diff options
| author | Frederic Guillot <fred@kanboard.net> | 2016-03-27 18:30:02 -0400 |
|---|---|---|
| committer | Frederic Guillot <fred@kanboard.net> | 2016-03-27 18:30:02 -0400 |
| commit | d0a0be89f2a774e5438fe844d69541fecb5cafc4 (patch) | |
| tree | 2f0738c4e49f41f00e74fa80dc69efa2de4d2c26 | |
| parent | cefeb7ef96902f4c75936bccc0cd72258ef0d7d6 (diff) | |
Added more logging for LDAP client
| -rw-r--r-- | ChangeLog | 1 | ||||
| -rw-r--r-- | app/Auth/LdapAuth.php | 6 | ||||
| -rw-r--r-- | app/Core/Ldap/Client.php | 33 | ||||
| -rw-r--r-- | app/Core/Ldap/Query.php | 6 | ||||
| -rw-r--r-- | app/Core/Ldap/User.php | 3 |
5 files changed, 46 insertions, 3 deletions
@@ -10,6 +10,7 @@ New features: Improvements: +* Added more logging for LDAP client * Improve schema migration process * Improve notification configuration form * Handle state in OAuth2 client diff --git a/app/Auth/LdapAuth.php b/app/Auth/LdapAuth.php index b4efbb55..c9423580 100644 --- a/app/Auth/LdapAuth.php +++ b/app/Auth/LdapAuth.php @@ -63,10 +63,12 @@ class LdapAuth extends Base implements PasswordAuthenticationProviderInterface try { $client = LdapClient::connect($this->getLdapUsername(), $this->getLdapPassword()); + $client->setLogger($this->logger); + $user = LdapUser::getUser($client, $this->username); if ($user === null) { - $this->logger->info('User not found in LDAP server'); + $this->logger->info('User ('.$this->username.') not found in LDAP server'); return false; } @@ -74,6 +76,8 @@ class LdapAuth extends Base implements PasswordAuthenticationProviderInterface throw new LogicException('Username not found in LDAP profile, check the parameter LDAP_USER_ATTRIBUTE_USERNAME'); } + $this->logger->info('Authenticate user: '.$user->getDn()); + if ($client->authenticate($user->getDn(), $this->password)) { $this->userInfo = $user; return true; diff --git a/app/Core/Ldap/Client.php b/app/Core/Ldap/Client.php index 05658190..cee67da5 100644 --- a/app/Core/Ldap/Client.php +++ b/app/Core/Ldap/Client.php @@ -3,6 +3,7 @@ namespace Kanboard\Core\Ldap; use LogicException; +use Psr\Log\LoggerInterface; /** * LDAP Client @@ -21,6 +22,14 @@ class Client protected $ldap; /** + * Logger instance + * + * @access private + * @var LoggerInterface + */ + private $logger; + + /** * Establish LDAP connection * * @static @@ -165,4 +174,28 @@ class Client { return LDAP_PASSWORD; } + + /** + * Set logger + * + * @access public + * @param LoggerInterface $logger + * @return Client + */ + public function setLogger(LoggerInterface $logger) + { + $this->logger = $logger; + return $this; + } + + /** + * Get logger + * + * @access public + * @return LoggerInterface + */ + public function getLogger() + { + return $this->logger; + } } diff --git a/app/Core/Ldap/Query.php b/app/Core/Ldap/Query.php index 1779fa61..bea6d5d6 100644 --- a/app/Core/Ldap/Query.php +++ b/app/Core/Ldap/Query.php @@ -48,6 +48,12 @@ class Query */ public function execute($baseDn, $filter, array $attributes) { + if (DEBUG) { + $this->client->getLogger()->debug('BaseDN='.$baseDn); + $this->client->getLogger()->debug('Filter='.$filter); + $this->client->getLogger()->debug('Attributes='.implode(', ', $attributes)); + } + $sr = ldap_search($this->client->getConnection(), $baseDn, $filter, $attributes); if ($sr === false) { return $this; diff --git a/app/Core/Ldap/User.php b/app/Core/Ldap/User.php index 52283434..d23ec07e 100644 --- a/app/Core/Ldap/User.php +++ b/app/Core/Ldap/User.php @@ -44,8 +44,7 @@ class User */ public static function getUser(Client $client, $username) { - $className = get_called_class(); - $self = new $className(new Query($client)); + $self = new static(new Query($client)); return $self->find($self->getLdapUserPattern($username)); } |