/** * Execute the job. * * @return void */ public function handle() { set_time_limit(0); ini_set('memory_limit', '2048M'); \Log::debug('Set PHP time limit to zero (no limit) and memory to 2GB'); //Create the Duo Admin Client and set the timeout higher than default $duoAdmin = new DuoAdmin(); $duoAdmin->setRequesterOption('timeout', '6000000'); \Log::debug('Created new DuoAdmin object', [$duoAdmin]); //Query Duo REST API $response = $duoAdmin->users($this->username); //Duo SDK puts results in nested array [response][response] $this->users = $response['response']['response']; \Log::debug('Obtained User(s) from Duo API - ', [count($this->users)]); //Remove local Duo accounts that no longer exist in the Duo online database $this->removeStaleAccounts($this->users); \Log::debug('Finished removeStaleAccounts function'); //If we only queried for one user //there's just one user to process \Log::debug('Begin extractUserData function'); if (!isset($this->users[0])) { //Begin main process for looping Duo User Data $this->extractUserData($this->users); } else { //Loop the array of users foreach ($this->users as $user) { //Begin main process for looping Duo User Data $this->extractUserData($user); } } \Log::debug('Completed FetchDuoUsers Job'); }
/** * Execute the job. * * @return void */ public function handle() { set_time_limit(0); \Log::debug('Set PHP time limit to zero (no limit)'); //Create the Duo Admin Client and set the timeout higher than default $duoAdmin = new DuoAdmin(); $duoAdmin->setRequesterOption('timeout', '6000000'); \Log::debug('Created new DuoAdmin object', [$duoAdmin]); $response = $duoAdmin->groups(); $groups = $response['response']['response']; \Log::debug('Obtained Groups from Duo API - ', [count($groups)]); //Loop Duo Groups foreach ($groups as $group) { \Log::debug('Processing Duo Group', [$group]); //Get an existing Duo Group or create a new one $duoGroup = Group::firstOrCreate(['group_id' => $group['group_id']]); //Update Duo Group Settings $duoGroup->name = $group['name']; $duoGroup->desc = $group['desc']; $duoGroup->status = $group['status']; $duoGroup->mobile_otp_enabled = $group['mobile_otp_enabled']; $duoGroup->push_enabled = $group['push_enabled']; $duoGroup->sms_enabled = $group['sms_enabled']; $duoGroup->voice_enabled = $group['voice_enabled']; //Save Duo Group $duoGroup->touch(); $duoGroup->save(); } \Log::debug('Completed FetchDuoGroups Job'); }
/** * Execute the job. * * @return void */ public function handle() { set_time_limit(0); ini_set('memory_limit', '2048M'); //Create the Duo Admin Client and set the timeout higher than default $duoAdmin = new DuoAdmin(); $duoAdmin->setRequesterOption('timeout', '6000000'); // Set the log $count value to 1000 $count = 1000; $backoff = NULL; while ($count >= 1000) { \Log::debug('Start Log gathering', ['count' => $count, 'backoff' => $backoff]); //Query Duo REST API $response = $duoAdmin->logs($this->getMinTime()); if (isset($response['response']['code']) && $response['response']['code'] == '42901') { $backoff += 10; \Log::debug('Received backoff notice', ['response' => $response, 'set-backoff' => $backoff]); sleep($backoff); continue; } //Duo SDK puts results in nested array [response][response] $logs = $response['response']['response']; $backoff = NULL; \Log::debug('Received Duo Response Object. Adding new entries ', ['object-count' => count($logs), 'set-backoff' => $backoff]); // Loop each log to save foreach ($logs as $log) { // Get the DuoUser ID to create a relation $duoUserId = User::where('username', $log['username'])->first(); // Sometimes the 'username' from Duo doesn't exist locally.... if ($duoUserId) { $log['duo_user_id'] = $duoUserId->id; } else { $log['duo_user_id'] = NULL; } // Save the log Log::create($log); } // Set the count to number of logs returned in the last call. // If it's less than 1000, we've reached the end of the logs \Log::debug('Added new log entries. Setting count: ', ['count' => count($logs)]); $count = count($logs); } }
