/**
* Check if authentication requests is valide.
* This function checks that headers contains the HTTP_X_FORWADED_FOR header.
* If not, then if $_SERVER['REMOTE_ADDR'] matches to $_server_ip.
* @return boolean
*/
public function checkLemonldapRequest ()
{
if (!$this->_server_check)
{
return true;
}
$hn = 'HTTP_X_FORWARDED_FOR';
$hv = $this->_engine->getHeaderValue($hn);
$succeed = false;
if (($hv !== false && strcasecmp(trim($hv), $this->_server_ip) == 0)
|| strcasecmp($_SERVER['REMOTE_ADDR'], $this->_server_ip) == 0)
{
$succeed = true;
}
$this->_logger->info($succeed ? "SUCCEED" : "FAILED");
return $succeed;
}
/**
* Manage user informations synchronization.
* This function will call syncUserAccount, syncUserGroups and
* syncExternalData if necessary.
* @param $user_id The user unique identifier.
* @param $domain_id The domain identifier.
* @param $username The user name (optional).
* @param $domain The domain name (optional).
* @param $groups Groups information (optional).
* @return The user identifier or false.
*/
public function syncUser ($user_id, $domain_id, $username = null, $domain = null, $groups = null)
{
if (!$this->isEnabled())
{
$this->_logger->debug("synchronization is disabled");
return false;
}
if (is_null($username))
{
$username = $this->_engine->getUserLogin();
}
if (is_null($domain))
{
$domain = $this->_engine->getUserDomain();
}
if (is_null($groups) || $groups === false || !is_array($groups))
{
$groups = $this->_engine->parseGroupsHeader($this->groupsHeaderName);
$groups = $groups !== false ? $groups : Array();
}
//
// OBM do not considere automatic updates of users and groups.
// A file is included once here to force the use of redefined
// functions.
//
require_once dirname(__FILE__) . '/functions.inc';
$this->_logger->info("proceed to synchronization for $username@$domain");
//
// Synchronize user information.
//
$user_id_sync = $this->syncUserAccount($user_id, $domain_id, $username);
if ($user_id_sync !== false)
{
$this->_logger->info("synchronize user account: SUCCEED");
}
else
{
$this->_logger->error("synchronize user account: FAILED");
return false;
}
//
// Synchronize group information.
//
if ($this->syncUserGroups($user_id_sync, $domain_id, $groups) !== false)
{
$this->_logger->info("synchronize user groups: SUCCEED");
}
else
{
$this->_logger->error("synchronize user groups: FAILED");
}
//
// Even if groups synchronization does not work, it could have
// some synchronization to be done. To see if external synchronization
// are correctly performed, see system log.
//
if ($this->_engine->isDataUpdated())
{
$this->_logger->info("proceed to external updates");
$this->syncExternalData($user_id_sync, $domain_id, $username);
}
return $user_id_sync;
}
