Skip to content
Snippets Groups Projects
Select Git revision
  • 147-implement-soap-server-using-quarkus
  • 146-implement-soap-service-wrapper-for-tg-auth-service-methods
  • 145-remove-unused-code-and-pretty-print-php-code
  • develop default protected
  • main protected
  • return-sid-in-uri-fragment
  • v1.18.2
  • v1.18.1
  • v1.18.0
  • 20231218-before-last-mr-i-hope
  • 20231218-before-upated-mr
  • 20231215-new-php-code
  • 20231215-tests-completed
  • 20231221-last-running-develop
  • v1.17.2
  • v1.17.1
  • 1.14.0
  • 1.13.0
  • 1.11.0
  • 1.10.0
  • 1.9.14
  • 1.9.13
  • 1.9.12
  • 1.9.10
  • 1.9.3
  • 1.8.0
26 results
Blame Permalink
LDAP.class.php 3.04 KiB 
<?php
// #######################################################
// Author: Martin Haase / DAASI International GmbH / TextGrid
// Creation date: 2010-09-23
// Modification date: 2010-09-03
// Version: 0.1
// based on authenticate.php
// #######################################################

mb_internal_encoding("UTF-8");

class LDAP {

  // Global variables
  protected $UserAttributes = array();
  protected $ldaphost;
  protected $ldapport;
  protected $binddn;
  protected $filter;
  protected $IDattribute;
  protected $LDAPname;
  
  public function __construct( $configfilepath ) {
    $config = new DOMDocument();
    $config->load($configfilepath);
    $xpath = new DOMXPath($config);
    $xpath->registerNamespace("c", "http://textgrid.info/namespaces/middleware/tgwebauth");

    $this->ldaphost = $xpath->query("/c:conf/c:authn[@type='community']/c:key[@name='host']")->item(0)->nodeValue;
    $this->ldapport = $xpath->query("/c:conf/c:authn[@type='community']/c:key[@name='port']")->item(0)->nodeValue;
    $this->binddn = $xpath->query("/c:conf/c:authn[@type='community']/c:key[@name='binddn']")->item(0)->nodeValue;
    $this->basedn = $xpath->query("/c:conf/c:authn[@type='community']/c:key[@name='basedn']")->item(0)->nodeValue;
    $this->filter = $xpath->query("/c:conf/c:authn[@type='community']/c:key[@name='filter']")->item(0)->nodeValue;
    $this->IDattribute = $xpath->query("/c:conf/c:authn[@type='community']/c:key[@name='IDattribute']")->item(0)->nodeValue;
    $this->LDAPname = $xpath->query("/c:conf/c:authn[@type='community']/c:key[@name='name']")->item(0)->nodeValue;
  }

  public function authenticate ($login, $password) {

    $ldapconn = ldap_connect( $this->ldaphost, $this->ldapport );
    // ldap_connect always returns a handle, does not connect yet
    // or return array("success" => FALSE, "detail" => "Cannot connect to {$ldaphost}!");

    ldap_set_option($ldapconn, LDAP_OPT_PROTOCOL_VERSION, 3);
    //ldap_start_tls( $ldapconn );

    $binddn = preg_replace ('/\${login}/', $login, $this->binddn);
    $bound = ldap_bind($ldapconn, $binddn , $password);
    if (!$bound) {
      return array("success" => FALSE, 
		   "detail" => "Authentication failed, reason: " . ldap_error ($ldapconn));
    } else {
      //echo "Could bind as user ${login}!";
      $filter = preg_replace ('/\${login}/', $login, $this->filter);
      $result = ldap_search( $ldapconn, $this->basedn, $filter);
      $entry  = ldap_first_entry( $ldapconn  , $result  );

      $this->UserAttributes = ldap_get_attributes ($ldapconn , $entry);

      $TGID = $this->UserAttributes[$this->IDattribute][0];

      return array("success" => TRUE, "TGID" => $TGID, "LDAPname" => $this->LDAPname);
    }
  }

  public function getUserAttributes () {
    $rethash = array();
    foreach (array("o", "sn", "givenName", "cn", "mail") as $a) {
      if ( isset($this->UserAttributes[$a])) {
	$vals = array();
	for ($i=0; $i<$this->UserAttributes[$a]['count']; $i++) {
	  $vals[] = $this->UserAttributes[$a][$i];
	}
	$rethash[$a] =  implode (';', $vals);
      }
    }
    return $rethash;
  }

}

?>