Esempio n. 1
0
 public static function getInstance()
 {
     if (Ldap::$ldap == null) {
         Ldap::$ldap = new Ldap();
     }
     return Ldap::$ldap;
 }
Esempio n. 2
0
 /**
  * Validates password
  *
  * @param  string $password password to validate
  * @return boolean if password provided is valid for current user
  */
 public function validatePassword($password)
 {
     if ($r = Ldap::getInstance()->auth($this->username, $password)) {
         //Autenticar primero con el LDAP
         return $r;
     } else {
         //Intente usar el password que está en la BD
         return $this->password === $password;
     }
 }
Esempio n. 3
0
 public function getLdapTest()
 {
     try {
         $connection = Ldap::connectToLdap();
         try {
             Ldap::bindAdminToLdap($connection);
             return response()->json(['message' => 'It worked!'], 200);
         } catch (\Exception $e) {
             return response()->json(['message' => $e->getMessage()], 500);
         }
         return response()->json(['message' => 'It worked!'], 200);
     } catch (\Exception $e) {
         return response()->json(['message' => $e->getMessage()], 500);
     }
 }
Esempio n. 4
0
 /**
  * Searches LDAP
  *
  * @author [A. Gianotto] [<*****@*****.**>]
  * @since [v3.0]
  * @param $ldapatttibutes
  * @return array|bool
  */
 static function findLdapUsers()
 {
     $ldapconn = Ldap::connectToLdap();
     $ldap_bind = Ldap::bindAdminToLdap($ldapconn);
     $base_dn = Setting::getSettings()->ldap_basedn;
     $filter = Setting::getSettings()->ldap_filter;
     // Set up LDAP pagination for very large databases
     // @author Richard Hofman
     $page_size = 500;
     $cookie = '';
     $result_set = array();
     $global_count = 0;
     // Perform the search
     do {
         // Paginate (non-critical, if not supported by server)
         ldap_control_paged_result($ldapconn, $page_size, false, $cookie);
         $search_results = ldap_search($ldapconn, $base_dn, '(' . $filter . ')');
         if (!$search_results) {
             return redirect()->route('users')->with('error', trans('admin/users/message.error.ldap_could_not_search') . ldap_error($ldapconn));
         }
         // Get results from page
         $results = ldap_get_entries($ldapconn, $search_results);
         if (!$results) {
             return redirect()->route('users')->with('error', trans('admin/users/message.error.ldap_could_not_get_entries') . ldap_error($ldapconn));
         }
         // Add results to result set
         $global_count += $results['count'];
         $result_set = array_merge($result_set, $results);
         ldap_control_paged_result_response($ldapconn, $search_results, $cookie);
     } while ($cookie !== null && $cookie != '');
     // Clean up after search
     $result_set['count'] = $global_count;
     $results = $result_set;
     ldap_control_paged_result($ldapconn, 0);
     return $results;
 }
Esempio n. 5
0
 /**
  * Account sign in form processing.
  *
  * @return Redirect
  */
 public function login(Request $request)
 {
     $validator = $this->validator(Input::all());
     if ($validator->fails()) {
         return redirect()->back()->withInput()->withErrors($validator);
     }
     // Should we even check for LDAP users?
     if (Setting::getSettings()->ldap_enabled == '1') {
         LOG::debug("LDAP is enabled.");
         // Check if the user exists in the database
         $user = User::where('username', '=', Input::get('username'))->whereNull('deleted_at')->first();
         LOG::debug("Local auth lookup complete");
         try {
             Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'));
             LOG::debug("Binding user to LDAP.");
         } catch (\Exception $e) {
             LOG::debug("User " . Input::get('username') . ' did not authenticate successfully against LDAP.');
             //$ldap_error = $e->getMessage();
             // return redirect()->back()->withInput()->with('error',$e->getMessage());
         }
         // The user does not exist in the database. Try to get them from LDAP.
