ldap-matter/oauth/LDAP/LDAP.php

<?php

/**
 * Simple LDAP object to interact with LDAP 
 *
 * @author Denis CLAVIER <clavierd at gmail dot com>
 */


require_once __DIR__.'/LDAPInterface.php';

class LDAP implements LDAPInterface
{
    protected $ldap_server;

     /**
     * LDAP Resource
     *
     * @param string @ldap_host
     * Either a hostname or, with OpenLDAP 2.x.x and later, a full LDAP URI
     * @param int @ldap_port
     * An optional int to specify ldap server port, by default : 389
     * @param int @ldap_version
     * An optional int to specify ldap version, by default LDAP V3 protocol is used
     * 
     * Initiate LDAP connection by creating an associated resource  
     */
    public function __construct($ldap_host, $ldap_port = 389, $ldap_version = 3)
    {
        if (!is_string($ldap_host)) 
        {
            throw new InvalidArgumentException('First argument to LDAP must be the hostname of a ldap server (string). Ex: ldap//example.com/ ');
        }
        
        if (!is_int($ldap_port)) 
        {
            throw new InvalidArgumentException('Second argument to LDAP must be the ldap server port (int). Ex : 389');
        }

        $ldap = ldap_connect($ldap_host, $ldap_port) 
        	or die("Unable to connect to the ldap server : $ldaphost ! Please check your configuration.");

        // Support LDAP V3 since many users have encountered difficulties with LDAP V3.
        if (is_int($ldap_version) && $ldap_version <= 3 && $ldap_version > 0)
        {
            ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, $ldap_version);
        }
        else
        {
            throw new InvalidArgumentException('Third argument to LDAP must be the ldap version (int). Ex : 3');
        }

        $this->ldap_server = $ldap;
    }

     /**
     * @param string @user
     * A ldap username or email or sAMAccountName
     * @param string @password
     * An optional password linked to the user, if not provided an anonymous bind is attempted
     * @param string @ldap_search_attribute
     * The attribute used on your LDAP to identify user (uid, email, cn, sAMAccountName)      
     * @param string @ldap_filter
     * An optional filter to search in LDAP (ex : objectClass = person).
     * @param string @ldap_base_dn
     * The LDAP base DN. 
     * @param string @ldap_bind_dn
     * The directory name of a service user to bind before search. Must be a user with read permission on LDAP. 
     * @param string @ldap_bind_pass
     * The password associated to the service user to bind before search. 
     * 
     * @return 
     * TRUE if the user is identified and can access to the LDAP server
     * and FALSE if it isn't  
     */
    public function checkLogin($user, $password = null, $ldap_search_attribute, $ldap_filter = null, $ldap_base_dn,$ldap_bind_dn, $ldap_bind_pass) {
        if (!is_string($user)) 
        {
            throw new InvalidArgumentException('First argument to LDAP/checkLogin must be the username or email of a ldap user (string). Ex: jdupont or jdupont@company.com');
        }
        if (!is_string($password) && $password != null) 
        {
            throw new InvalidArgumentException('Second argument to LDAP/checkLogin must be the password associated to the relative directory name (string).');
        }        
        if (!is_string($ldap_search_attribute)) 
        {
            throw new InvalidArgumentException('Third argument to LDAP/checkLogin must be the attribute to identify users (ex : uid, email, sAMAccountName) (string).');
        }
        if (!is_string($ldap_filter) && $ldap_filter != null) 
        {
            throw new InvalidArgumentException('Fourth argument to LDAP/checkLogin must be an optional filter to search in LDAP (string).');
        }
         if (!is_string($ldap_base_dn)) 
        {
            throw new InvalidArgumentException('Fifth argument to LDAP/checkLogin must be the ldap base directory name (string). Ex: o=Company');
        }
        if (!is_string($ldap_bind_dn) && $ldap_bind_dn != null) 
        {
            throw new InvalidArgumentException('Sixth argument to LDAP/checkLogin must be an optional service account on restrictive LDAP (string).');
        }
        if (!is_string($ldap_bind_pass) && $ldap_bind_pass != null) 
        {
            throw new InvalidArgumentException('Seventh argument to LDAP/checkLogin must be an optional password for the service account on restrictive LDAP (string).');
        }
       
