/** * Processes LDAP search results and constructs their model instances. * * @param resource $results * * @return array */ public function process($results) { // Normalize entries. Get entries returns false on failure. // We'll always want an array in this situation. $entries = $this->connection->getEntries($results) ?: []; if ($this->builder->isRaw()) { // If the builder is asking for a raw // LDAP result, we can return here. return $entries; } $models = []; if (Arr::has($entries, 'count')) { for ($i = 0; $i < $entries['count']; $i++) { // We'll go through each entry and construct a new // model instance with the raw LDAP attributes. $models[] = $this->newLdapEntry($entries[$i]); } } if (!$this->builder->isPaginated()) { // If the current query isn't paginated, // we'll sort the models array here. $models = $this->processSort($models); } return $models; }
/** * Prepares the connection by setting configured parameters. * * @return void */ protected function prepareConnection() { if ($this->configuration->get('use_ssl')) { $this->connection->ssl(); } elseif ($this->configuration->get('use_tls')) { $this->connection->tls(); } $this->connection->setOptions([LDAP_OPT_PROTOCOL_VERSION => $this->configuration->get('version'), LDAP_OPT_NETWORK_TIMEOUT => $this->configuration->get('timeout'), LDAP_OPT_REFERRALS => $this->configuration->get('follow_referrals')]); }
/** * {@inheritdoc} */ public function bindUsingKerberos($kerberosCredentials) { $key = 'KRB5CCNAME='; putenv($key . $kerberosCredentials); if ($this->connection->bind(null, null, true) === false) { $error = $this->connection->getLastError(); $message = "Bind to Active Directory failed. AD said: {$error}"; throw new BindException($message); } }
/** * Binds to the LDAP server as the configured administrator. * * @throws AdldapException */ protected function bindAsAdministrator() { $adminUsername = $this->configuration->getAdminUsername(); $adminPassword = $this->configuration->getAdminPassword(); $this->bindUsingCredentials($adminUsername, $adminPassword); if ($this->connection->isBound() === false) { $error = $this->connection->getLastError(); throw new AdldapException("Rebind to Active Directory failed. AD said: {$error}"); } }
/** * {@inheritdoc} */ public function bind($username, $password, $prefix = null, $suffix = null) { // We'll allow binding with a null username and password // if their empty. This will allow us to anonymously // bind to our servers if needed. $username = $username ?: null; $password = $password ?: null; if ($username) { // If the username isn't empty, we'll append the configured // account prefix and suffix to bind to the LDAP server. $prefix = $prefix ?: $this->configuration->get('account_prefix'); $suffix = $suffix ?: $this->configuration->get('account_suffix'); $username = $prefix . $username . $suffix; } // We'll mute any exceptions / warnings here. All we need to know // is if binding failed and we'll throw our own exception. if (!@$this->connection->bind($username, $password)) { throw new BindException($this->connection->getLastError(), $this->connection->errNo()); } }
/** * Prepares the connection by setting configured parameters. * * @return void */ protected function prepareConnection() { // Set the beginning protocol options on the connection // if they're set in the configuration. if ($this->configuration->getUseSSL()) { $this->connection->useSSL(); } elseif ($this->configuration->getUseTLS()) { $this->connection->useTLS(); } // If we've set SSO to true, we'll make sure we check if // SSO is supported, and if so we'll bind it to // the current LDAP connection. if ($this->configuration->getUseSSO() && $this->connection->isSaslSupported()) { $this->connection->useSSO(); } }
/** * Binds to the LDAP server as the configured administrator. * * @throws AdldapException * * @return bool */ protected function bindAsAdministrator() { $adminUsername = $this->configuration->getAdminUsername(); $adminPassword = $this->configuration->getAdminPassword(); $adminSuffix = $this->configuration->getAdminAccountSuffix(); if (empty($adminSuffix)) { // If the admin suffix is empty, we'll use the default account suffix. $adminSuffix = $this->configuration->getAccountSuffix(); } $this->bindUsingCredentials($adminUsername, $adminPassword, $adminSuffix); if ($this->connection->isBound() === false) { $error = $this->connection->getLastError(); throw new AdldapException("Rebind to Active Directory failed. AD said: {$error}"); } return true; }
