public function search(Search_SearchQuery $query, $limit, Search_SearchResults $result)
{
if (!$this->ldap->connect()) {
$users = array();
} else {
$users = $this->getMatchingUsers($query, $limit);
}
$has_more = count($users) == $limit ? true : false;
$result->setHasMore($has_more);
return new Search_SearchResultsPresenter(new Search_SearchResultsIntroPresenter($users, $query->getWords()), $users, self::NAME, $has_more);
}
/**
* @return boolean
* @param string $user
* @param string $password
*/
private function _validateSMB4($user, $password, $onlyCheckIsExistsUser = false)
{
//Conexao com o servidor...
$connection = $this->_ldap->connect(Config::factory()->getParam('extra.ldap.samba4.host'), Config::factory()->getParam('extra.ldap.samba4.port'), Config::factory()->getParam('extra.ldap.samba4.version'));
//Autenticar o Administrador...
$this->_ldap->bind($connection, Config::factory()->getParam('extra.ldap.samba4.user'), Config::factory()->getParam('extra.ldap.samba4.password'));
//Recuperar DN do usuario para autenticacao...
$user = $this->_ldap->search($connection, Config::factory()->getParam('extra.ldap.samba4.dn'), Config::factory()->getParam('extra.ldap.samba4.filter') . $user, array('dn'));
//Verificar se o usuario existe...
if (count($user) > 1) {
if ($onlyCheckIsExistsUser) {
return 4;
}
} else {
return 5;
}
//Autenticar o Usuario...
$status = $this->_ldap->bind($connection, $user[0]['dn'], $password);
//Fechar Conexao...
$this->_ldap->close($connection);
return $status;
}
// default
$p = new stdClass();
$p->uname = vp('uname', 32);
$p->secret = $_POST['secret'];
// Roman'i juhtum
//$p->lang = vp('lang', 2);
if (!(strlen($p->uname) >= 5 && strlen($p->secret) >= PASSWORD_MIN_LEN)) {
// FS#69
// $t->errors[ERROR][] = 'L001 ' . $l->txt_err_credientials;
$t->errors[ERROR][] = 'L001 ' . $l->txt_err_authentication;
// show_login_page($t, $o);
}
$ad = new LDAP();
// AD objekt
$ad->debug = $w->debug;
if (!$ad->connect()) {
$t->errors[ERROR][] = 'L002 ' . $l->txt_err_ldap_connect;
}
if (!$ad->bind($p->uname, $p->secret)) {
// create a syslog entry
syslog(LOG_NOTICE, sprintf("AD bind failed. user: %s remote_addr: %s method: %s token: %s", $p->uname, $w->remote_addr, $auth_method, $o->token));
// AD bind failis. Nüüd proovime lokaalse kasutajaga.
require INC_DIR . '/local.php';
if ($w->allow_local) {
if (!isset($d)) {
$d = new DATABASE();
// lokaalsed kasutajad paiknevad DB's. Siiani pole DB'd vaja läinud.
$d->debug = $w->debug;
if (!$d->connect(DB_HOST, DB_USER, DB_PASS, DATABASE)) {
$t->errors[ERROR][] = 'C001.1 ' . $l->txt_err_open_database;
}
<?php require_once 'config.php'; require_once 'php/LDAP.class.php'; $LDAP = new LDAP($ldap_url); $usercn = $_GET['cn']; $LDAP->connect($pw_user, base64_decode($pw_pass))->addGraceLogins($usercn)->disconnect();
public static function prefsIsValid($prefs_, &$log = array())
{
$config_AD = $prefs_->get('UserDB', 'activedirectory');
$minimum_keys = array('hosts', 'domain', 'login', 'password', 'domain');
foreach ($minimum_keys as $m_key) {
if (!isset($config_AD[$m_key])) {
$log['config_AD has key ' . $m_key] = false;
return false;
}
// else {
// $log['config_AD has key '.$m_key] = true;
// }
}
$ldap_suffix = domain2suffix($config_AD['domain']);
if (!$ldap_suffix) {
$log['domain2suffix for \'' . $config_AD['domain'] . '\''] = false;
return false;
}
$log['domain2suffix for \'' . $config_AD['domain'] . '\''] = true;
if (!UserDB_ldap::isValidDN($ldap_suffix)) {
$log['isValidDN for \'' . $ldap_suffix . '\''] = false;
return false;
}
$log['isValidDN for \'' . $ldap_suffix . '\''] = true;
$config_ldap = self::makeLDAPconfig($config_AD);
$LDAP2 = new LDAP($config_ldap);
$ret = $LDAP2->connect($log);
if ($ret === false) {
// $log['LDAP connect to \''.$config_ldap['host'].'\''] = false;
return false;
}
// $log['Connect to AD'] = true;
$LDAP2->disconnect();
return true;
}
public static function prefsIsValid($prefs_, &$log = array())
{
$config_ldap = $prefs_->get('UserDB', 'ldap');
$LDAP2 = new LDAP($config_ldap);
$ret = $LDAP2->connect($log);
if ($ret === false) {
return false;
}
$ret = $LDAP2->branch_exists($config_ldap['userbranch']);
if ($ret == false) {
$log['LDAP user branch'] = false;
$LDAP2->disconnect();
return false;
} else {
$log['LDAP user branch'] = true;
}
return true;
}
/**
* functie om gemakkelijk de userinfo op te halen aan de hand van de username
*
* @param unknown_type $uid ugent username
* @return Array
*/
function getUserInfo($uid)
{
parent::connect();
parent::bind();
parent::search("uid=" . $uid);
return self::parseData(parent::get_entries());
