public function runAction() { $em = $this->getEntityManager(); $console = $this->getServiceLocator()->get('console'); $schemaTool = new \Doctrine\ORM\Tools\SchemaTool($em); $console->writeLine('建立資料表中, 請稍待!!', ColorInterface::GREEN); $classes = $em->getMetadataFactory()->getAllMetadata(); if ($this->params()->fromRoute('re-create-database')) { $schemaTool->dropSchema($classes); } $schemaTool->createSchema($classes); // 安裝預設管理人員及選單 $username = '******'; $password = \Zend\Math\Rand::getString(8, null, true); $user = new \Base\Entity\User(); $user->setUsername($username); $user->setPassword(\Zend\Ldap\Attribute::createPassword($password)); $user->setDisplayName('管理者'); $user->setRole('admin'); $em->persist($user); $em->flush(); $menu = new \Base\Entity\Menu(); $menu->setName('首頁'); $menu->setUser($user); $params = ['max_records' => 10, 'order_kind' => 'desc', 'term' => '']; $menu->setParams(serialize($params)); $em->persist($menu); $em->flush(); $console->writeLine('建立完成!!', ColorInterface::GREEN); $console->writeLine('預設帳號 ' . $username . ', 密碼 ' . $password, ColorInterface::GREEN); }
public function saveAction() { $jsonModel = new JsonModel(); if ($this->getRequest()->isPost()) { $data = $this->params()->fromPost(); $em = $this->getEntityManager(); if (!($userRes = $em->getRepository('Base\\Entity\\User')->find($data['id']))) { $userRes = new \Base\Entity\User(); } $form = new UserForm(); $roleArr = $em->getRepository('Base\\Entity\\User')->getRoleArray(); $form->get('role')->setValueOptions($roleArr); $form->setData($data); if ($form->isValid()) { $userRes->setDisplayName($data['display_name']); $userRes->setUsername($data['username']); $userRes->setRole($data['role']); $userRes->setPassword(\Zend\Ldap\Attribute::createPassword($data['password'])); $em->persist($userRes); $em->flush(); $jsonModel->setVariable('success', true); } else { $jsonModel->setVariable('success', false); $jsonModel->setVariable('message', $form->getMessages()); } } return $jsonModel; }
public function runAction() { $username = $this->params()->fromRoute('username'); $password = $this->params()->fromRoute('password'); $em = $this->getEntityManager(); $qb = $em->createQueryBuilder()->select('u')->from('Base\\Entity\\User', 'u')->where('u.username=:username')->setParameter('username', $username)->getQuery()->getResult(); if (count($qb)) { $userRes = $qb[0]; } else { $userRes = new \Base\Entity\User(); $userRes->setUsername($username); $userRes->setDisplayName('管理者'); } $userRes->setPassword(\Zend\Ldap\Attribute::createPassword($password)); $userRes->setRole('admin'); $em->persist($userRes); $em->flush(); echo "\n {$username} 設定成功 \n "; }
/** * Parse the given tokens into a data structure * * @param array $data * @param array $tokens * @return void */ protected function _parseLdapSchemaSyntax(array &$data, array $tokens) { // tokens that have no value associated $noValue = array('single-value', 'obsolete', 'collective', 'no-user-modification', 'abstract', 'structural', 'auxiliary'); // tokens that can have multiple values $multiValue = array('must', 'may', 'sup'); while (count($tokens) > 0) { $token = strtolower(array_shift($tokens)); if (in_array($token, $noValue)) { $data[$token] = true; // single value token } else { $data[$token] = array_shift($tokens); // this one follows a string or a list if it is multivalued if ($data[$token] == '(') { // this creates the list of values and cycles through the tokens // until the end of the list is reached ')' $data[$token] = array(); while ($tmp = array_shift($tokens)) { if ($tmp == ')') { break; } if ($tmp != '$') { $data[$token][] = Ldap\Attribute::convertFromLdapValue($tmp); } } } else { $data[$token] = Ldap\Attribute::convertFromLdapValue($data[$token]); } // create a array if the value should be multivalued but was not if (in_array($token, $multiValue) && !is_array($data[$token])) { $data[$token] = array($data[$token]); } } } }
/** * Gets a LDAP date/time attribute. * * This is an offline method. * * @param string $name * @param int $index * @return array|int * @throws \Zend\Ldap\Exception\LdapException */ public function getDateTimeAttribute($name, $index = null) { return Ldap\Attribute::getDateTimeAttribute($this->currentData, $name, $index); }