public function migrateUser(Request $request, $id) { \Log::debug('Starting new DuoUser migration process with request from UC Insight User - ', [\Auth::user()->username]); // Get Form input $input = $request->all(); //Create Duo Admin Client $duoAdmin = new DuoAdmin(); //Get the local Duo User account ID $insightUser = DuoUser::findorFail($id); \Log::debug('Found local DuoUser account to migrate - ', [$insightUser]); //Get a fresh copy of the current User data before adding the new user. $this->dispatch(new FetchDuoUsers($insightUser->username)); \Log::debug('Refreshed local DuoUser with Duo API - ', [$insightUser]); //Fetch the User details via Duo API $res = $duoAdmin->users($insightUser->username); //If we didn't get the user object back, error and redirect if (!count($res['response']['response'])) { \Log::debug('Source Duo User not found for migrate function', [$insightUser]); alert()->error("Not able to migrate {$insightUser->realname}. Please contact the UC-Insight Admin")->persistent('Close'); return redirect('duo/user/' . $id); } //Grab the user details $user = $res['response']['response'][0]; \Log::debug('Got response for user details from Duo API - ', [$user]); // Check to see if a custom username was submitted if (isset($input['username'])) { //Make sure the new custom username does not have spaces if (preg_match('/\\s/', $input['username'])) { \Log::debug('The custom Duo User name has invalid spaces', [$input['username']]); alert()->error("The custom Duo User name has invalid spaces.")->persistent('Close'); return redirect('duo/user/' . $id); } $user['username'] = $input['username']; } else { // No custom username supplied. // Implode the explode... (Remove the space(s) from the username) $user['username'] = implode('', explode(' ', $user['username'])); if ($user['username'] == $insightUser['username']) { // If the source and destination usernames are the same there's nothing to do. \Log::debug('The source and destination usernames are the same. Nothing to do here.... - ', ['insightUser' => $insightUser['username'], 'New Username' => $user['username']]); alert()->error("The source and destination usernames are the same. Nothing to do here....")->persistent('Close'); return redirect('duo/user/' . $id); } \Log::debug('Setting new space-less username - ', [$user['username']]); } //Query the Duo API to see if the destination //user already exists in Duo $res = $duoAdmin->users($user['username']); //If we didn't get the user object back, let's create the new Duo user if (!count($res['response']['response'])) { \Log::debug('The new username does not currently exist in Duo. Let\'s create the account - ', [$user['username']]); //Create the new Duo User $res = $duoAdmin->create_user($user['username'], $user['realname'], $user['email'], $user['status'], $user['notes']); //If the status is not OK, error and redirect if ($res['response']['stat'] != "OK") { \Log::debug('Error while creating new Duo User', [$insightUser, $user, $res]); alert()->error("Not able to migrate {$insightUser->realname}. Please contact the UC-Insight Admin")->persistent('Close'); return redirect('duo/user/' . $id); } //Our 'Add Duo User' call was successful. //Assign the new user to this variable $newDuoUser = $res['response']['response']; \Log::debug('Create new Duo User was successful', [$newDuoUser]); } else { // The new user account already exists in Duo. $newDuoUser = $res['response']['response'][0]; \Log::debug('The new username does exist in Duo. No need to create - ', [$newDuoUser]); } \Log::debug('Syncing Duo Phones with the new account'); //Sync Phones to new Duo User account foreach ($insightUser->duoPhones()->lists('phone_id')->toArray() as $phone) { $res = $duoAdmin->user_associate_phone($newDuoUser['user_id'], $phone); //If the status is not OK, log the error if ($res['response']['stat'] != "OK") { \Log::debug('Error Associating Phone ' . $phone . ' with User ' . $newDuoUser['user_id'] . ' - ', [$res]); continue; } \Log::debug('Successfully associated Phone ' . $phone . ' with User ' . $newDuoUser['user_id'] . ' - ', [$res]); } //Sync Tokens to new Duo User account \Log::debug('Syncing Duo Tokens with the new account'); foreach ($insightUser->duoTokens()->lists('token_id')->toArray() as $token) { $res = $duoAdmin->user_associate_token($newDuoUser['user_id'], $token); //If the status is not OK, error and redirect if ($res['response']['stat'] != "OK") { \Log::debug('Error Associating Token ' . $token . ' with User ' . $newDuoUser['user_id'] . ' - ', [$res]); // alert()->error("Not able to migrate $insightUser->realname. Please contact the UC-Insight Admin")->persistent('Close'); continue; } \Log::debug('Successfully associated Token ' . $token . ' with User ' . $newDuoUser['user_id'] . ' - ', [$res]); } //Sync the new Duo User with UC Insight via Duo API $this->dispatch(new FetchDuoUsers($newDuoUser['username'])); \Log::debug('Refreshed local DuoUser with Duo API - ', [$newDuoUser['username']]); alert()->success("Duo User Migration for " . $newDuoUser['realname'] . " completed"); return redirect()->back(); }