/**
* @param string $username
* @param string $password
* @param null|User $user
*
* @return boolean
*/
public function authenticate($username, $password, &$user)
{
if ($this->ad === null) {
$this->ad = new Adldap($this->adConfig);
}
$authSuccess = false;
if ($this->ad->authenticate($username, $password, true)) {
$adUser = $this->ad->users()->find($username);
$sid = \Adldap\Classes\Utilities::binarySidToText($adUser->getObjectSID());
if ($user === null and $this->hasAutoAddUser($adUser)) {
$user = $this->createUserFromAd($adUser);
}
if ($user !== null) {
if ($this->autoUpdateRole) {
$this->updateRole($user, $adUser);
}
$user->addAuthDriver($this->getName(), $sid);
$authSuccess = true;
}
}
return $authSuccess;
}
$_SESSION['username'] = strtolower($_POST['username']);
}
if (!empty($_POST['password'])) {
$_SESSION['password'] = $_POST['password'];
}
require "vendor/autoload.php";
use Adldap\Adldap;
$configuration = array('account_suffix' => '@winthrop.edu', 'domain_controllers' => array("rahway.winthrop.edu"), 'base_dn' => 'DC=win, DC=winthrop, DC=edu', 'real_primarygroup' => true, 'use_ssl' => false, 'recursive_groups' => true, 'ad_port' => '636', 'sso' => false);
try {
$ad = new Adldap($configuration);
} catch (AdldapException $e) {
echo "Uh oh, looks like we had an issue trying to connect: {$e}";
}
$authUser = false;
if (!empty($_POST['username']) && !empty($_POST['password']) && $_SESSION['username'] == "visitor") {
$authUser = $ad->authenticate($_SESSION['username'], $_SESSION['password']);
}
if ($authUser == true) {
error_reporting(0);
if (!$file) {
//input for the file name
echo 'Please enter a valid file name: ';
}
//Requests a file name to send to readcsv.php
echo "<form action=\"readcsv.php\" method=\"post\">\nFile Name: <input type=\"text\" name=\"file\"><br>\n<input type=\"submit\" value=\"Accept\">";
//if a file is post then open the file
if (isset($_POST['file'])) {
$file = $_POST['file'];
echo "<br><br>You entered:<br>" . $file;
}
} else {
/**
* @param string $username
* @param string $password
*
* @return bool
*/
public function connect($username, $password)
{
return $this->_ldap->authenticate($username, $password);
}
/**
* Validates the credentials against the configured LDAP/AD server.
* The credentials are passed in an array with the keys 'username'
* and 'password'.
*
* @param array $credentials The credentials to validate.
* @return boolean
*/
private function validateLDAPCredentials(array $credentials)
{
$credentialsValidated = false;
$adldap = false;
try {
$userPassword = $credentials['password'];
$userName = $credentials['username'];
$ldapConOp = $this->GetLDAPConnectionOptions();
// // Set LDAP debug log level - useful in DEV, dangerous in PROD!!
// ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);
// Try to authenticate using AD/LDAP
$adldap = new Adldap($ldapConOp);
$authUser = $adldap->authenticate($userName, $userPassword);
// If the user got authenticated
if ($authUser == true) {
$credentialsValidated = true;
} else {
$this->handleLDAPError($adldap);
$credentialsValidated = false;
}
} catch (\Exception $ex) {
Log::error('Exception validating LDAP credential for user: '******', Exception message: ' . $ex->getMessage());
Log::error($ex->getTraceAsString());
$this->handleLDAPError($adldap);
$credentialsValidated = false;
}
// Close connection.
if (isset($adldap)) {
unset($adldap);
}
return $credentialsValidated;
}
/**
* Validate a user against the given credentials.
*
* @param \Illuminate\Contracts\Auth\Authenticatable $user
* @param array $credentials
* @return bool
*/
public function validateCredentials(Authenticatable $user, array $credentials)
{
$username = $credentials[$this->usernameField];
return $this->adldap->authenticate($username, $credentials['password']);
}
/**
* Validates the credentials against the configured LDAP/AD server.
* The credentials are passed in an array with the keys 'username'
* and 'password'.
*
* @param array $credentials The credentials to validate.
* @return boolean
*/
private function validateLDAPCredentials(array $credentials)
{
$credentialsValidated = false;
$adldap = false;
try {
$userPassword = $credentials['password'];
$userName = $credentials['username'];
$ldapConOp = $this->GetLDAPConnectionOptions();
if ($this->ldapConfig['debug']) {
// Set LDAP debug log level - useful in DEV, dangerous in PROD!!
ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);
}
// Try to authenticate using AD/LDAP
$adldap = new Adldap($ldapConOp);
// For LDAP servers, the authentication is done with the full DN,
// Not the username with the suffix as is done for MSAD servers.
if ('LDAP' === $this->ldapConfig['server_type']) {
$ldapUserInfo = $this->getLDAPUserInfo($userName);
$userName = $this->GetArrayValueOrDefault($ldapUserInfo[0], 'dn', '');
}
$authUser = $adldap->authenticate($userName, $userPassword);
// If the user got authenticated
if ($authUser == true) {
$credentialsValidated = true;
} else {
$this->handleLDAPError($adldap);
$credentialsValidated = false;
}
} catch (\Exception $ex) {
Log::error('Exception validating LDAP credential for user: '******', Exception message: ' . $ex->getMessage());
Log::error($ex->getTraceAsString());
$this->handleLDAPError($adldap);
$credentialsValidated = false;
}
// Close connection.
if (isset($adldap)) {
unset($adldap);
}
return $credentialsValidated;
}
/**
* Проверяем
*
* @param $username
* @param $password
* @return mixed
* @throws Exception
*/
public static function find($username, $password)
{
$ad = new Adldap(self::getParams());
return $ad->authenticate($username, $password, true);
}
