PageRenderTime 56ms CodeModel.GetById 23ms RepoModel.GetById 0ms app.codeStats 0ms

/lib/Zend/Ldap/Attribute.php

https://bitbucket.org/andrewjleavitt/magestudy
PHP | 417 lines | 239 code | 26 blank | 152 comment | 53 complexity | 8d60280dbeb289b9a368c33e22028990 MD5 | raw file
Possible License(s): CC-BY-SA-3.0, LGPL-2.1, GPL-2.0, WTFPL
  1. <?php
  2. /**
  3. * Zend Framework
  4. *
  5. * LICENSE
  6. *
  7. * This source file is subject to the new BSD license that is bundled
  8. * with this package in the file LICENSE.txt.
  9. * It is also available through the world-wide-web at this URL:
  10. * http://framework.zend.com/license/new-bsd
  11. * If you did not receive a copy of the license and are unable to
  12. * obtain it through the world-wide-web, please send an email
  13. * to license@zend.com so we can send you a copy immediately.
  14. *
  15. * @category Zend
  16. * @package Zend_Ldap
  17. * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
  18. * @license http://framework.zend.com/license/new-bsd New BSD License
  19. * @version $Id: Attribute.php 22996 2010-09-22 17:01:46Z sgehrig $
  20. */
  21. /**
  22. * @see Zend_Ldap_Converter
  23. */
  24. #require_once 'Zend/Ldap/Converter.php';
  25. /**
  26. * Zend_Ldap_Attribute is a collection of LDAP attribute related functions.
  27. *
  28. * @category Zend
  29. * @package Zend_Ldap
  30. * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
  31. * @license http://framework.zend.com/license/new-bsd New BSD License
  32. */
  33. class Zend_Ldap_Attribute
  34. {
  35. const PASSWORD_HASH_MD5 = 'md5';
  36. const PASSWORD_HASH_SMD5 = 'smd5';
  37. const PASSWORD_HASH_SHA = 'sha';
  38. const PASSWORD_HASH_SSHA = 'ssha';
  39. const PASSWORD_UNICODEPWD = 'unicodePwd';
  40. /**
  41. * Sets a LDAP attribute.
  42. *
  43. * @param array $data
  44. * @param string $attribName
  45. * @param scalar|array|Traversable $value
  46. * @param boolean $append
  47. * @return void
  48. */
  49. public static function setAttribute(array &$data, $attribName, $value, $append = false)
  50. {
  51. $attribName = strtolower($attribName);
  52. $valArray = array();
  53. if (is_array($value) || ($value instanceof Traversable))
  54. {
  55. foreach ($value as $v)
  56. {
  57. $v = self::_valueToLdap($v);
  58. if ($v !== null) $valArray[] = $v;
  59. }
  60. }
  61. else if ($value !== null)
  62. {
  63. $value = self::_valueToLdap($value);
  64. if ($value !== null) $valArray[] = $value;
  65. }
  66. if ($append === true && isset($data[$attribName]))
  67. {
  68. if (is_string($data[$attribName])) $data[$attribName] = array($data[$attribName]);
  69. $data[$attribName] = array_merge($data[$attribName], $valArray);
  70. }
  71. else
  72. {
  73. $data[$attribName] = $valArray;
  74. }
  75. }
  76. /**
  77. * Gets a LDAP attribute.