         // If user does not exist and authenticates sucessfully with LDAP we
         // will create it on the fly and sign in with default permissions
         if (!$user) {
             LOG::debug("Local user " . Input::get('username') . " does not exist");
             try {
                 if ($userattr = Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'))) {
                     LOG::debug("Creating local user " . Input::get('username'));
                     if ($newuser = Ldap::createUserFromLdap($userattr)) {
                         LOG::debug("Local user created..");
                     } else {
                         LOG::debug("Could not create local user.");
                     }
                 } else {
                     LOG::debug("User did not authenticate correctly against LDAP. No local user was created.");
                 }
             } catch (\Exception $e) {
                 return redirect()->back()->withInput()->with('error', $e->getMessage());
             }
             // If the user exists and they were imported from LDAP already
         } else {
             LOG::debug("Local user " . Input::get('username') . " exists in database. Authenticating existing user against LDAP.");
             if ($ldap_user = Ldap::findAndBindUserLdap($request->input('username'), $request->input('password'))) {
                 $ldap_attr = Ldap::parseAndMapLdapAttributes($ldap_user);
                 LOG::debug("Valid LDAP login. Updating the local data.");
                 $user->password = bcrypt($request->input('password'));
                 $user->email = $ldap_attr['email'];
                 $user->first_name = $ldap_attr['firstname'];
                 $user->last_name = $ldap_attr['lastname'];
                 $user->save();
             } else {
                 LOG::debug("User " . Input::get('username') . " did not authenticate correctly against LDAP. Local user was not updated.");
             }
             // End LDAP auth
         }
         // End if(!user)
         // NO LDAP enabled - just try to login the user normally
     }
     LOG::debug("Authenticating user against database.");
     // Try to log the user in
     if (!Auth::attempt(Input::only('username', 'password'), Input::get('remember-me', 0))) {
         LOG::debug("Local authentication failed.");
         // throw new Cartalyst\Sentry\Users\UserNotFoundException();
         return redirect()->back()->withInput()->with('error', trans('auth/message.account_not_found'));
     }
     // Get the page we were before
     $redirect = \Session::get('loginRedirect', 'home');
     // Unset the page we were before from the session
     \Session::forget('loginRedirect');
     // Redirect to the users page
     return redirect()->to($redirect)->with('success', trans('auth/message.signin.success'));
     // Ooops.. something went wrong
     return redirect()->back()->withInput()->withErrors($this->messageBag);
 }
Esempio n. 6
0
 /**
  * LDAP form processing.
  *
  * @author Aladin Alaily
  * @since [v1.8]
  * @return Redirect
  */
 public function postLDAP(Request $request)
 {
     ini_set('max_execution_time', 600);
     //600 seconds = 10 minutes
     ini_set('memory_limit', '500M');
     $ldap_result_username = Setting::getSettings()->ldap_username_field;
     $ldap_result_last_name = Setting::getSettings()->ldap_lname_field;
     $ldap_result_first_name = Setting::getSettings()->ldap_fname_field;
     $ldap_result_active_flag = Setting::getSettings()->ldap_active_flag_field;
     $ldap_result_emp_num = Setting::getSettings()->ldap_emp_num;
     $ldap_result_email = Setting::getSettings()->ldap_email;
     try {
         $ldapconn = Ldap::connectToLdap();
     } catch (\Exception $e) {
         return redirect()->back()->withInput()->with('error', $e->getMessage());
     }
     try {
         Ldap::bindAdminToLdap($ldapconn);
     } catch (\Exception $e) {
         return redirect()->back()->withInput()->with('error', $e->getMessage());
     }
     $summary = array();
     $results = Ldap::findLdapUsers();
     $tmp_pass = substr(str_shuffle("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"), 0, 20);
     $pass = bcrypt($tmp_pass);
     for ($i = 0; $i < $results["count"]; $i++) {
         if (empty($ldap_result_active_flag) || $results[$i][$ldap_result_active_flag][0] == "TRUE") {
             $item = array();
             $item["username"] = isset($results[$i][$ldap_result_username][0]) ? $results[$i][$ldap_result_username][0] : "";
             $item["employee_number"] = isset($results[$i][$ldap_result_emp_num][0]) ? $results[$i][$ldap_result_emp_num][0] : "";
             $item["lastname"] = isset($results[$i][$ldap_result_last_name][0]) ? $results[$i][$ldap_result_last_name][0] : "";
             $item["firstname"] = isset($results[$i][$ldap_result_first_name][0]) ? $results[$i][$ldap_result_first_name][0] : "";
             $item["email"] = isset($results[$i][$ldap_result_email][0]) ? $results[$i][$ldap_result_email][0] : "";
             // User exists
             $item["createorupdate"] = 'updated';
             if (!($user = User::where('username', $item["username"])->first())) {
                 $user = new User();
                 $user->password = $pass;
                 $item["createorupdate"] = 'created';
             }
             // Create the user if they don't exist.
             $user->first_name = e($item["firstname"]);
             $user->last_name = e($item["lastname"]);
             $user->username = e($item["username"]);
             $user->email = e($item["email"]);
             $user->employee_num = e($item["employee_number"]);
             $user->activated = 1;
             if ($request->input('location_id') != '') {
                 $user->location_id = e($request->input('location_id'));
             }
             $user->notes = 'Imported from LDAP';
             $user->ldap_import = 1;
             $errors = '';
             if ($user->save()) {
                 $item["note"] = $item["createorupdate"];
                 $item["status"] = 'success';
             } else {
                 foreach ($user->getErrors()->getMessages() as $key => $err) {
                     $errors .= '<li>' . $err[0];
                 }
                 $item["note"] = $errors;
                 $item["status"] = 'error';
             }
             array_push($summary, $item);
         }
     }
     return redirect()->route('ldap/user')->with('success', "LDAP Import successful.")->with('summary', $summary);
 }