0.10/balance/lib/pear/Providers/Authentication/LDAPAuthenticationProvider.class.php - oodt - Git at Google

 <?php
 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 /**
  *
  * OODT Balance
  * Web Application Base Framework
  *
  * Implementation of iApplicationAuthenticationProvider, which extends SingleSignOn.
  *
  * Note: This class has a dependency on the OODT CAS-SSO package.
  *		The necessary files can be found at http://pear.apache.org/oodt/
  *		along with installation instructions.
  *
  * @author s.khudikyan
  * @author ahart
  *
  */
 require("Org/Apache/Oodt/Security/SingleSignOn.php");

 class Org_Apache_Oodt_Balance_Providers_Authentication_LDAPAuthenticationProvider
 	extends Org_Apache_Oodt_Security_SingleSignOn
 	implements Org_Apache_Oodt_Balance_Interfaces_IApplicationAuthenticationProvider {

 	/**
 	 * If authentication config file exists, require(file_name) file
 	 */
 	public function __construct() {

 		// set LDAP constants
 		define("CAS_SECURITY",true);
 		define("SSO_LDAP_HOST", App::Get()->settings['ldap_host']);
 		define("SSO_LDAP_PORT", App::Get()->settings['ldap_port']);
 		define("SSO_BASE_DN", App::Get()->settings['ldap_base_dn']);
 		define("SSO_GROUPS_DN", App::Get()->settings['ldap_group_dn']);
 		define("SSO_COOKIE_KEY", App::Get()->settings['cookie_key']);

 	}

 	public function connect() {
 		return parent::connect(func_get_arg(0),func_get_arg(1));
 	}

 	public function disconnect() {

 	}

 	public function isLoggedIn() {
 		return parent::isLoggedIn();
 	}

 	public function login( $username, $password ) {
 		return parent::login( $username, $password );
 	}

 	public function logout() {
 		parent::logout();
 	}

 	public function getCurrentUsername() {
 		return parent::getCurrentUsername();
 	}

 	public function changePassword( $newPassword ) {
 		if ( App::Get()->settings['authentication_encryption_method'] ) {
 			return parent::changePassword( $newPassword, App::Get()->settings['authentication_encryption_method'] );
 		}
 		return parent::changePassword( $newPassword );
 	}

 	public function validateChangePassword( $newPass, $encryptionMethod = "SHA" ) {
 		$isValid = true;
 		$messages = array();
 		// validate rules from config file
 		$rules = App::Get()->settings['security_password_rules'];

 		if ( isset($rules) ) {
 			foreach( $rules as $rule ){

 				// Separate the rule from the error message
 				list($regularExpression,$errorMessage) = explode('|',$rule,2);

 				// Test the rule
 				$rulePassed = preg_match($regularExpression, $newPass);

 				// If the rule failed, append the error message
 				if (!$rulePassed) {
 					$messages[] = $errorMessage;
 					$isValid    = false;
 				}
 			}
 		}

 		if ($isValid && $this->connect(SSO_LDAP_HOST,SSO_LDAP_PORT)) {
 		  $result = $this->changePassword($newPass,$encryptionMethod);
 		  return true;
 		} else
 		  return $messages;
 	}

 	public function retrieveUserAttributes( $username, $attributes ) {
 		$rawArray 		= parent::retrieveUserAttributes( $username, $attributes );
 		$userAttributes = array();

 		if ( count($rawArray) > 1 ) {
 			$rawArray = $rawArray[0];
 			// Get only necessary attributes to return
 			foreach ( $rawArray as $key=>$keyValue ) {
 				foreach ( $attributes as $value ) {
 					if ( $key === $value ) {
 						$userAttributes[$key] = $keyValue[0];
 					}
 				}
 			}
 		}
 		return $userAttributes;
 	}

 	public function addUser($userInfo) {
 		$ldapconn = $this->connect(SSO_LDAP_HOST,SSO_LDAP_PORT);
 		if ($ldapconn) {
 			$user  = "uid={$userInfo[ "uid" ]}," . SSO_BASE_DN;
 			return ldap_add($ldapconn,$user,$userInfo);
 		}
 		// connection failed
 		return false;
 	}

 	public function usernameAvailability( $username ) {
 		$justthese = array( App::Get()->settings['username_attr'] );
 		$profile = $this->retrieveUserAttributes($username, $justthese);
 		if (count($profile) > 0) {
 			return false;
 		} else {
 			// available
 			return true;
 		}
 	}

 	public function updateProfile($newInfo) {

 		if ($this->isLoggedIn()) {
 			$user  = "uid={$this->getCurrentUsername()}," . SSO_BASE_DN ;
 			$ldapconn = $this->connect(SSO_LDAP_HOST,SSO_LDAP_PORT);

 			if (ldap_mod_replace($ldapconn,$user,$newInfo)) {
 				return true;
 			} else {
 				return false;
 			}
 		} else {
 			return false;
 		}
 	}