         // If LDAP service account for search is specified, do an ldap_bind with this account
        if ($ldap_bind_dn != '' && $ldap_bind_dn != null)
        {
            $bind_result=ldap_bind($this->ldap_server,$ldap_bind_dn,$ldap_bind_pass);

            // If authentification failed, throw an exception 
            if (!$bind_result)
            {
                throw new Exception('An error has occured during ldap_bind execution. Please check parameter of LDAP/checkLogin, and make sure that user provided have read permission on LDAP.');
            }
        }
        if ($ldap_filter!="" && $ldap_filter != null) 
        {
            $search_filter = '(&(' . $ldap_search_attribute . '=' . $user . ')(' . $ldap_filter .'))';
        }
        else
        {
            $search_filter = $ldap_search_attribute . '=' . $user;
        }

        
        $result = ldap_search($this->ldap_server, $ldap_base_dn, $search_filter, array(), 0, 1, 500);

        if (!$result)
        {
            throw new Exception('An error has occured during ldap_search execution. Please check parameter of LDAP/checkLogin.');
        }

        $data = ldap_first_entry($this->ldap_server, $result);
        if (!$data)
        {
            throw new Exception('An error has occured during ldap_first_entry execution. Please check parameter of LDAP/checkLogin.');
        }
        $dn = ldap_get_dn($this->ldap_server, $data);
        if (!$dn)
        {
            throw new Exception('An error has occured during ldap_get_values execution (dn). Please check parameter of LDAP/checkLogin.');
        }

        return ldap_bind($this->ldap_server,$dn,$password);
    }

     /**
     * @param string @ldap_base_dn
     * The LDAP base DN. 
     * @param string @ldap_filter
     * A filter to get relevant data. Often the user id in ldap (uid or sAMAccountName).
     * @param string @ldap_bind_dn
     * The directory name of a service user to bind before search. Must be a user with read permission on LDAP. 
     * @param string @ldap_bind_pass
     * The password associated to the service user to bind before search.
     * @param string @ldap_search_attribute
     * The attribute used on your LDAP to identify user (uid, email, cn, sAMAccountName)
     * @param string @user
     * A ldap username or email or sAMAccountName  
     * 
     * @return 
     * An array with the user's mail, complete name and directory name.
     */
    public function getDataForMattermost($ldap_base_dn, $ldap_filter, $ldap_bind_dn, $ldap_bind_pass, $ldap_search_attribute, $user) {

    	$attribute=array("cn","mail");

        if (!is_string($ldap_base_dn)) 
        {
            throw new InvalidArgumentException('First argument to LDAP/getData must be the ldap base directory name (string). Ex: o=Company');
        }
        if (!is_string($ldap_filter)) 
        {
            throw new InvalidArgumentException('Second argument to LDAP/getData must be a filter to get relevant data. Often is the user id in ldap (string). Ex : uid=jdupont');
        }
        if (!is_string($ldap_bind_dn) && $ldap_bind_dn != null) 
        {
            throw new InvalidArgumentException('Third argument to LDAP/getData must be an optional service account on restrictive LDAP (string).');
        }
        if (!is_string($ldap_bind_pass) && $ldap_bind_pass != null) 
        {
            throw new InvalidArgumentException('Fourth argument to LDAP/getData must be an optional password for the service account on restrictive LDAP (string).');
        }
        if (!is_string($ldap_search_attribute)) 
        {
            throw new InvalidArgumentException('Fifth argument to LDAP/getData must be the attribute to identify users (ex : uid, email, sAMAccountName) (string).');
        }
        if (!is_string($user)) 
        {
            throw new InvalidArgumentException('Sixth argument to LDAP/getData must be the username or email of a ldap user (string). Ex: jdupont or jdupont@company.com');
        }

