PageRenderTime 23ms CodeModel.GetById 13ms app.highlight 5ms RepoModel.GetById 1ms app.codeStats 0ms

/class/xml/rpc/class/auth/auth_ads.php

https://gitlab.com/VoyaTrax/vtCMS
PHP | 109 lines | 43 code | 7 blank | 59 comment | 10 complexity | 612c25ad92cd5b30780c69f2f7679a68 MD5 | raw file
  1<?php
  2// $Id: auth_ads.php 1029 2007-09-09 03:49:25Z phppp $
  3// auth_ads.php - Authentification class for Active Directory
  4//  ------------------------------------------------------------------------ //
  5//                XOOPS - PHP Content Management System                      //
  6//                    Copyright (c) 2000 XOOPS.org                           //
  7//                       <http://www.xoops.org/>                             //
  8//  ------------------------------------------------------------------------ //
  9//  This program is free software; you can redistribute it and/or modify     //
 10//  it under the terms of the GNU General Public License as published by     //
 11//  the Free Software Foundation; either version 2 of the License, or        //
 12//  (at your option) any later version.                                      //
 13//                                                                           //
 14//  You may not change or alter any portion of this comment or credits       //
 15//  of supporting developers from this source code or any supporting         //
 16//  source code which is considered copyrighted (c) material of the          //
 17//  original comment or credit authors.                                      //
 18//                                                                           //
 19//  This program is distributed in the hope that it will be useful,          //
 20//  but WITHOUT ANY WARRANTY; without even the implied warranty of           //
 21//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            //
 22//  GNU General Public License for more details.                             //
 23//                                                                           //
 24//  You should have received a copy of the GNU General Public License        //
 25//  along with this program; if not, write to the Free Software              //
 26//  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA //
 27//  ------------------------------------------------------------------------ //
 28/**
 29 * @package     kernel
 30 * @subpackage  auth
 31 * @description	Authentification class for Active Directory
 32 * @author	    Pierre-Eric MENUET	<pemphp@free.fr>
 33 * @copyright	copyright (c) 2000-2003 XOOPS.org
 34 */
 35include_once XOOPS_ROOT_PATH . '/class/auth/auth_ldap.php';
 36
 37class XoopsAuthAds extends XoopsAuthLdap {
 38   	/**
 39	 * Authentication Service constructor
 40	 */
 41    function __construct($dao) {
 42		parent::XoopsAuthLdap($dao);
 43    }
 44
 45    /**
 46	 *  Authenticate  user again LDAP directory (Bind)
 47	 *  2 options :
 48	 * 		Authenticate directly with uname in the DN
 49	 * 		Authenticate with manager, search the dn
 50	 *
 51	 * @param string $uname Username
 52	 * @param string $pwd Password
 53	 *
 54	 * @return bool
 55	 */
 56    function authenticate($uname, $pwd = null) {
 57        $authenticated = false;
 58        if (!extension_loaded('ldap')) {
 59            $this->setErrors(0, _AUTH_LDAP_EXTENSION_NOT_LOAD);
 60            return $authenticated;
 61        }
 62        $this->_ds = ldap_connect($this->ldap_server, $this->ldap_port);
 63        if ($this->_ds) {
 64            ldap_set_option($this->_ds, LDAP_OPT_PROTOCOL_VERSION, $this->ldap_version);
 65            ldap_set_option($this->_ds, LDAP_OPT_REFERRALS, 0);
 66            if ($this->ldap_use_TLS) { // We use TLS secure connection
 67	   			if (!ldap_start_tls($this->_ds))
 68					$this->setErrors(0, _AUTH_LDAP_START_TLS_FAILED);
 69            }
 70            // If the uid is not in the DN we proceed to a search
 71            // The uid is not always in the dn
 72            $userUPN = $this->getUPN($uname);
 73            if (!$userUPN) return false;
 74            // We bind as user to test the credentials
 75            $authenticated = ldap_bind($this->_ds, $userUPN, $this->cp1252_to_utf8(stripslashes($pwd)));
 76            if ($authenticated) {
 77            	// We load the Xoops User database
 78            	$dn = $this->getUserDN($uname);
 79            	if ($dn)
 80            		return $this->loadXoopsUser($dn, $uname, $pwd);
 81            	else return false;
 82            } else $this->setErrors(ldap_errno($this->_ds), ldap_err2str(ldap_errno($this->_ds)) . '(' . $userUPN . ')');
 83        }
 84        else {
 85            $this->setErrors(0, _AUTH_LDAP_SERVER_NOT_FOUND);
 86        }
 87        @ldap_close($this->_ds);
 88        return $authenticated;
 89    }
 90
 91
 92    /**
 93	 *  Return the UPN = userPrincipalName (Active Directory)
 94	 *  userPrincipalName = guyt@CP.com    Often abbreviated to UPN, and
 95	 *  looks like an email address.  Very useful for logging on especially in
 96	 *  a large Forest.   Note UPN must be unique in the forest.
 97	 *
 98	 *  @return userDN or false
 99	 */
100    function getUPN($uname) {
101    	$userDN = false;
102	    $userDN = $uname."@".$this->ldap_domain_name;
103	    return $userDN;
104    }
105
106} // end class
107
108
109?>