/** * @inheritdoc */ public function validateCredentials(UserInterface $user, array $credentials) { $plain = $credentials[Loader::password()]; if (Hash::check($plain, $user->getAuthPassword())) { return true; } if ($this->delegator->provider($credentials)->authenticate()) { return true; } return null; }
/** * @inheritdoc */ public function setCredentials(array $credentials) { if ($credentials) { $this->credentials = $credentials; $this->username = $this->credentials[Loader::username()]; if (strstr($this->username, "@")) { list($this->login, $this->domain) = explode("@", $this->username); } $this->password = $this->credentials[Loader::password()]; } return $this; }
/** * @inheritdoc */ public function authenticate() { $users = Loader::domain($this->domain)['users']; if (!isset($users[$this->username])) { return null; } $password = $users[$this->username]; if (Hash::check($this->password, $password)) { $newUser = $this->model(); $newUser->{Loader::username()} = $this->username; $newUser->{Loader::password()} = $password; $newUser->enabled = true; $newUser->save(); return $newUser; } return null; }
/** * Map ldap user to model * * @param array $ldap * @param UserInterface|\Eloquent $model * * @return mixed */ public function map($ldap, UserInterface $model) { if (!isset($ldap[strtolower($this->mappings['fields'][Loader::username()])])) { return false; } foreach ($this->mappings['fields'] as $field => $mapped) { $mapped = strtolower($mapped); if (!isset($ldap[$mapped])) { continue; } if ($mapped == 'useraccountcontrol') { if (!in_array($ldap[$mapped][0], $this->locked)) { $ldap[$mapped][0] = true; } else { $ldap[$mapped][0] = false; } } $model->{$field} = $ldap[$mapped][0]; } $model->save(); return $model; }
/** * Authenticate user * * @throws \Exception * @return UserInterface|bool */ public function authenticate() { $ipAddress = Request::getClientIp(); if (!($config = Loader::ip())) { return false; } isset($config['model']) ? $model = $config['model'] : ($model = 'Ip'); isset($config['ip_address_field']) ? $field = $config['ip_address_field'] : ($field = 'address'); isset($config['relation']) ? $relation = $config['relation'] : ($relation = 'user'); $class = '\\' . ltrim($model, '\\'); if (!class_exists($class)) { throw new \Exception("Class '" . $model . "' not found for ip address authentication provider. Check config."); } $ipModel = new $class(); /** * @var \Ip $ipModel */ if ($exists = $ipModel->where($field, $ipAddress)->first()) { $user = $exists->{$relation}; return $user; } return false; }
/** * @inheritdoc */ public function authenticate() { if (!extension_loaded('imap')) { throw new \Exception("Cannot use IMAP provider without imap module.", 1); } $this->config = Loader::domain($this->domain); foreach ($this->config['hosts'] as $name => $address) { try { $this->connection = \imap_open("{" . $address . "/novalidate-cert}", $this->username, $this->password, null, 1, array("DISABLE_AUTHENTICATOR" => "GSSAPI")); if ($this->connection) { break; } } catch (\Exception $e) { Log::warning(' [IMAP] Cannot connect to ' . $name . ': ' . $e->getMessage()); } } if (!$this->connection) { return false; } if ($user = $this->resolver->native()->findBy($this->config['mappings'][Loader::username()], $this->username)) { return $user; } return false; }
/** * @inheritdoc */ public function findByToken($identifier, $token) { $connections = Loader::connections(); foreach ($connections as $connection) { if ($user = $this->findByTokenIn($connection, $identifier, $token)) { return $user; } } return null; }
/** * Get native provider from chain * * @return bool|NativeProviderInterface */ public function native() { return $this->get(Loader::native()); }
/** * @inheritdoc */ public function register($user) { $mapping = new LdapMapping($this->config['mappings']); $user[Loader::password()][0] = Hash::make($this->password); return $mapping->map($user, $this->model()); }
/** * Execute the console command. * * @return void */ public function fire() { $domain = $this->argument('domain'); $username = $this->option('username'); $password = $this->option('password'); if (!$username) { $username = $this->ask('<info>Administrator username for <error>' . $domain . '</error>: </info>'); } if (!strstr($username, '@')) { $username .= '@' . $domain; } if (!$password) { $password = $this->secret('<info>Password: </info>'); } if (!Loader::hasDomain($domain)) { $this->error('Domain ' . $domain . ' not found in configuration.'); exit(1); } $config = Loader::domain($domain); $ldap = new Connection(); $ldap->connect($config['hosts']); if (!$ldap->bind($username, $password)) { $this->error('Bind to ' . $domain . ' with user ' . $username . ' failed.'); exit(1); } $entries = $ldap->search($config['baseDN'], $config['mappings'], '(&(objectClass=user)(objectCategory=person))'); if (!$entries) { $this->error('Users not found.'); exit(1); } $ldapMapping = new LdapMapping($config['mappings']); $class = '\\' . ltrim(Loader::user(), '\\'); $usernameField = strtolower($config['mappings']['fields'][Loader::username()]); foreach ($entries as $entry) { if (!is_array($entry)) { continue; } if (!isset($entry[$usernameField])) { continue; } $model = new $class(); $user = $model->where(Loader::username(), $entry[$usernameField][0])->first(); if ($user) { $model = $user; $this->info('Updating ' . $entry[$usernameField][0]); } else { $this->info('Adding ' . $entry[$usernameField][0]); } $ldapMapping->map($entry, $model); } }
/** * Get default domain for authentication without domain * * @return string|bool */ private function defaultDomain() { foreach (Loader::domains() as $domain => $parameters) { if (isset($parameters['default']) and $parameters['default']) { return $domain; } } return false; }