/** * Remove given values from a LDAP attribute * * @param string $attribName * @param mixed|array $value * @return void */ public function removeFromAttribute($attribName, $value) { Attribute::removeFromAttribute($this->currentData, $attribName, $value); }
public function testChangePasswordWithUserAccountActiveDirectory() { if ($this->getLDAP()->getRootDse()->getServerType() !== Node\RootDse::SERVER_TYPE_ACTIVEDIRECTORY) { $this->markTestSkipped('Test can only be run on an ActiveDirectory server'); } $options = $this->getLDAP()->getOptions(); if ($options['useSsl'] !== true && $options['useStartTls'] !== true) { $this->markTestSkipped('Test can only be run on an SSL or TLS secured connection'); } $dn = $this->createDn('cn=New User,'); $data = array(); $password = '******'; Ldap\Attribute::setAttribute($data, 'cn', 'New User', false); Ldap\Attribute::setAttribute($data, 'displayName', 'New User', false); Ldap\Attribute::setAttribute($data, 'sAMAccountName', 'newuser', false); Ldap\Attribute::setAttribute($data, 'userAccountControl', 512, false); Ldap\Attribute::setAttribute($data, 'objectClass', 'person', true); Ldap\Attribute::setAttribute($data, 'objectClass', 'organizationalPerson', true); Ldap\Attribute::setAttribute($data, 'objectClass', 'user', true); Ldap\Attribute::setPassword($data, $password, Ldap\Attribute::PASSWORD_UNICODEPWD, 'unicodePwd'); try { $this->getLDAP()->add($dn, $data); $this->getLDAP()->bind($dn, $password); $newPasswd = 'newpasswd'; $newData = array(); Ldap\Attribute::setPassword($newData, $newPasswd, Ldap\Attribute::PASSWORD_UNICODEPWD); $this->getLDAP()->update($dn, $newData); try { $this->getLDAP()->bind($dn, $password); $this->fail('Expected exception not thrown'); } catch (Exception\LdapException $zle) { $message = $zle->getMessage(); $this->assertTrue(strstr($message, 'Invalid credentials') || strstr($message, 'Server is unwilling to perform')); } $this->assertInstanceOf('\\Zend\\Ldap\\Ldap', $this->getLDAP()->bind($dn, $newPasswd)); $this->getLDAP()->bind(); $this->getLDAP()->delete($dn); } catch (Exception\LdapException $e) { $this->getLDAP()->bind(); if ($this->getLDAP()->exists($dn)) { $this->getLDAP()->delete($dn); } $this->fail($e->getMessage()); } }
public function testPasswordGenerationUnicodePwd() { $password = '******'; $unicodePwd = Attribute::createPassword($password, Attribute::PASSWORD_UNICODEPWD); $this->assertEquals(10, strlen($unicodePwd)); $this->assertEquals("\"new\"", $unicodePwd); }
public function changePasswordAction() { $viewModel = new ViewModel(); $username = $this->getAuthService()->getIdentity()->getUsername(); $registerForm = new RegisterForm(); $form = new \Zend\Form\Form('changePasswordForm'); $form->add($registerForm->get('password')); $form->add($registerForm->get('re_password')); // $form->add($registerForm->get('submit')->setAttribute('value', '修改密碼')); $accountFilter = new AccountFIlter(); $filter = new InputFilter(); $filter->add($accountFilter->get('password'))->add($accountFilter->get('re_password')); $form->setInputFilter($filter); if ($this->getRequest()->isPost()) { $data = $this->getRequest()->getPost(); $form->setData($data); if ($form->isValid()) { $em = $this->getServiceLocator()->get('doctrine.entitymanager.orm_default'); $user = $em->getRepository('Base\\Entity\\User')->findOneBy(array('username' => $username)); if ($user) { //$user->setPassword(md5($form->get('password')->getValue())); $user->setPassword(\Zend\Ldap\Attribute::createPassword($form->get('password')->getValue())); $em->persist($user); $em->flush(); $this->getServiceLocator()->get('Zend\\Log')->info($username . ' changed password'); $this->flashMessenger()->addSuccessMessage('更改密碼成功!'); return $this->redirect()->refresh(); } } } $viewModel->setVariable('form', $form); return $viewModel; }
