コード例 #1
0
ファイル: factory.php プロジェクト: philbertphotos/JMapMyLDAP
 /**
  * Gets the user adapter for the user specified. Creates a new user
  * adapter if one doesnt already exist for the user.
  *
  * @param   array|string  $user     Either a username string or array of credentials including JUser ID and domain.
  * @param   string        $type     Type of adapter (e.g. ldap, xml, federated).
  * @param   array         $options  An array of optional options including isNew.
  *
  * @return  SHUserAdapter  Object to user adapter.
  *
  * @since   2.0
  * @throws  Exception
  */
 public static function getUserAdapter($user, $type = null, $options = array())
 {
     if (is_array($user)) {
         $username = strtolower(JArrayHelper::getValue($user, 'username', null, 'string'));
         $credentials = $user;
     } else {
         $username = strtolower((string) $user);
         $credentials = array('username' => $username);
     }
     if (empty($username)) {
         throw new RuntimeException(JText::_('LIB_SHFACTORY_ERR_2121'), 2121);
     }
     if (!isset(self::$adapters[$username])) {
         $config = self::getConfig();
         // Check if this user is in the blacklist
         if ($blacklist = (array) json_decode($config->get('user.blacklist'))) {
             if (in_array($username, $blacklist)) {
                 throw new RuntimeException(JText::sprintf('LIB_SHFACTORY_ERR_2125', $username), 2125);
             }
         }
         // Attempts to get the user linking entry to determine domain and type of user
         //TODO: allow multiple domains from links
         if ($links = SHAdapterMap::getUser($username)) {
             if ((bool) $config->get('user.usedomain', true)) {
                 if (!isset($credentials['domain'])) {
                     // Attempt to get the domain for this user
                     $credentials['domain'] = $links[0]['domain'];
                 }
             } else {
                 unset($credentials['domain']);
             }
             if (!isset($credentials['type']) && is_null($type)) {
                 // Attempt to get the User Adapter name
                 $type = $links[0]['adapter'];
             }
         }
         if (is_null($type)) {
             // Get the default/primary user adapter type from the database
             $type = $config->get('user.type', 'Default');
         }
         // Camel case friendly for class name
         $type = ucfirst(strtolower($type));
         $class = "SHUserAdapters{$type}";
         if (class_exists($class)) {
             // Create the adapter (note: remember to unset if using multiple adapters!)
             self::$adapters[$username] = new $class($credentials, null, $options);
         } else {
             throw new RuntimeException(JText::sprintf('LIB_SHFACTORY_ERR_2123', $class), 2123);
         }
     } else {
         // Update credentials if required
         if ($password = JArrayHelper::getValue($user, 'password', false)) {
             self::$adapters[$username]->updateCredential($password, $options);
         }
     }
     return self::$adapters[$username];
 }
コード例 #2
0
ファイル: helper.php プロジェクト: philbertphotos/JMapMyLDAP
 /**
  * Returns if the current or specified user was authenticated
  * via LDAP.
  *
  * @param   JUser|integer|array  $user  Optional user id (if null then uses current user).
  *
  * @return  boolean  True if user is Ldap authenticated or False otherwise.
  *
  * @since   2.0
  * @deprecated  [2.1] Use SHAdapterMap::getUser instead.
  */
 public static function isUserLdap($user = null)
 {
     // This is inefficient but has to be done to prevent issues with numeric usernames
     if (!($id = JUserHelper::getUserId($user))) {
         $id = $user;
     }
     if ($links = SHAdapterMap::getUser($id, true)) {
         if (strtolower($links[0]['adapter']) === 'ldap') {
             return true;
         }
     }
     return false;
 }
コード例 #3
0
 /**
  * Entry point for the script.
  *
  * @return  void
  *
  * @since   2.0
  */
 public function doExecute()
 {
     // Setup some stats
     $failed = 0;
     $success = 0;
     $errors = array();
     // It appears we have to tell the system we are running with the site otherwise bad things happen
     JFactory::getApplication('site');
     $this->out(JText::_('CLI_SHMANIC_LDAP_INFO_13001'));
     // Get all the valid configurations
     if (!($configs = SHLdapHelper::getConfig())) {
         // Failed to find any Ldap configs
         $this->out(JText::_('CLI_SHMANIC_LDAP_ERR_13003'));
         $this->close(1);
     }
     // Check if only a single config was found
     if ($configs instanceof JRegistry) {
         /*
          * To make things easier, we pretend we returned multiple Ldap configs
          * by casting the single entry into an array.
