/** * @inheritdoc */ public function authenticate() { if ($user = $this->findBy(Loader::username(), $this->username)) { if (Hash::check($this->password, $user->getAuthPassword())) { return $user; } } return null; }
/** * @inheritdoc */ public function retrieveByCredentials(array $credentials) { $identifier = Loader::username(); $username = $credentials[$identifier]; if ($user = $this->delegator->native()->findBy($identifier, $username)) { return $user; } if ($user = $this->delegator->provider($credentials)->authenticate() and $this->validateCredentials($user, $credentials)) { return $user; } return null; }
/** * @inheritdoc */ public function setCredentials(array $credentials) { if ($credentials) { $this->credentials = $credentials; $this->username = $this->credentials[Loader::username()]; if (strstr($this->username, "@")) { list($this->login, $this->domain) = explode("@", $this->username); } $this->password = $this->credentials[Loader::password()]; } return $this; }
/** * @inheritdoc */ public function authenticate() { $users = Loader::domain($this->domain)['users']; if (!isset($users[$this->username])) { return null; } $password = $users[$this->username]; if (Hash::check($this->password, $password)) { $newUser = $this->model(); $newUser->{Loader::username()} = $this->username; $newUser->{Loader::password()} = $password; $newUser->enabled = true; $newUser->save(); return $newUser; } return null; }
/** * @inheritdoc */ public function authenticate() { $this->config = Loader::domain($this->domain); $ldap = new Connection(); $ldap->connect($this->config['hosts']); if ($find = $this->resolver->native()->findBy(Loader::username(), $this->username)) { $this->model = $find; $this->model->{Loader::password()} = null; $this->model->save(); } if (!$ldap->bind($this->username, $this->password)) { Log::warning('Cannot bind to LDAP with ' . $this->username); return null; } $user = $ldap->searchEntry($this->config['baseDN'], $this->config['mappings'], 'samaccountname=' . $this->login); if (!$user) { Log::warning('User ' . $this->username . ' not found in baseDN.'); return null; } return $this->register($user); }
/** * Map ldap user to model * * @param array $ldap * @param UserInterface|\Eloquent $model * * @return mixed */ public function map($ldap, UserInterface $model) { if (!isset($ldap[strtolower($this->mappings['fields'][Loader::username()])])) { return false; } foreach ($this->mappings['fields'] as $field => $mapped) { $mapped = strtolower($mapped); if (!isset($ldap[$mapped])) { continue; } if ($mapped == 'useraccountcontrol') { if (!in_array($ldap[$mapped][0], $this->locked)) { $ldap[$mapped][0] = true; } else { $ldap[$mapped][0] = false; } } $model->{$field} = $ldap[$mapped][0]; } $model->save(); return $model; }
/** * @inheritdoc */ public function authenticate() { if (!extension_loaded('imap')) { throw new \Exception("Cannot use IMAP provider without imap module.", 1); } $this->config = Loader::domain($this->domain); foreach ($this->config['hosts'] as $name => $address) { try { $this->connection = \imap_open("{" . $address . "/novalidate-cert}", $this->username, $this->password, null, 1, array("DISABLE_AUTHENTICATOR" => "GSSAPI")); if ($this->connection) { break; } } catch (\Exception $e) { Log::warning(' [IMAP] Cannot connect to ' . $name . ': ' . $e->getMessage()); } } if (!$this->connection) { return false; } if ($user = $this->resolver->native()->findBy($this->config['mappings'][Loader::username()], $this->username)) { return $user; } return false; }
/** * Execute the console command. * * @return void */ public function fire() { $domain = $this->argument('domain'); $username = $this->option('username'); $password = $this->option('password'); if (!$username) { $username = $this->ask('<info>Administrator username for <error>' . $domain . '</error>: </info>'); } if (!strstr($username, '@')) { $username .= '@' . $domain; } if (!$password) { $password = $this->secret('<info>Password: </info>'); } if (!Loader::hasDomain($domain)) { $this->error('Domain ' . $domain . ' not found in configuration.'); exit(1); } $config = Loader::domain($domain); $ldap = new Connection(); $ldap->connect($config['hosts']); if (!$ldap->bind($username, $password)) { $this->error('Bind to ' . $domain . ' with user ' . $username . ' failed.'); exit(1); } $entries = $ldap->search($config['baseDN'], $config['mappings'], '(&(objectClass=user)(objectCategory=person))'); if (!$entries) { $this->error('Users not found.'); exit(1); } $ldapMapping = new LdapMapping($config['mappings']); $class = '\\' . ltrim(Loader::user(), '\\'); $usernameField = strtolower($config['mappings']['fields'][Loader::username()]); foreach ($entries as $entry) { if (!is_array($entry)) { continue; } if (!isset($entry[$usernameField])) { continue; } $model = new $class(); $user = $model->where(Loader::username(), $entry[$usernameField][0])->first(); if ($user) { $model = $user; $this->info('Updating ' . $entry[$usernameField][0]); } else { $this->info('Adding ' . $entry[$usernameField][0]); } $ldapMapping->map($entry, $model); } }
/** * Check credentials fields from auth config * * @param $credentials * * @throws \Exception */ private function checkFields($credentials) { if (!isset($credentials[Loader::username()])) { throw new \Exception("Unsupported credentials array. Must define '" . Loader::username() . "' key for username", 1); } if (!isset($credentials[Loader::password()])) { throw new \Exception("Unsupported credentials array. Must define '" . Loader::password() . "' key for password", 1); } }