/**
* Checks if the attribute can be set and sets it accordingly.
*
* @param string $name
* @param mixed $value
* @param bool $append
* @throws Exception\LdapException
*/
protected function _setAttribute($name, $value, $append)
{
$this->assertChangeableAttribute($name);
Attribute::setAttribute($this->currentData, $name, $value, $append);
}
public function testSetAttributeWithFilestream()
{
$data = array();
$stream = fopen(__DIR__ . '/_files/AttributeTest.input.txt', 'r');
Attribute::setAttribute($data, 'file', $stream);
fclose($stream);
$this->assertEquals('String from file', $data['file'][0]);
}
public function testChangePasswordWithUserAccountActiveDirectory()
{
if ($this->getLDAP()->getRootDse()->getServerType() !== Node\RootDse::SERVER_TYPE_ACTIVEDIRECTORY) {
$this->markTestSkipped('Test can only be run on an ActiveDirectory server');
}
$options = $this->getLDAP()->getOptions();
if ($options['useSsl'] !== true && $options['useStartTls'] !== true) {
$this->markTestSkipped('Test can only be run on an SSL or TLS secured connection');
}
$dn = $this->createDn('cn=New User,');
$data = array();
$password = '******';
Ldap\Attribute::setAttribute($data, 'cn', 'New User', false);
Ldap\Attribute::setAttribute($data, 'displayName', 'New User', false);
Ldap\Attribute::setAttribute($data, 'sAMAccountName', 'newuser', false);
Ldap\Attribute::setAttribute($data, 'userAccountControl', 512, false);
Ldap\Attribute::setAttribute($data, 'objectClass', 'person', true);
Ldap\Attribute::setAttribute($data, 'objectClass', 'organizationalPerson', true);
Ldap\Attribute::setAttribute($data, 'objectClass', 'user', true);
Ldap\Attribute::setPassword($data, $password, Ldap\Attribute::PASSWORD_UNICODEPWD, 'unicodePwd');
try {
$this->getLDAP()->add($dn, $data);
$this->getLDAP()->bind($dn, $password);
$newPasswd = 'newpasswd';
$newData = array();
Ldap\Attribute::setPassword($newData, $newPasswd, Ldap\Attribute::PASSWORD_UNICODEPWD);
$this->getLDAP()->update($dn, $newData);
try {
$this->getLDAP()->bind($dn, $password);
$this->fail('Expected exception not thrown');
} catch (Exception\LdapException $zle) {
$message = $zle->getMessage();
$this->assertTrue(strstr($message, 'Invalid credentials') || strstr($message, 'Server is unwilling to perform'));
}
$this->assertInstanceOf('\\Zend\\Ldap\\Ldap', $this->getLDAP()->bind($dn, $newPasswd));
$this->getLDAP()->bind();
$this->getLDAP()->delete($dn);
} catch (Exception\LdapException $e) {
$this->getLDAP()->bind();
if ($this->getLDAP()->exists($dn)) {
$this->getLDAP()->delete($dn);
}
$this->fail($e->getMessage());
}
}
public function loginAction()
{
// if($this->identity()->
$prg = $this->postRedirectGet('login');
if ($prg instanceof Response) {
return $prg;
} else {
/** @var \Zend\Form\Form $form */
$form = $this->getServiceLocator()->get('form\\loginForm');
if ($prg) {
$form->setData($prg);
if ($form->isValid()) {
/** @var \Zend\Authentication\Adapter\Ldap $ldapAdapter */
$ldapAdapter = $this->getServiceLocator()->get('ldap_auth_adapter');
$username = $form->get('username')->getValue();
$password = $form->get('password')->getValue();
$ldapResult = $ldapAdapter->setIdentity($username)->setCredential($password)->authenticate();
if (!$ldapResult->isValid()) {
/** @var \Zend\Authentication\Adapter\DbTable\CallbackCheckAdapter $wpAdapter */
$wpAdapter = $this->getServiceLocator()->get('auth_adapter_wordpress');
$wpResult = $wpAdapter->setIdentity($username)->setCredential($password)->authenticate();
if ($wpResult->isValid()) {
$wpUser = $wpAdapter->getResultRowObject(null, array('user_pass'));
/** @var \Application\Mapper\WPUserMeta $wpMeta */
$wpMeta = $this->getServiceLocator()->get('mapper/wpusermeta');
$groups = unserialize($wpMeta->getMetaForUser($wpUser, 'wp_capabilities')->meta_value);
$rfid = $wpMeta->getMetaForUser($wpUser, 'rfid_code')->meta_value;
$entry = [];
LdapAttribute::setAttribute($entry, 'cn', $wpUser->user_login);
LdapAttribute::setAttribute($entry, 'rfidCode', $rfid);
LdapAttribute::setAttribute($entry, 'mail', $wpUser->user_email);
LdapAttribute::setAttribute($entry, 'objectClass', 'User');
LdapAttribute::setAttribute($entry, 'samAccountName', $wpUser->user_login);
LdapAttribute::setPassword($entry, $password, LdapAttribute::PASSWORD_UNICODEPWD);
LdapAttribute::setAttribute($entry, 'userAccountControl', 512);
// $ldap = $ldapAdapter->getLdap();
/** @var ZendLdap $ldap */
$ldap = $this->getServiceLocator()->get('ldap');
$dn = sprintf('CN=%s,CN=Users,DC=hackspace,DC=internal', $wpUser->user_login);
$ldap->add($dn, $entry);
$dn = $ldap->getCanonicalAccountName($username, ZendLdap::ACCTNAME_FORM_DN);
$ldapPasswordArray = [];
LdapAttribute::setPassword($ldapPasswordArray, $password, LdapAttribute::PASSWORD_UNICODEPWD);
try {
$ldap->update($dn, $ldapPasswordArray);
} catch (LdapException $e) {
// $ldapAdapter->getLdap()->delete($dn);
Debug::dump($e->getMessage());
die;
}
// Debug::dump($hm);
// Debug::dump($hm);
// \Zend\Debug\Debug::dump($groups);
// \Zend\Debug\Debug::dump($rfid);
//$ldapAdapter->getLdap()->add();
} else {
$this->flashMessenger()->addMessage('The username and/or password is invalid');
foreach ($ldapResult->getMessages() as $message) {
$this->flashMessenger()->addMessage($message);
}
$this->redirect()->refresh();
}
} else {
$ldap = $this->getServiceLocator()->get('ldap');
$this->flashMessenger()->addMessage('Logged in via LDAP!');
$dn = sprintf('CN=%s,CN=Users,DC=hackspace,DC=internal', $username);
$ldapPasswordArray = [];
LdapAttribute::setPassword($ldapPasswordArray, 'Frogs22ontheroof', LdapAttribute::PASSWORD_UNICODEPWD);
try {
$ldap->update($dn, $ldapPasswordArray);
} catch (LdapException $e) {
$this->flashMessenger()->addMessage($e->getMessage());
}
$this->redirect()->refresh();
}
}
}
return array('loginForm' => $form);
}
}
