public function testSetAndGetPassword()
{
$passwordExpected = 'somePassword';
$passwordActual = $this->_adapter->setPassword($passwordExpected)
->getPassword();
$this->assertSame($passwordExpected, $passwordActual);
}
public function testSetCredentialProxiesToSetPassword()
{
$passwordExpected = 'somePassword';
$passwordActual = $this->_adapter->setCredential($passwordExpected)
->getPassword();
$this->assertSame($passwordExpected, $passwordActual);
}
/**
* Performs an authentication attempt.
*
* @return Zend_Auth_Result The result of the authentication.
*/
public function authenticate()
{
// Use the parent method to authenticate the user.
$result = parent::authenticate();
// Check if user actually authenticated.
if ($result->isValid()) {
if (get_option('central_auth_email')) {
// If user matching is by email, create email address.
$lookup = $this->getUsername() . '@' . get_option('central_auth_email_domain');
// Lookup the user by their email address in the user table.
$user = get_db()->getTable('User')->findByEmail($lookup);
} else {
// Otherwise use the username.
$lookup = $this->getUsername();
// Lookup the user by their username in the user table.
$user = get_db()->getTable('User')->findBySql('username = ?', array($lookup), true);
}
// If the user was found and active, return success.
if ($user && $user->active) {
return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $user->id);
}
// Return that the user does not have an active account.
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND, $lookup, array(__('User matching "%s" not found.', $lookup)));
}
// Otherwise, log messages to error log.
$messages = $result->getMessages();
_log('CentralAuth_LdapAdapter: ' . implode("\n", $messages), Zend_Log::ERR);
// Return the parent's result with error message meant for user.
return new Zend_Auth_Result($result->getCode(), $result->getIdentity(), array($messages[0]));
}
/**
* @description do auth
* @throws Exception
* @param object $controller
* @return mixed
* @author Se#
* @version 0.0.1
*/
public function doAuth($controller)
{
if (!($config = $this->getConfig())) {
throw new Exception(' Missed ldap options ');
}
if (!isset($config['servers'])) {
throw new Exception(' Missed servers options');
}
list($login, $password) = $this->getLoginAndPassword($controller, $config);
$adapter = new Zend_Auth_Adapter_Ldap($config, $login, $password);
$result = $adapter->authenticate();
if ($result->isValid()) {
return $result->getIdentity();
} else {
return -1;
}
}
/**
* Implementacja metody z interfejsu Zend_Auth_Adapter_Interface
* @see Zend_Auth_Adapter_Interface::authenticate()
* @return Zend_Auth_Result
*/
public function authenticate()
{
if (empty($this->_username)) {
throw new Zend_Auth_Adapter_Exception('Nie podano loginu!');
}
if (empty($this->_password)) {
throw new Zend_Auth_Adapter_Exception('Nie podano hasła!');
}
$config = Zend_Registry::get('config');
$this->_options = $config['ldap'];
$resultLDAP = parent::authenticate();
if ($resultLDAP->isValid()) {
$userModel = new User();
$userRow = $userModel->fetchRow(array('login = ?' => new Zend_Db_Expr("UPPER('{$this->_username}')"), 'ghost = ?' => 'f', 'is_locked = ?' => 'f', new Zend_Db_Expr('valid_until > NOW()')));
if ($userRow !== null) {
$identity = $this->_toStdClass($userRow);
unset($identity->password);
$ldapData = parent::getAccountObject();
$identity->ldap = $ldapData;
$branchModel = new Branch();
$identity->id_branch = ODDZIAL_ID;
$identity->view_branch = ODDZIAL_ID;
$data = $branchModel->find($identity->id_branch);
$d = $data->current()->toArray();
$d['application_code'] = 'getin';
$identity->jednostka = $d;
$identity->user_backend_apps_logins = null;
$identity->default_branches[$d['application_code']]['default_login'] = '******';
$this->_authResult['code'] = Zend_Auth_Result::SUCCESS;
$this->_authResult['messages'] = 'Autoryzacja pomyślna.';
$this->_authResult['identity'] = $identity;
return $this->_createAuthResult();
} else {
$this->_authResult['code'] = Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND;
$this->_authResult['messages'] = 'Konto nieaktywne lub zablokowane.';
return $this->_createAuthResult();
}
} else {
$this->_authResult['code'] = Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID;
$this->_authResult['messages'] = 'Nieprawidłowe dane logowania.';
return $this->_createAuthResult();
}
}
/**
* Sets username and password for authentication
*
* @return void
*/
public function __construct($username, $password, array $arrayOfOptions = array())
{
$this->_identityUserName = $username;
try {
if (!is_array($arrayOfOptions)) {
throw new USVN_Exception(T_("LDAP options must be an array!"));
}
if (!isset($arrayOfOptions[0]) || !is_array($arrayOfOptions[0])) {
$arrayOfOptions = array($arrayOfOptions);
}
foreach ($arrayOfOptions as &$options) {
if (array_key_exists('bindDnFormat', $options)) {
$username = sprintf($options['bindDnFormat'], $username);
unset($options['bindDnFormat']);
}
}
parent::__construct($arrayOfOptions, $username, $password);
} catch (Exception $e) {
throw new USVN_Exception($e->getMessage());
}
}
public function testAccountObjectRetrievalWithOmittedAttributes()
{
$adapter = new Zend_Auth_Adapter_Ldap(array($this->_options), TESTS_ZEND_LDAP_ALT_USERNAME, TESTS_ZEND_LDAP_ALT_PASSWORD);
$result = $adapter->authenticate();
$account = $adapter->getAccountObject(array(), array('userPassword'));
$this->assertType('stdClass', $account);
$this->assertFalse(isset($account->userpassword));
}
public function __construct(array $options = array(), $username = null, $password = null)
{
$options = Dfi_Ldap_Config::getConfig(true, 'ldap.servers');
parent::__construct($options, $username, $password);
// TODO: Change the autogenerated stub
}
public function testMismatchDomainAuth()
{
$adapter = new Zend_Auth_Adapter_Ldap(array($this->_options), 'EXAMPLE\\doesntmatter', 'doesntmatter');
$result = $adapter->authenticate();
$this->assertTrue($result instanceof Zend_Auth_Result);
$this->assertFalse($result->isValid());
$this->assertThat($result->getCode(), $this->lessThanOrEqual(Zend_Auth_Result::FAILURE));
$messages = $result->getMessages();
$this->assertContains('not found', $messages[0]);
}
/**
* set password
*
* @param string $_credential
* @return Tinebase_Auth_Ldap
*/
public function setCredential($_credential)
{
parent::setPassword($_credential);
return $this;
}
public function auth($username, $password)
{
try {
$config = new Zend_Config_Ini('configs/ad-conf.ini', 'production');
$options = $config->get('ldap')->get('servers')->toArray();
$adapter = new Zend_Auth_Adapter_Ldap($options, $username, $password);
$result = $adapter->authenticate();
$messages = $result->getMessages();
$logger = Zend_Registry::get('ADLogger');
$filter = new Zend_Log_Filter_Priority(Zend_Log::DEBUG);
$logger->addFilter($filter);
foreach ($messages as $i => $message) {
if ($i-- > 1) {
// $messages[2] and up are log messages
$message = str_replace("\n", "\n ", $message);
$logger->log("Ldap: {$i}: {$message}", Zend_Log::DEBUG);
}
}
return $result->isValid();
} catch (Exception $e) {
Dfi_Controller_Action_Helper_Messages::getInstance()->addMessage('debug', $e->getMessage());
return false;
}
}