summaryrefslogtreecommitdiff
path: root/app/Model/Ldap.php
diff options
context:
space:
mode:
Diffstat (limited to 'app/Model/Ldap.php')
-rw-r--r--app/Model/Ldap.php104
1 files changed, 0 insertions, 104 deletions
diff --git a/app/Model/Ldap.php b/app/Model/Ldap.php
deleted file mode 100644
index 007f7171..00000000
--- a/app/Model/Ldap.php
+++ /dev/null
@@ -1,104 +0,0 @@
-<?php
-
-namespace Model;
-
-/**
- * LDAP model
- *
- * @package model
- * @author Frederic Guillot
- */
-class Ldap extends Base
-{
- /**
- * Authenticate a user
- *
- * @access public
- * @param string $username Username
- * @param string $password Password
- * @return null|boolean
- */
- public function authenticate($username, $password)
- {
- if (! function_exists('ldap_connect')) {
- die('The PHP LDAP extension is required');
- }
-
- // Skip SSL certificate verification
- if (! LDAP_SSL_VERIFY) {
- putenv('LDAPTLS_REQCERT=never');
- }
-
- $ldap = ldap_connect(LDAP_SERVER, LDAP_PORT);
-
- if (! is_resource($ldap)) {
- die('Unable to connect to the LDAP server: "'.LDAP_SERVER.'"');
- }
-
- ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3);
- ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0);
-
- if (! @ldap_bind($ldap, LDAP_USERNAME, LDAP_PASSWORD)) {
- die('Unable to bind to the LDAP server: "'.LDAP_SERVER.'"');
- }
-
- $sr = @ldap_search($ldap, LDAP_ACCOUNT_BASE, sprintf(LDAP_USER_PATTERN, $username), array(LDAP_ACCOUNT_FULLNAME, LDAP_ACCOUNT_EMAIL));
-
- if ($sr === false) {
- return false;
- }
-
- $info = ldap_get_entries($ldap, $sr);
-
- // User not found
- if (count($info) == 0 || $info['count'] == 0) {
- return false;
- }
-
- if (@ldap_bind($ldap, $info[0]['dn'], $password)) {
- return $this->create($username, $info[0][LDAP_ACCOUNT_FULLNAME][0], $info[0][LDAP_ACCOUNT_EMAIL][0]);
- }
-
- return false;
- }
-
- /**
- * Create automatically a new local user after the LDAP authentication
- *
- * @access public
- * @param string $username Username
- * @param string $name Name of the user
- * @param string $email Email address
- * @return bool
- */
- public function create($username, $name, $email)
- {
- $user = $this->user->getByUsername($username);
-
- // There is an existing user account
- if ($user) {
-
- if ($user['is_ldap_user'] == 1) {
-
- // LDAP user already created
- return true;
- }
- else {
-
- // There is already a local user with that username
- return false;
- }
- }
-
- // Create a LDAP user
- $values = array(
- 'username' => $username,
- 'name' => $name,
- 'email' => $email,
- 'is_admin' => 0,
- 'is_ldap_user' => 1,
- );
-
- return $userModel->create($values);
- }
-}