summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog1
-rw-r--r--app/Auth/LdapAuth.php6
-rw-r--r--app/Core/Ldap/Client.php33
-rw-r--r--app/Core/Ldap/Query.php6
-rw-r--r--app/Core/Ldap/User.php3
5 files changed, 46 insertions, 3 deletions
diff --git a/ChangeLog b/ChangeLog
index c732f89a..4c79ef0c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -10,6 +10,7 @@ New features:
Improvements:
+* Added more logging for LDAP client
* Improve schema migration process
* Improve notification configuration form
* Handle state in OAuth2 client
diff --git a/app/Auth/LdapAuth.php b/app/Auth/LdapAuth.php
index b4efbb55..c9423580 100644
--- a/app/Auth/LdapAuth.php
+++ b/app/Auth/LdapAuth.php
@@ -63,10 +63,12 @@ class LdapAuth extends Base implements PasswordAuthenticationProviderInterface
try {
$client = LdapClient::connect($this->getLdapUsername(), $this->getLdapPassword());
+ $client->setLogger($this->logger);
+
$user = LdapUser::getUser($client, $this->username);
if ($user === null) {
- $this->logger->info('User not found in LDAP server');
+ $this->logger->info('User ('.$this->username.') not found in LDAP server');
return false;
}
@@ -74,6 +76,8 @@ class LdapAuth extends Base implements PasswordAuthenticationProviderInterface
throw new LogicException('Username not found in LDAP profile, check the parameter LDAP_USER_ATTRIBUTE_USERNAME');
}
+ $this->logger->info('Authenticate user: '.$user->getDn());
+
if ($client->authenticate($user->getDn(), $this->password)) {
$this->userInfo = $user;
return true;
diff --git a/app/Core/Ldap/Client.php b/app/Core/Ldap/Client.php
index 05658190..cee67da5 100644
--- a/app/Core/Ldap/Client.php
+++ b/app/Core/Ldap/Client.php
@@ -3,6 +3,7 @@
namespace Kanboard\Core\Ldap;
use LogicException;
+use Psr\Log\LoggerInterface;
/**
* LDAP Client
@@ -21,6 +22,14 @@ class Client
protected $ldap;
/**
+ * Logger instance
+ *
+ * @access private
+ * @var LoggerInterface
+ */
+ private $logger;
+
+ /**
* Establish LDAP connection
*
* @static
@@ -165,4 +174,28 @@ class Client
{
return LDAP_PASSWORD;
}
+
+ /**
+ * Set logger
+ *
+ * @access public
+ * @param LoggerInterface $logger
+ * @return Client
+ */
+ public function setLogger(LoggerInterface $logger)
+ {
+ $this->logger = $logger;
+ return $this;
+ }
+
+ /**
+ * Get logger
+ *
+ * @access public
+ * @return LoggerInterface
+ */
+ public function getLogger()
+ {
+ return $this->logger;
+ }
}
diff --git a/app/Core/Ldap/Query.php b/app/Core/Ldap/Query.php
index 1779fa61..bea6d5d6 100644
--- a/app/Core/Ldap/Query.php
+++ b/app/Core/Ldap/Query.php
@@ -48,6 +48,12 @@ class Query
*/
public function execute($baseDn, $filter, array $attributes)
{
+ if (DEBUG) {
+ $this->client->getLogger()->debug('BaseDN='.$baseDn);
+ $this->client->getLogger()->debug('Filter='.$filter);
+ $this->client->getLogger()->debug('Attributes='.implode(', ', $attributes));
+ }
+
$sr = ldap_search($this->client->getConnection(), $baseDn, $filter, $attributes);
if ($sr === false) {
return $this;
diff --git a/app/Core/Ldap/User.php b/app/Core/Ldap/User.php
index 52283434..d23ec07e 100644
--- a/app/Core/Ldap/User.php
+++ b/app/Core/Ldap/User.php
@@ -44,8 +44,7 @@ class User
*/
public static function getUser(Client $client, $username)
{
- $className = get_called_class();
- $self = new $className(new Query($client));
+ $self = new static(new Query($client));
return $self->find($self->getLdapUserPattern($username));
}