          */
         $configs = array($configs);
     }
     $count = count($configs);
     $this->out(JText::sprintf('CLI_SHMANIC_LDAP_INFO_13002', $count))->out();
     // Loop around each LDAP configuration
     foreach ($configs as $config) {
         try {
             // Get a new Ldap object
             $ldap = new SHLdap($config);
             // Bind with the proxy user
             if (!$ldap->authenticate(SHLdap::AUTH_PROXY)) {
                 // Something is wrong with this LDAP configuration - cannot bind to proxy user
                 $errors[] = new Exception(JText::sprintf('CLI_SHMANIC_LDAP_ERR_13011', $ldap->info), 13011);
                 unset($ldap);
                 continue;
             }
             // Get all the Ldap users in the directory
             if (!($result = $ldap->search(null, $ldap->allUserFilter, array('dn', $ldap->keyUid)))) {
                 // Failed to search for all users in the directory
                 $errors[] = new Exception(JText::sprintf('CLI_SHMANIC_LDAP_ERR_13012', $ldap->getErrorMsg()), 13012);
                 unset($ldap);
                 continue;
             }
             // Loop around each Ldap user
             for ($i = 0; $i < $result->countEntries(); ++$i) {
                 // Get the Ldap username (case insensitive)
                 if (!($username = strtolower($result->getValue($i, $ldap->keyUid, 0)))) {
                     continue;
                 }
                 try {
                     // Check if this user is in the blacklist
                     if ($blacklist = (array) json_decode(SHFactory::getConfig()->get('user.blacklist'))) {
                         if (in_array($username, $blacklist)) {
                             throw new RuntimeException(JText::_('CLI_SHMANIC_LDAP_ERR_13025'), 13025);
                         }
                     }
                     // Create the new user adapter
                     $adapter = new SHUserAdaptersLdap(array('username' => $username), $config);
                     // Get the Ldap DN
                     if (!($dn = $adapter->getId(false))) {
                         continue;
                     }
                     $this->out(JText::sprintf('CLI_SHMANIC_LDAP_INFO_13020', $username));
                     // Get the Ldap user attributes
                     $source = $adapter->getAttributes();
                     // Get the core mandatory J! user fields
                     $username = $adapter->getUid();
                     $fullname = $adapter->getFullname();
                     $email = $adapter->getEmail();
                     if (empty($fullname)) {
                         // Full name doesnt exist; use the username instead
                         $fullname = $username;
                     }
                     if (empty($email)) {
                         // Email doesnt exist; cannot proceed
                         throw new Exception(JText::_('CLI_SHMANIC_LDAP_ERR_13022'), 13022);
                     }
                     // Create the user array to enable creating a JUser object
                     $user = array('fullname' => $fullname, 'username' => $username, 'password_clear' => null, 'email' => $email);
                     // Create a JUser object from the Ldap user
                     $options = array('adapter' => &$adapter);
                     $instance = SHUserHelper::getUser($user, $options);
                     if ($instance === false) {
                         // Failed to get the user either due to save error or autoregister
                         throw new Exception(JText::_('CLI_SHMANIC_LDAP_ERR_13024'), 13024);
                     }
                     // Fire the Ldap specific on Sync feature
                     $sync = SHLdapHelper::triggerEvent('onLdapSync', array(&$instance, $options));
                     // Check if the synchronise was successfully and report
                     if ($sync !== false) {
                         // Even if the sync does not need a save, do it anyway as Cron efficiency doesnt matter too much
                         SHUserHelper::save($instance);
                         // Update the user map linker
                         SHAdapterMap::setUser($adapter, $instance->id);
                         // Above should throw an exception on error so therefore we can report success
                         $this->out(JText::sprintf('CLI_SHMANIC_LDAP_INFO_13029', $username));
                         ++$success;
                     } else {
                         throw new Exception(JText::_('CLI_SHMANIC_LDAP_ERR_13026'), 13026);
                     }
                     unset($adapter);
                 } catch (Exception $e) {
                     unset($adapter);
                     ++$failed;
                     $errors[] = new Exception(JText::sprintf('CLI_SHMANIC_LDAP_ERR_13028', $username, $e->getMessage()), $e->getCode());
                 }
             }
         } catch (Exception $e) {
             $errors[] = new Exception(JText::_('CLI_SHMANIC_LDAP_ERR_13004'), 13004);
         }
     }
     // Print out some results and stats
     $this->out()->out()->out(JText::_('CLI_SHMANIC_LDAP_INFO_13032'))->out();
     $this->out(JText::_('CLI_SHMANIC_LDAP_INFO_13038'));
     foreach ($errors as $error) {
         if ($error instanceof Exception) {
             $this->out(' ' . $error->getCode() . ': ' . $error->getMessage());
         } else {
             $this->out(' ' . (string) $error);
         }
     }
     $this->out()->out(JText::sprintf('CLI_SHMANIC_LDAP_INFO_13034', $success));
     $this->out(JText::sprintf('CLI_SHMANIC_LDAP_INFO_13036', $failed));
     $this->out()->out('============================');
 }
コード例 #4
0
ファイル: bouncer.php プロジェクト: philbertphotos/JMapMyLDAP
 /**
  * Method is called on user login failure.
  *
  * @param   array  $response  The authentication response.
  *
  * @return  void
  *
  * @since   2.0
  */
 public function onUserLoginFailure($response)
 {
     if ($username = JArrayHelper::getValue($response, 'username', false, 'string')) {
         // Check if the user exists in the J! database
         if ($id = JUserHelper::getUserId($username)) {
             // Check if the attempted login was an adapter user, if so then fire the event
             if ($userLink = SHAdapterMap::getUser($id, true)) {
                 SHAdapterEventHelper::triggerEvent($userLink[0]['adapter'], 'onUserLoginFailure', array($response));
             }
         }
     }
 }