 }
	<?php
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	/**
	*
	* OODT Balance
	* Web Application Base Framework
	*
	* Implementation of iApplicationAuthenticationProvider, which extends SingleSignOn.
	*
	* Note: This class has a dependency on the OODT CAS-SSO package.
	* The necessary files can be found at http://pear.apache.org/oodt/
	* along with installation instructions.
	*
	* @author s.khudikyan
	* @author ahart
	*
	*/
	require("Org/Apache/Oodt/Security/SingleSignOn.php");

	class Org_Apache_Oodt_Balance_Providers_Authentication_LDAPAuthenticationProvider
	extends Org_Apache_Oodt_Security_SingleSignOn
	implements Org_Apache_Oodt_Balance_Interfaces_IApplicationAuthenticationProvider {

	/**
	* If authentication config file exists, require(file_name) file
	*/
	public function __construct() {

	// set LDAP constants
	define("CAS_SECURITY",true);
	define("SSO_LDAP_HOST", App::Get()->settings['ldap_host']);
	define("SSO_LDAP_PORT", App::Get()->settings['ldap_port']);
	define("SSO_BASE_DN", App::Get()->settings['ldap_base_dn']);
	define("SSO_GROUPS_DN", App::Get()->settings['ldap_group_dn']);
	define("SSO_COOKIE_KEY", App::Get()->settings['cookie_key']);

	}

	public function connect() {
	return parent::connect(func_get_arg(0),func_get_arg(1));
	}

	public function disconnect() {

	}

	public function isLoggedIn() {
	return parent::isLoggedIn();
	}

	public function login( $username, $password ) {
	return parent::login( $username, $password );
	}

	public function logout() {
	parent::logout();
	}

	public function getCurrentUsername() {
	return parent::getCurrentUsername();
	}

	public function changePassword( $newPassword ) {
	if ( App::Get()->settings['authentication_encryption_method'] ) {
	return parent::changePassword( $newPassword, App::Get()->settings['authentication_encryption_method'] );
	}
	return parent::changePassword( $newPassword );
	}

	public function validateChangePassword( $newPass, $encryptionMethod = "SHA" ) {
	$isValid = true;
	$messages = array();
	// validate rules from config file
	$rules = App::Get()->settings['security_password_rules'];

	if ( isset($rules) ) {
	foreach( $rules as $rule ){

	// Separate the rule from the error message
	list($regularExpression,$errorMessage) = explode('\|',$rule,2);

	// Test the rule
	$rulePassed = preg_match($regularExpression, $newPass);

	// If the rule failed, append the error message
	if (!$rulePassed) {
	$messages[] = $errorMessage;
	$isValid = false;
	}
	}
	}

	if ($isValid && $this->connect(SSO_LDAP_HOST,SSO_LDAP_PORT)) {
	$result = $this->changePassword($newPass,$encryptionMethod);
	return true;
	} else
	return $messages;
	}

	public function retrieveUserAttributes( $username, $attributes ) {
	$rawArray = parent::retrieveUserAttributes( $username, $attributes );
	$userAttributes = array();

	if ( count($rawArray) > 1 ) {
	$rawArray = $rawArray[0];
	// Get only necessary attributes to return
	foreach ( $rawArray as $key=>$keyValue ) {
	foreach ( $attributes as $value ) {
	if ( $key === $value ) {
	$userAttributes[$key] = $keyValue[0];
	}
	}
	}
	}
	return $userAttributes;
	}

	public function addUser($userInfo) {
	$ldapconn = $this->connect(SSO_LDAP_HOST,SSO_LDAP_PORT);
	if ($ldapconn) {
	$user = "uid={$userInfo[ "uid" ]}," . SSO_BASE_DN;
	return ldap_add($ldapconn,$user,$userInfo);
	}
	// connection failed
	return false;
	}

	public function usernameAvailability( $username ) {
	$justthese = array( App::Get()->settings['username_attr'] );
	$profile = $this->retrieveUserAttributes($username, $justthese);
	if (count($profile) > 0) {
	return false;
	} else {
	// available
	return true;
	}
	}

	public function updateProfile($newInfo) {

	if ($this->isLoggedIn()) {
	$user = "uid={$this->getCurrentUsername()}," . SSO_BASE_DN ;
	$ldapconn = $this->connect(SSO_LDAP_HOST,SSO_LDAP_PORT);

	if (ldap_mod_replace($ldapconn,$user,$newInfo)) {
	return true;
	} else {
	return false;
	}
	} else {
	return false;
	}
	}

	}