}
public static function prefsIsValid($prefs_, &$log = array())
{
$config_ldap = $prefs_->get('UserDB', 'ldap');
$LDAP2 = new LDAP($config_ldap);
$ret = $LDAP2->connect($log);
$LDAP2->disconnect();
if ($ret === false) {
return false;
}
if (is_null(LDAP::join_filters(array($config_ldap['filter']), '|'))) {
$log['LDAP user filter'] = false;
return false;
}
$log['LDAP user filter'] = true;
if (!array_keys_exists_not_empty(array('login', 'displayname'), $config_ldap['match'])) {
$log['LDAP users match'] = false;
return false;
}
$log['LDAP users match'] = true;
return true;
}
<?php require_once 'config.php'; // Configuration script require_once 'php/LDAP.class.php'; $LDAP = new LDAP($ldap_url); $usercn = $_GET['cn']; $LDAP->connect($pw_user, base64_decode($pw_pass))->resetPassword($usercn)->disconnect();
<?php require_once 'config.php'; // Configuration script require_once '/srv/www/live/webapps/include/sanitize.php'; // Provides sanitize_ldap_string() $ldc = new LDAP($ldap_url); $ldc->connect($ldap_user, $ldap_pass)->resetPassword($usercn)->disconnect();
$oauth = new OAuth($config['oauth']);
$ldap = new LDAP($config['ldap']);
try {
$database = new Database($config['database']);
} catch (Exception $e) {
$error->send(500, 'database_unavailable', 'Cannot connect to database', 'Adapt configuration to be able to create a valid database connection');
}
// Validate we have a proper access token
if (!isset($_GET['access_token'])) {
$error->send(401, 'oauth_token_missing', 'Missing OAuth token', 'Client must supply a valid OAuth2 access token with board-level permissions');
}
if (!$oauth->validToken($_SERVER['REQUEST_URI'], $_GET['access_token'])) {
$error->send(403, 'oauth_token_invalid', 'OAuth token invalid', 'Access token is invalid, has expired, or does not have sufficient access privileges');
}
// Setup the LDAP connection
if (!$ldap->connect()) {
$error->send(502, 'ldap_unavailable', 'LDAP server not responding', 'The API cannot connect to the LDAP server');
}
if (!$ldap->login()) {
$error->send(500, 'ldap_login_failure', 'Cannot login to LDAP server', 'The API cannot login to the LDAP server');
}
/*
* API endpoint definition
*/
$app = new \Slim\Slim();
// JSON-encoded data of all current members with passes
$app->get('/users', function () use($ldap, $database) {
// Construct required data
$users = $ldap->getAllUsers();
$timestamps = $database->getLastEntries();
$data = array_map(function ($user) use($timestamps) {
$username = '';
$criticalUsers = array();
// Information about the user that is currently accessing xtac
// The role which the active user fulfills (library, admin, intern, etc.)
// fetched from the MySQL database
$AuthorizedUsername = $_SERVER['PHP_AUTH_USER'];
$AuthorizationLevel = '';
$PasswordResetAllowed = false;
// A list of all the facts that the university should know about someone
// used to build the Person object during the import phase.
$PersonalAttributes = array();
// ----------------------------------
// Get raw data from both Databases
// ----------------------------------
$MySQL->connect($db_user, $db_pass)->getRole($AuthorizedUsername, $AuthorizationLevel)->getAuthorizedFields($AuthorizedUsername, $AuthorizedMySQLFields, $AuthorizedLDAPFields)->getUsername($Person->id, $username)->getUser($Person->id, $AuthorizedMySQLFields, $MySQLRecord)->getHistory($Person->id, $SupportHistory)->checkMSEligibility($Person->id, $EligibleForSoftwareCheckout)->canResetPassword($AuthorizedUsername, $PasswordResetAllowed)->getCriticalUsers($criticalUsers)->getAttributes($PersonalAttributes)->disconnect();
$LDAP->connect($ldap_user, $ldap_pass)->getUser($username, $AuthorizedLDAPFields, $LDAPRecord)->disconnect();
// ----------------------------------------
// Import raw data into the Person object
// ----------------------------------------
$Person->importCategories($PersonalAttributes)->importLdapData($LDAPRecord)->importMysqlData($MySQLRecord);
// Load data from MYSQL into the Person object.
// ----------------------------------------
// Display data on a webpage
// ----------------------------------------
$Person->draw();
// Display the user's data onscreen, indicating any inconsistencies between LDAP and MYSQL.
if ($AuthorizationLevel === 'library') {
// The current admin is a library staffer and should be notified of the user's eligibility to check out MS software
$Person->DisplayMSSoftwareEligibility($EligibleForSoftwareCheckout);
} elseif ($Person->isFullUser()) {
// The user is a real person, and therefore might have support history