        // If LDAP service account for search is specified, do an ldap_bind with this account
        if ($ldap_bind_dn != '' && $ldap_bind_dn != null)
        {
            $bind_result=ldap_bind($this->ldap_server,$ldap_bind_dn,$ldap_bind_pass);

            // If authentification failed, throw an exception 
            if (!$bind_result)
            {
                throw new Exception('An error has occured during ldap_bind execution. Please check parameter of LDAP/getData, and make sure that user provided have read permission on LDAP.');
            }
        }

        if ($ldap_filter!="" && $ldap_filter != null) 
        {
            $search_filter = '(&(' . $ldap_search_attribute . '=' . $user . ')(' . $ldap_filter .'))';
        }
        else
        {
            $search_filter = $ldap_search_attribute . '=' . $user;
        }
        
        $result = ldap_search($this->ldap_server, $ldap_base_dn, $search_filter, array(), 0, 1, 500);

        if (!$result)
        {
        	throw new Exception('An error has occured during ldap_search execution. Please check parameter of LDAP/getData.');
        }

        $data = ldap_first_entry($this->ldap_server, $result);
        if (!$data)
        {
        	throw new Exception('An error has occured during ldap_first_entry execution. Please check parameter of LDAP/getData.');
        }

        $mail = ldap_get_values($this->ldap_server, $data, "mail");
        if (!$mail)
        {
        	throw new Exception('An error has occured during ldap_get_values execution (mail). Please check parameter of LDAP/getData.');
        }

        $cn = ldap_get_values($this->ldap_server, $data, "cn");
        if (!$cn)
        {
        	throw new Exception('An error has occured during ldap_get_values execution (complete name). Please check parameter of LDAP/getData.');
        }

        return array("mail" => $mail[0], "cn" => $cn[0]);
    }

    /*
	 * Destructor to close the LDAP connection 
     */
    public function __destruct() 
    {
    	ldap_close($this->ldap_server);
    }

}
Initial Commit - First version 2017-08-08 03:01:11 +08:00			`<?php`

			`/**`
			`* Simple LDAP object to interact with LDAP`
			`*`
			`* @author Denis CLAVIER <clavierd at gmail dot com>`
			`*/`


			`require_once __DIR__.'/LDAPInterface.php';`

			`class LDAP implements LDAPInterface`
			`{`
			`protected $ldap_server;`

			`/**`
			`* LDAP Resource`
			`*`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`* @param string @ldap_host`
Initial Commit - First version 2017-08-08 03:01:11 +08:00			`* Either a hostname or, with OpenLDAP 2.x.x and later, a full LDAP URI`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`* @param int @ldap_port`
Patch for Mattermost 4.4 -> 4.9 + some bug fix 2018-05-20 00:04:13 +08:00			`* An optional int to specify ldap server port, by default : 389`
			`* @param int @ldap_version`
			`* An optional int to specify ldap version, by default LDAP V3 protocol is used`
Initial Commit - First version 2017-08-08 03:01:11 +08:00			`*`
			`* Initiate LDAP connection by creating an associated resource`
			`*/`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`public function __construct($ldap_host, $ldap_port = 389, $ldap_version = 3)`
Initial Commit - First version 2017-08-08 03:01:11 +08:00			`{`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`if (!is_string($ldap_host))`
Initial Commit - First version 2017-08-08 03:01:11 +08:00			`{`
			`throw new InvalidArgumentException('First argument to LDAP must be the hostname of a ldap server (string). Ex: ldap//example.com/ ');`
			`}`

Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`if (!is_int($ldap_port))`
Initial Commit - First version 2017-08-08 03:01:11 +08:00			`{`
			`throw new InvalidArgumentException('Second argument to LDAP must be the ldap server port (int). Ex : 389');`
			`}`

Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`$ldap = ldap_connect($ldap_host, $ldap_port)`
Initial Commit - First version 2017-08-08 03:01:11 +08:00			`or die("Unable to connect to the ldap server : $ldaphost ! Please check your configuration.");`

Patch for Mattermost 4.4 -> 4.9 + some bug fix 2018-05-20 00:04:13 +08:00			`// Support LDAP V3 since many users have encountered difficulties with LDAP V3.`
			`if (is_int($ldap_version) && $ldap_version <= 3 && $ldap_version > 0)`
			`{`
			`ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, $ldap_version);`
			`}`
			`else`
			`{`
			`throw new InvalidArgumentException('Third argument to LDAP must be the ldap version (int). Ex : 3');`
			`}`

Initial Commit - First version 2017-08-08 03:01:11 +08:00			`$this->ldap_server = $ldap;`
			`}`

			`/**`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`* @param string @user`
			`* A ldap username or email or sAMAccountName`
Initial Commit - First version 2017-08-08 03:01:11 +08:00			`* @param string @password`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`* An optional password linked to the user, if not provided an anonymous bind is attempted`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`* @param string @ldap_search_attribute`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`* The attribute used on your LDAP to identify user (uid, email, cn, sAMAccountName)`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`* @param string @ldap_filter`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`* An optional filter to search in LDAP (ex : objectClass = person).`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`* @param string @ldap_base_dn`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`* The LDAP base DN.`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`* @param string @ldap_bind_dn`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`* The directory name of a service user to bind before search. Must be a user with read permission on LDAP.`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`* @param string @ldap_bind_pass`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`* The password associated to the service user to bind before search.`
Initial Commit - First version 2017-08-08 03:01:11 +08:00			`*`
			`* @return`
			`* TRUE if the user is identified and can access to the LDAP server`
			`* and FALSE if it isn't`
			`*/`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`public function checkLogin($user, $password = null, $ldap_search_attribute, $ldap_filter = null, $ldap_base_dn,$ldap_bind_dn, $ldap_bind_pass) {`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`if (!is_string($user))`
Initial Commit - First version 2017-08-08 03:01:11 +08:00			`{`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`throw new InvalidArgumentException('First argument to LDAP/checkLogin must be the username or email of a ldap user (string). Ex: jdupont or jdupont@company.com');`
Initial Commit - First version 2017-08-08 03:01:11 +08:00			`}`
			`if (!is_string($password) && $password != null)`
			`{`
			`throw new InvalidArgumentException('Second argument to LDAP/checkLogin must be the password associated to the relative directory name (string).');`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`}`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`if (!is_string($ldap_search_attribute))`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`{`
			`throw new InvalidArgumentException('Third argument to LDAP/checkLogin must be the attribute to identify users (ex : uid, email, sAMAccountName) (string).');`
			`}`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`if (!is_string($ldap_filter) && $ldap_filter != null)`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`{`
			`throw new InvalidArgumentException('Fourth argument to LDAP/checkLogin must be an optional filter to search in LDAP (string).');`
			`}`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`if (!is_string($ldap_base_dn))`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`{`
			`throw new InvalidArgumentException('Fifth argument to LDAP/checkLogin must be the ldap base directory name (string). Ex: o=Company');`
			`}`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`if (!is_string($ldap_bind_dn) && $ldap_bind_dn != null)`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`{`
			`throw new InvalidArgumentException('Sixth argument to LDAP/checkLogin must be an optional service account on restrictive LDAP (string).');`
			`}`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`if (!is_string($ldap_bind_pass) && $ldap_bind_pass != null)`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`{`
			`throw new InvalidArgumentException('Seventh argument to LDAP/checkLogin must be an optional password for the service account on restrictive LDAP (string).');`
			`}`