/** * Deletes the current entry. * * @return bool * * @throws EntryDoesNotExistException * @throws AdldapException */ public function delete() { $dn = $this->getDn(); if (!$this->exists) { // Make sure the record exists before we can delete it $message = 'Entry does not exist in active directory.'; throw new EntryDoesNotExistException($message); } else { if (is_null($dn) || empty($dn)) { // If the record exists but the DN attribute does // not exist, we can't process a delete. $message = 'Unable to delete. The current entry does not have a distinguished name present.'; throw new AdldapException($message); } } return $this->connection->delete($dn); }
/** * Binds to the current connection using the * inserted credentials. * * @param string $username * @param string $password * * @returns bool * * @throws AdldapException */ private function bindUsingCredentials($username, $password) { // Allow binding with null credentials if (empty($username)) { $username = null; } else { $username .= $this->configuration->getAccountSuffix(); } if (empty($password)) { $password = null; } if (!$this->connection->bind($username, $password)) { $error = $this->connection->getLastError(); if ($this->connection->isUsingSSL() && !$this->connection->isUsingTLS()) { $message = 'Bind to Active Directory failed. Either the LDAPs connection failed or the login credentials are incorrect. AD said: ' . $error; } else { $message = 'Bind to Active Directory failed. Check the login credentials and/or server details. AD said: ' . $error; } throw new AdldapException($message); } return true; }
/** * Paginates the current LDAP query. * * @param int $perPage * @param int $currentPage * @param bool $isCritical * * @return Paginator|bool */ public function paginate($perPage = 50, $currentPage = 0, $isCritical = true) { $this->paginated = true; $pages = []; $cookie = ''; do { $this->connection->controlPagedResult($perPage, $isCritical, $cookie); // Run the search. $resource = $this->connection->search($this->getDn(), $this->getQuery(), $this->getSelects()); if ($resource) { $this->connection->controlPagedResultResponse($resource, $cookie); // We'll collect each resource result into the pages array. $pages[] = $resource; } } while (!empty($cookie)); $paginator = $this->newProcessor()->processPaginated($pages, $perPage, $currentPage); // Reset paged result on the current connection. We won't pass in the current $perPage // parameter since we want to reset the page size to the default '1000'. Sending '0' // eliminates any further opportunity for running queries in the same request, // even though that is supposed to be the correct usage. $this->connection->controlPagedResult(); return $paginator; }
/** * Processes LDAP search results into a nice array. * * If raw is not set to true, an ArrayCollection is returned. * * @param resource $results * * @return array|ArrayCollection */ private function processResults($results) { $entries = $this->connection->getEntries($results); if ($this->raw === true) { return $entries; } else { $models = []; if (is_array($entries) && array_key_exists('count', $entries)) { for ($i = 0; $i < $entries['count']; $i++) { $models[] = $this->newLdapEntry($entries[$i]); } } return $models; } }
/** * Sorts LDAP search results. * * @param $results * * @return void */ private function processSort($results) { if (!empty($this->sortByField)) { $this->connection->sort($results, $this->sortByField); } }
/** * Processes LDAP search results into a nice array. * * If raw is not set to true, an ArrayCollection is returned. * * @param resource $results * * @return array|ArrayCollection */ private function processResults($results) { $entries = $this->connection->getEntries($results); if ($this->raw === true) { return $entries; } else { $models = []; if (is_array($entries) && array_key_exists('count', $entries)) { for ($i = 0; $i < $entries['count']; $i++) { $models[] = $this->newLdapEntry($entries[$i]); } } // If the current query isn't paginated, we'll // sort the models array here if (!$this->paginated) { $models = $this->processSort($models); } return $models; } }