ldap);
 }
 /**
  * If the passed domain is not the current context, then switch back to it.
  *
  * @param string $domain
  */
 protected function switchDomainBackIfNeeded($domain)
 {
     if ($domain !== $this->ldap->getDomainContext()) {
         $this->ldap->switchDomain($domain);
     }
 }
 public function let(LdapManager $ldap, LdapQueryBuilder $qb, LdapQuery $query)
 {
     $ldap->buildLdapQuery()->willReturn($qb);
     $qb->getLdapQuery()->willReturn($query);
     $this->beConstructedWith($ldap, LdapObjectType::USER);
 }