			`// If LDAP service account for search is specified, do an ldap_bind with this account`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`if ($ldap_bind_dn != '' && $ldap_bind_dn != null)`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`{`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`$bind_result=ldap_bind($this->ldap_server,$ldap_bind_dn,$ldap_bind_pass);`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00
			`// If authentification failed, throw an exception`
			`if (!$bind_result)`
			`{`
			`throw new Exception('An error has occured during ldap_bind execution. Please check parameter of LDAP/checkLogin, and make sure that user provided have read permission on LDAP.');`
			`}`
			`}`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`if ($ldap_filter!="" && $ldap_filter != null)`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`{`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`$search_filter = '(&(' . $ldap_search_attribute . '=' . $user . ')(' . $ldap_filter .'))';`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`}`
			`else`
			`{`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`$search_filter = $ldap_search_attribute . '=' . $user;`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`}`


Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`$result = ldap_search($this->ldap_server, $ldap_base_dn, $search_filter, array(), 0, 1, 500);`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00
			`if (!$result)`
			`{`
			`throw new Exception('An error has occured during ldap_search execution. Please check parameter of LDAP/checkLogin.');`
Initial Commit - First version 2017-08-08 03:01:11 +08:00			`}`

LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`$data = ldap_first_entry($this->ldap_server, $result);`
			`if (!$data)`
			`{`
			`throw new Exception('An error has occured during ldap_first_entry execution. Please check parameter of LDAP/checkLogin.');`
			`}`
			`$dn = ldap_get_dn($this->ldap_server, $data);`
			`if (!$dn)`
			`{`
			`throw new Exception('An error has occured during ldap_get_values execution (dn). Please check parameter of LDAP/checkLogin.');`
			`}`

			`return ldap_bind($this->ldap_server,$dn,$password);`
Initial Commit - First version 2017-08-08 03:01:11 +08:00			`}`

			`/**`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`* @param string @ldap_base_dn`
Initial Commit - First version 2017-08-08 03:01:11 +08:00			`* The LDAP base DN.`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`* @param string @ldap_filter`
Add service account support to get LDAP information (resource.php) and correct some minor bugs 2017-08-22 05:10:20 +08:00			`* A filter to get relevant data. Often the user id in ldap (uid or sAMAccountName).`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`* @param string @ldap_bind_dn`
Add service account support to get LDAP information (resource.php) and correct some minor bugs 2017-08-22 05:10:20 +08:00			`* The directory name of a service user to bind before search. Must be a user with read permission on LDAP.`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`* @param string @ldap_bind_pass`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`* The password associated to the service user to bind before search.`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`* @param string @ldap_search_attribute`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`* The attribute used on your LDAP to identify user (uid, email, cn, sAMAccountName)`
			`* @param string @user`
			`* A ldap username or email or sAMAccountName`
Initial Commit - First version 2017-08-08 03:01:11 +08:00			`*`
			`* @return`
Patch for Mattermost 4.4 -> 4.9 + some bug fix 2018-05-20 00:04:13 +08:00			`* An array with the user's mail, complete name and directory name.`
Initial Commit - First version 2017-08-08 03:01:11 +08:00			`*/`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`public function getDataForMattermost($ldap_base_dn, $ldap_filter, $ldap_bind_dn, $ldap_bind_pass, $ldap_search_attribute, $user) {`
Initial Commit - First version 2017-08-08 03:01:11 +08:00
			`$attribute=array("cn","mail");`

Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`if (!is_string($ldap_base_dn))`
Initial Commit - First version 2017-08-08 03:01:11 +08:00			`{`
			`throw new InvalidArgumentException('First argument to LDAP/getData must be the ldap base directory name (string). Ex: o=Company');`
			`}`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`if (!is_string($ldap_filter))`
Initial Commit - First version 2017-08-08 03:01:11 +08:00			`{`
			`throw new InvalidArgumentException('Second argument to LDAP/getData must be a filter to get relevant data. Often is the user id in ldap (string). Ex : uid=jdupont');`
			`}`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`if (!is_string($ldap_bind_dn) && $ldap_bind_dn != null)`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`{`
			`throw new InvalidArgumentException('Third argument to LDAP/getData must be an optional service account on restrictive LDAP (string).');`
			`}`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`if (!is_string($ldap_bind_pass) && $ldap_bind_pass != null)`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`{`
			`throw new InvalidArgumentException('Fourth argument to LDAP/getData must be an optional password for the service account on restrictive LDAP (string).');`
			`}`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`if (!is_string($ldap_search_attribute))`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`{`
			`throw new InvalidArgumentException('Fifth argument to LDAP/getData must be the attribute to identify users (ex : uid, email, sAMAccountName) (string).');`
			`}`
			`if (!is_string($user))`
			`{`
			`throw new InvalidArgumentException('Sixth argument to LDAP/getData must be the username or email of a ldap user (string). Ex: jdupont or jdupont@company.com');`
			`}`
Initial Commit - First version 2017-08-08 03:01:11 +08:00
Add service account support to get LDAP information (resource.php) and correct some minor bugs 2017-08-22 05:10:20 +08:00			`// If LDAP service account for search is specified, do an ldap_bind with this account`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`if ($ldap_bind_dn != '' && $ldap_bind_dn != null)`
Add service account support to get LDAP information (resource.php) and correct some minor bugs 2017-08-22 05:10:20 +08:00			`{`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`$bind_result=ldap_bind($this->ldap_server,$ldap_bind_dn,$ldap_bind_pass);`
Add service account support to get LDAP information (resource.php) and correct some minor bugs 2017-08-22 05:10:20 +08:00
			`// If authentification failed, throw an exception`
			`if (!$bind_result)`
			`{`
			`throw new Exception('An error has occured during ldap_bind execution. Please check parameter of LDAP/getData, and make sure that user provided have read permission on LDAP.');`
			`}`
			`}`

Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`if ($ldap_filter!="" && $ldap_filter != null)`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`{`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`$search_filter = '(&(' . $ldap_search_attribute . '=' . $user . ')(' . $ldap_filter .'))';`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`}`
			`else`
			`{`
Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`$search_filter = $ldap_search_attribute . '=' . $user;`
LDAP support improvment (issue #6) + some bugs corrected 2017-08-26 21:54:24 +08:00			`}`

Refresh project and Readme Adapt vars name for consistency Add a light CSS design 2019-05-02 20:51:50 +08:00			`$result = ldap_search($this->ldap_server, $ldap_base_dn, $search_filter, array(), 0, 1, 500);`
Initial Commit - First version 2017-08-08 03:01:11 +08:00
			`if (!$result)`
			`{`
			`throw new Exception('An error has occured during ldap_search execution. Please check parameter of LDAP/getData.');`
			`}`

			`$data = ldap_first_entry($this->ldap_server, $result);`
			`if (!$data)`
			`{`
			`throw new Exception('An error has occured during ldap_first_entry execution. Please check parameter of LDAP/getData.');`
			`}`

			`$mail = ldap_get_values($this->ldap_server, $data, "mail");`
			`if (!$mail)`
			`{`
			`throw new Exception('An error has occured during ldap_get_values execution (mail). Please check parameter of LDAP/getData.');`
			`}`

			`$cn = ldap_get_values($this->ldap_server, $data, "cn");`
			`if (!$cn)`
			`{`
			`throw new Exception('An error has occured during ldap_get_values execution (complete name). Please check parameter of LDAP/getData.');`
			`}`

			`return array("mail" => $mail[0], "cn" => $cn[0]);`
			`}`

			`/*`
			`* Destructor to close the LDAP connection`
			`*/`
			`public function __destruct()`
			`{`
			`ldap_close($this->ldap_server);`
			`}`

			`}`