private function write($isUpdate = false, $employeeNumber = null) { // Get the request body (prepared by \Slim\Middleware\ContentTypes) $env = $this->app->environment(); $data = $env['slim.input']; if ($data === '{}') { $data = array(); } // Build the entry $entry = $this->formatJsonForEntry($data); $entry['objectClass'] = array('person', 'organizationalPerson', 'inetOrgPerson', 'personMailDelivery'); $entry['employeeNumber'] = $isUpdate === false ? $this->ldap->getUUID('employeeNumber') : $employeeNumber; // Validate the data $dn = $this->assertValidEntry($entry, $isUpdate); unset($entry['passwordConfirmation']); if (isset($entry['userPassword'])) { $entry['userPassword'] = Attribute::createPassword($entry['userPassword'], Attribute::PASSWORD_HASH_SSHA); } // Adi/Update to LDAP if ($isUpdate !== true) { $this->ldap->add($dn, $entry); } else { $this->ldap->update($dn, $entry); } // Return the created/updated entry $this->getById($entry['employeeNumber']); }
public function testPasswordGenerationUnicodePwd() { $password = '******'; $unicodePwd = Ldap\Attribute::createPassword($password, Ldap\Attribute::PASSWORD_UNICODEPWD); $this->assertEquals(10, strlen($unicodePwd)); $this->assertEquals("\x22\x00\x6E\x00\x65\x00\x77\x00\x22\x00", $unicodePwd); }
public function loginAction() { // if($this->identity()-> $prg = $this->postRedirectGet('login'); if ($prg instanceof Response) { return $prg; } else { /** @var \Zend\Form\Form $form */ $form = $this->getServiceLocator()->get('form\\loginForm'); if ($prg) { $form->setData($prg); if ($form->isValid()) { /** @var \Zend\Authentication\Adapter\Ldap $ldapAdapter */ $ldapAdapter = $this->getServiceLocator()->get('ldap_auth_adapter'); $username = $form->get('username')->getValue(); $password = $form->get('password')->getValue(); $ldapResult = $ldapAdapter->setIdentity($username)->setCredential($password)->authenticate(); if (!$ldapResult->isValid()) { /** @var \Zend\Authentication\Adapter\DbTable\CallbackCheckAdapter $wpAdapter */ $wpAdapter = $this->getServiceLocator()->get('auth_adapter_wordpress'); $wpResult = $wpAdapter->setIdentity($username)->setCredential($password)->authenticate(); if ($wpResult->isValid()) { $wpUser = $wpAdapter->getResultRowObject(null, array('user_pass')); /** @var \Application\Mapper\WPUserMeta $wpMeta */ $wpMeta = $this->getServiceLocator()->get('mapper/wpusermeta'); $groups = unserialize($wpMeta->getMetaForUser($wpUser, 'wp_capabilities')->meta_value); $rfid = $wpMeta->getMetaForUser($wpUser, 'rfid_code')->meta_value; $entry = []; LdapAttribute::setAttribute($entry, 'cn', $wpUser->user_login); LdapAttribute::setAttribute($entry, 'rfidCode', $rfid); LdapAttribute::setAttribute($entry, 'mail', $wpUser->user_email); LdapAttribute::setAttribute($entry, 'objectClass', 'User'); LdapAttribute::setAttribute($entry, 'samAccountName', $wpUser->user_login); LdapAttribute::setPassword($entry, $password, LdapAttribute::PASSWORD_UNICODEPWD); LdapAttribute::setAttribute($entry, 'userAccountControl', 512); // $ldap = $ldapAdapter->getLdap(); /** @var ZendLdap $ldap */ $ldap = $this->getServiceLocator()->get('ldap'); $dn = sprintf('CN=%s,CN=Users,DC=hackspace,DC=internal', $wpUser->user_login); $ldap->add($dn, $entry); $dn = $ldap->getCanonicalAccountName($username, ZendLdap::ACCTNAME_FORM_DN); $ldapPasswordArray = []; LdapAttribute::setPassword($ldapPasswordArray, $password, LdapAttribute::PASSWORD_UNICODEPWD); try { $ldap->update($dn, $ldapPasswordArray); } catch (LdapException $e) { // $ldapAdapter->getLdap()->delete($dn); Debug::dump($e->getMessage()); die; } // Debug::dump($hm); // Debug::dump($hm); // \Zend\Debug\Debug::dump($groups); // \Zend\Debug\Debug::dump($rfid); //$ldapAdapter->getLdap()->add(); } else { $this->flashMessenger()->addMessage('The username and/or password is invalid'); foreach ($ldapResult->getMessages() as $message) { $this->flashMessenger()->addMessage($message); } $this->redirect()->refresh(); } } else { $ldap = $this->getServiceLocator()->get('ldap'); $this->flashMessenger()->addMessage('Logged in via LDAP!'); $dn = sprintf('CN=%s,CN=Users,DC=hackspace,DC=internal', $username); $ldapPasswordArray = []; LdapAttribute::setPassword($ldapPasswordArray, 'Frogs22ontheroof', LdapAttribute::PASSWORD_UNICODEPWD); try { $ldap->update($dn, $ldapPasswordArray); } catch (LdapException $e) { $this->flashMessenger()->addMessage($e->getMessage()); } $this->redirect()->refresh(); } } } return array('loginForm' => $form); } }
public static function hashPassword($player, $password) { return $player->getPassword() === \Zend\Ldap\Attribute::createPassword($password); }