  78. *
  79. * @param array $data
  80. * @param string $attribName
  81. * @param integer $index
  82. * @return array|mixed
  83. */
  84. public static function getAttribute(array $data, $attribName, $index = null)
  85. {
  86. $attribName = strtolower($attribName);
  87. if ($index === null) {
  88. if (!isset($data[$attribName])) return array();
  89. $retArray = array();
  90. foreach ($data[$attribName] as $v)
  91. {
  92. $retArray[] = self::_valueFromLdap($v);
  93. }
  94. return $retArray;
  95. } else if (is_int($index)) {
  96. if (!isset($data[$attribName])) {
  97. return null;
  98. } else if ($index >= 0 && $index<count($data[$attribName])) {
  99. return self::_valueFromLdap($data[$attribName][$index]);
  100. } else {
  101. return null;
  102. }
  103. }
  104. return null;
  105. }
  106. /**
  107. * Checks if the given value(s) exist in the attribute
  108. *
  109. * @param array $data
  110. * @param string $attribName
  111. * @param mixed|array $value
  112. * @return boolean
  113. */
  114. public static function attributeHasValue(array &$data, $attribName, $value)
  115. {
  116. $attribName = strtolower($attribName);
  117. if (!isset($data[$attribName])) return false;
  118. if (is_scalar($value)) {
  119. $value = array($value);
  120. }
  121. foreach ($value as $v) {
  122. $v = self::_valueToLdap($v);
  123. if (!in_array($v, $data[$attribName], true)) {
  124. return false;
  125. }
  126. }
  127. return true;
  128. }
  129. /**
  130. * Removes duplicate values from a LDAP attribute
  131. *
  132. * @param array $data
  133. * @param string $attribName
  134. * @return void
  135. */
  136. public static function removeDuplicatesFromAttribute(array &$data, $attribName)
  137. {
  138. $attribName = strtolower($attribName);
  139. if (!isset($data[$attribName])) return;
  140. $data[$attribName] = array_values(array_unique($data[$attribName]));
  141. }
  142. /**
  143. * Remove given values from a LDAP attribute
  144. *
  145. * @param array $data
  146. * @param string $attribName
  147. * @param mixed|array $value
  148. * @return void
  149. */
  150. public static function removeFromAttribute(array &$data, $attribName, $value)
  151. {
  152. $attribName = strtolower($attribName);
  153. if (!isset($data[$attribName])) return;
  154. if (is_scalar($value)) {
  155. $value = array($value);
  156. }
  157. $valArray = array();
  158. foreach ($value as $v)
  159. {
  160. $v = self::_valueToLdap($v);
  161. if ($v !== null) $valArray[] = $v;
  162. }
  163. $resultArray = $data[$attribName];
  164. foreach ($valArray as $rv) {
  165. $keys = array_keys($resultArray, $rv);
  166. foreach ($keys as $k) {
  167. unset($resultArray[$k]);
  168. }
  169. }
  170. $resultArray = array_values($resultArray);
  171. $data[$attribName] = $resultArray;
  172. }
  173. /**
  174. * @param mixed $value
  175. * @return string|null
  176. */
  177. private static function _valueToLdap($value)
  178. {
  179. return Zend_Ldap_Converter::toLdap($value);
  180. }
  181. /**
  182. * @param string $value
  183. * @return mixed
  184. */
  185. private static function _valueFromLdap($value)
  186. {
  187. try {
  188. $return = Zend_Ldap_Converter::fromLdap($value, Zend_Ldap_Converter::STANDARD, false);
  189. if ($return instanceof DateTime) {
  190. return Zend_Ldap_Converter::toLdapDateTime($return, false);
  191. } else {
  192. return $return;
  193. }
  194. } catch (InvalidArgumentException $e) {
  195. return $value;
  196. }
  197. }
  198. /**
  199. * Converts a PHP data type into its LDAP representation
  200. *
  201. * @deprected use Zend_Ldap_Converter instead
  202. * @param mixed $value
  203. * @return string|null - null if the PHP data type cannot be converted.
  204. */
  205. public static function convertToLdapValue($value)
  206. {
  207. return self::_valueToLdap($value);
  208. }
  209. /**
  210. * Converts an LDAP value into its PHP data type
  211. *
  212. * @deprected use Zend_Ldap_Converter instead
  213. * @param string $value
  214. * @return mixed
  215. */
  216. public static function convertFromLdapValue($value)
  217. {
  218. return self::_valueFromLdap($value);
  219. }
  220. /**
  221. * Converts a timestamp into its LDAP date/time representation
  222. *
  223. * @param integer $value
  224. * @param boolean $utc
  225. * @return string|null - null if the value cannot be converted.
  226. */
  227. public static function convertToLdapDateTimeValue($value, $utc = false)
  228. {
  229. return self::_valueToLdapDateTime($value, $utc);
  230. }
  231. /**
  232. * Converts LDAP date/time representation into a timestamp
  233. *
  234. * @param string $value
  235. * @return integer|null - null if the value cannot be converted.
  236. */
  237. public static function convertFromLdapDateTimeValue($value)
  238. {
  239. return self::_valueFromLdapDateTime($value);
  240. }
  241. /**
  242. * Sets a LDAP password.
  243. *
  244. * @param array $data
  245. * @param string $password
  246. * @param string $hashType
  247. * @param string|null $attribName
  248. * @return null
  249. */
  250. public static function setPassword(array &$data, $password, $hashType = self::PASSWORD_HASH_MD5,
  251. $attribName = null)
  252. {
  253. if ($attribName === null) {
  254. if ($hashType === self::PASSWORD_UNICODEPWD) {
  255. $attribName = 'unicodePwd';
  256. } else {
  257. $attribName = 'userPassword';
  258. }
  259. }
  260. $hash = self::createPassword($password, $hashType);
  261. self::setAttribute($data, $attribName, $hash, false);
  262. }
  263. /**
  264. * Creates a LDAP password.
