/**
* Factory method to create the Schema node.
*
* @param \Zend\LDAP\LDAP $ldap
* @return \Zend\LDAP\Node\Schema\Schema
* @throws \Zend\LDAP\Exception
*/
public static function create(LDAP\LDAP $ldap)
{
$dn = $ldap->getRootDse()->getSchemaDn();
$data = $ldap->getEntry($dn, array('*', '+'), true);
switch ($ldap->getRootDse()->getServerType()) {
case RootDSE\RootDSE::SERVER_TYPE_ACTIVEDIRECTORY:
return new ActiveDirectory($dn, $data, $ldap);
case RootDSE\RootDSE::SERVER_TYPE_OPENLDAP:
return new OpenLDAP($dn, $data, $ldap);
case RootDSE\RootDSE::SERVER_TYPE_EDIRECTORY:
default:
return new self($dn, $data, $ldap);
}
}
public function testExplodeDnOperation()
{
$inputs = array('CN=Alice Baker,CN=Users,DC=example,DC=com' => true, 'CN=Baker\\, Alice,CN=Users,DC=example,DC=com' => true, 'OU=Sales,DC=local' => true, 'OU=Sales;DC=local' => true, 'OU=Sales ,DC=local' => true, 'OU=Sales, dC=local' => true, 'ou=Sales , DC=local' => true, 'OU=Sales ; dc=local' => true, 'DC=local' => true, ' DC=local' => true, 'DC= local ' => true, 'username' => false, '*****@*****.**' => false, 'EXAMPLE\\username' => false, 'CN=,Alice Baker,CN=Users,DC=example,DC=com' => false, 'CN=Users,DC==example,DC=com' => false, 'O=ACME' => true, '' => false, ' ' => false);
foreach ($inputs as $dn => $expected) {
$ret = LDAP\LDAP::explodeDn($dn);
$this->assertTrue($ret === $expected);
}
}
/**
* Factory method to create the RootDSE.
*
* @param \Zend\LDAP\LDAP $ldap
* @return \Zend\LDAP\Node\RootDSE\RootDSE
* @throws \Zend\LDAP\Exception
*/
public static function create(LDAP\LDAP $ldap)
{
$dn = LDAP\DN::fromString('');
$data = $ldap->getEntry($dn, array('*', '+'), true);
if (isset($data['domainfunctionality'])) {
return new ActiveDirectory($dn, $data);
} else {
if (isset($data['dsaname'])) {
return new eDirectory($dn, $data);
} else {
if (isset($data['structuralobjectclass']) && $data['structuralobjectclass'][0] === 'OpenLDAProotDSE') {
return new OpenLDAP($dn, $data);
} else {
return new self($dn, $data);
}
}
}
}
/**
* Rewind the Iterator to the first result item
* Implements Iterator
*
* @throws \Zend\LDAP\Exception
*/
public function rewind()
{
if (is_resource($this->_resultId)) {
$this->_current = @ldap_first_entry($this->_ldap->getResource(), $this->_resultId);
if ($this->_current === false && $this->_ldap->getLastErrorCode() > LDAP\Exception::LDAP_SUCCESS) {
throw new LDAP\Exception($this->_ldap, 'getting first entry');
}
}
}
public function testConfigObject()
{
/**
* @see Zend_Config
*/
$config = new \Zend\Config\Config(array('host' => TESTS_ZEND_LDAP_HOST, 'username' => TESTS_ZEND_LDAP_USERNAME, 'password' => TESTS_ZEND_LDAP_PASSWORD, 'baseDn' => TESTS_ZEND_LDAP_BASE_DN));
$ldap = new LDAP\LDAP($config);
$this->assertEquals(array('host' => TESTS_ZEND_LDAP_HOST, 'port' => 0, 'useSsl' => false, 'username' => TESTS_ZEND_LDAP_USERNAME, 'password' => TESTS_ZEND_LDAP_PASSWORD, 'bindRequiresDn' => false, 'baseDn' => TESTS_ZEND_LDAP_BASE_DN, 'accountCanonicalForm' => null, 'accountDomainName' => null, 'accountDomainNameShort' => null, 'accountFilterFormat' => null, 'allowEmptyPassword' => false, 'useStartTls' => false, 'optReferrals' => false, 'tryUsernameSplit' => true), $ldap->getOptions());
}
/**
* @expectedException InvalidArgumentException
*/
public function testPrepareLDAPEntryArrayObjectData()
{
$class = new \stdClass();
$class->a = 'b';
$data = array('a1' => array($class));
LDAP\LDAP::prepareLDAPEntryArray($data);
}
public function testMismatchDomainBind()
{
$ldap = new LDAP\LDAP($this->_options);
try {
$ldap->bind('BOGUS\\doesntmatter', 'doesntmatter');
} catch (LDAP\Exception $zle) {
$this->assertTrue($zle->getCode() == LDAP\Exception::LDAP_X_DOMAIN_MISMATCH);
}
}
public function testRequiresDnWithoutDnBind()
{
$options = $this->_options;
/* Fixup filter since bindRequiresDn is used to determine default accountFilterFormat
*/
if (!isset($options['accountFilterFormat']) && !$this->_bindRequiresDn) {
$options['accountFilterFormat'] = '(&(objectClass=user)(sAMAccountName=%s))';
}
$options['bindRequiresDn'] = true;
unset($options['username']);
$ldap = new LDAP\LDAP($options);
try {
$ldap->bind($this->_principalName);
} catch (LDAP\Exception $zle) {
/* Note that if your server actually allows anonymous binds this test will fail.