  265. *
  266. * @param string $password
  267. * @param string $hashType
  268. * @return string
  269. */
  270. public static function createPassword($password, $hashType = self::PASSWORD_HASH_MD5)
  271. {
  272. switch ($hashType) {
  273. case self::PASSWORD_UNICODEPWD:
  274. /* see:
  275. * http://msdn.microsoft.com/en-us/library/cc223248(PROT.10).aspx
  276. */
  277. $password = '"' . $password . '"';
  278. if (function_exists('mb_convert_encoding')) {
  279. $password = mb_convert_encoding($password, 'UTF-16LE', 'UTF-8');
  280. } else if (function_exists('iconv')) {
  281. $password = iconv('UTF-8', 'UTF-16LE', $password);
  282. } else {
  283. $len = strlen($password);
  284. $new = '';
  285. for($i=0; $i < $len; $i++) {
  286. $new .= $password[$i] . "\x00";
  287. }
  288. $password = $new;
  289. }
  290. return $password;
  291. case self::PASSWORD_HASH_SSHA:
  292. $salt = substr(sha1(uniqid(mt_rand(), true), true), 0, 4);
  293. $rawHash = sha1($password . $salt, true) . $salt;
  294. $method = '{SSHA}';
  295. break;
  296. case self::PASSWORD_HASH_SHA:
  297. $rawHash = sha1($password, true);
  298. $method = '{SHA}';
  299. break;
  300. case self::PASSWORD_HASH_SMD5:
  301. $salt = substr(sha1(uniqid(mt_rand(), true), true), 0, 4);
  302. $rawHash = md5($password . $salt, true) . $salt;
  303. $method = '{SMD5}';
  304. break;
  305. case self::PASSWORD_HASH_MD5:
  306. default:
  307. $rawHash = md5($password, true);
  308. $method = '{MD5}';
  309. break;
  310. }
  311. return $method . base64_encode($rawHash);
  312. }
  313. /**
  314. * Sets a LDAP date/time attribute.
  315. *
  316. * @param array $data
  317. * @param string $attribName
  318. * @param integer|array|Traversable $value
  319. * @param boolean $utc
  320. * @param boolean $append
  321. * @return null
  322. */
  323. public static function setDateTimeAttribute(array &$data, $attribName, $value, $utc = false,
  324. $append = false)
  325. {
  326. $convertedValues = array();
  327. if (is_array($value) || ($value instanceof Traversable))
  328. {
  329. foreach ($value as $v) {
  330. $v = self::_valueToLdapDateTime($v, $utc);
  331. if ($v !== null) $convertedValues[] = $v;
  332. }
  333. }
  334. else if ($value !== null) {
  335. $value = self::_valueToLdapDateTime($value, $utc);
  336. if ($value !== null) $convertedValues[] = $value;
  337. }
  338. self::setAttribute($data, $attribName, $convertedValues, $append);
  339. }
  340. /**
  341. * @param integer $value
  342. * @param boolean $utc
  343. * @return string|null
  344. */
  345. private static function _valueToLdapDateTime($value, $utc)
  346. {
  347. if (is_int($value)) {
  348. return Zend_Ldap_Converter::toLdapDateTime($value, $utc);
  349. }
  350. else return null;
  351. }
  352. /**
  353. * Gets a LDAP date/time attribute.
  354. *
  355. * @param array $data
  356. * @param string $attribName
  357. * @param integer $index
  358. * @return array|integer
  359. */
  360. public static function getDateTimeAttribute(array $data, $attribName, $index = null)
  361. {
  362. $values = self::getAttribute($data, $attribName, $index);
  363. if (is_array($values)) {
  364. for ($i = 0; $i<count($values); $i++) {
  365. $newVal = self::_valueFromLdapDateTime($values[$i]);
  366. if ($newVal !== null) $values[$i] = $newVal;
  367. }
  368. }
  369. else {
  370. $newVal = self::_valueFromLdapDateTime($values);
  371. if ($newVal !== null) $values = $newVal;
  372. }
  373. return $values;
  374. }
  375. /**
  376. * @param string|DateTime $value
  377. * @return integer|null
  378. */
  379. private static function _valueFromLdapDateTime($value)
  380. {
  381. if ($value instanceof DateTime) {
  382. return $value->format('U');
  383. } else if (is_string($value)) {
  384. try {
  385. return Zend_Ldap_Converter::fromLdapDateTime($value, false)->format('U');
  386. } catch (InvalidArgumentException $e) {
  387. return null;
  388. }
  389. } else return null;
  390. }
  391. }