*/
$this->assertContains('Failed to retrieve DN', $zle->getMessage());
}
}
/**
* Reload node attributes from LDAP.
*
* This is an online method.
*
* @param \Zend\LDAP\LDAP $ldap
* @return \Zend\LDAP\Node\AbstractNode Provides a fluid interface
* @throws \Zend\LDAP\Exception
*/
public function reload(LDAP\LDAP $ldap = null)
{
if ($ldap !== null) {
$data = $ldap->getEntry($this->_getDn(), array('*', '+'), true);
$this->_loadData($data, true);
}
return $this;
}
/**
* Factory method to create an attached Zend_LDAP_Node for a given DN.
*
* @param string|array|\Zend\LDAP\DN $dn
* @param \Zend\LDAP\LDAP $ldap
* @return \Zend\LDAP\Node\Node|null
* @throws \Zend\LDAP\Exception
*/
public static function fromLDAP($dn, LDAP\LDAP $ldap)
{
if (is_string($dn) || is_array($dn)) {
$dn = LDAP\DN::factory($dn);
} else {
if ($dn instanceof LDAP\DN) {
$dn = clone $dn;
} else {
throw new LDAP\Exception(null, '$dn is of a wrong data type.');
}
}
$data = $ldap->getEntry($dn, array('*', '+'), true);
if ($data === null) {
return null;
}
$entry = new self($dn, $data, true, $ldap);
return $entry;
}
/**
* @group ZF-8274
*/
public function testConnectWithUri()
{
$host = TESTS_ZEND_LDAP_HOST;
$port = 0;
if (defined('TESTS_ZEND_LDAP_PORT') && TESTS_ZEND_LDAP_PORT != 389) {
$port = TESTS_ZEND_LDAP_PORT;
}
$useSsl = false;
if (defined('TESTS_ZEND_LDAP_USE_SSL')) {
$useSsl = TESTS_ZEND_LDAP_USE_SSL;
}
if ($useSsl) {
$host = 'ldaps://' . $host;
} else {
$host = 'ldap://' . $host;
}
if ($port) {
$host = $host . ':' . $port;
}
$ldap = new LDAP\LDAP();
try {
$ldap->connect($host)->bind('CN=ignored,DC=example,DC=com', 'ignored');
$this->fail('Expected exception for invalid username');
} catch (LDAP\Exception $zle) {
$this->assertContains('Invalid credentials', $zle->getMessage());
}
}
public function testDisconnect()
{
$ldap = new LDAP\LDAP($this->_options);
for ($i = 0; $i < 3; $i++) {
$ldap->disconnect();
try {
$ldap->connect()->bind('CN=ignored,DC=example,DC=com', 'ignored');
$this->fail('Expected exception for unknown username');
} catch (LDAP\Exception $zle) {
$this->assertContains('Invalid credentials', $zle->getMessage());
}
}
}
/**
* ZF-4495
*/
public function testSpecialCharacterInUsername()
{
$options = $this->_options;
$options['accountDomainName'] = 'example.com';
$options['accountDomainNameShort'] = 'EXAMPLE';
$ldap = new LDAP\LDAP($options);
$this->assertEquals('schäfer', $ldap->getCanonicalAccountName('SCHÄFER@example.com', LDAP\LDAP::ACCTNAME_FORM_USERNAME));
$this->assertEquals('schäfer', $ldap->getCanonicalAccountName('EXAMPLE\\SCHÄFER', LDAP\LDAP::ACCTNAME_FORM_USERNAME));
$this->assertEquals('schäfer', $ldap->getCanonicalAccountName('SCHÄFER', LDAP\LDAP::ACCTNAME_FORM_USERNAME));
$this->assertEquals('schäfer@example.com', $ldap->getCanonicalAccountName('SCHÄFER@example.com', LDAP\LDAP::ACCTNAME_FORM_PRINCIPAL));
$this->assertEquals('schäfer@example.com', $ldap->getCanonicalAccountName('EXAMPLE\\SCHÄFER', LDAP\LDAP::ACCTNAME_FORM_PRINCIPAL));
$this->assertEquals('schäfer@example.com', $ldap->getCanonicalAccountName('SCHÄFER', LDAP\LDAP::ACCTNAME_FORM_PRINCIPAL));
$this->assertEquals('EXAMPLE\\schäfer', $ldap->getCanonicalAccountName('SCHÄFER@example.com', LDAP\LDAP::ACCTNAME_FORM_BACKSLASH));
$this->assertEquals('EXAMPLE\\schäfer', $ldap->getCanonicalAccountName('EXAMPLE\\SCHÄFER', LDAP\LDAP::ACCTNAME_FORM_BACKSLASH));
$this->assertEquals('EXAMPLE\\schäfer', $ldap->getCanonicalAccountName('SCHÄFER', LDAP\LDAP::ACCTNAME_FORM_BACKSLASH));
}
/**
* @group ZF-8259
*/
public function testResourceIsAlwaysReturned()
{
$ldap = new LDAP\LDAP($this->_options);
$this->assertNotNull($ldap->getResource());
$this->assertTrue(is_resource($ldap->getResource()));
$this->assertEquals(TESTS_ZEND_LDAP_USERNAME, $ldap->getBoundUser());
}
