2021-06-26 17:23:15 +02:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace BookStack\Auth\Access;
|
2016-01-16 00:21:47 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Class Ldap
|
|
|
|
* An object-orientated thin abstraction wrapper for common PHP LDAP functions.
|
|
|
|
* Allows the standard LDAP functions to be mocked for testing.
|
|
|
|
*/
|
|
|
|
class Ldap
|
|
|
|
{
|
|
|
|
/**
|
2021-11-06 01:32:01 +01:00
|
|
|
* Connect to an LDAP server.
|
2021-11-06 23:00:33 +01:00
|
|
|
*
|
2016-01-16 00:21:47 +01:00
|
|
|
* @return resource
|
|
|
|
*/
|
2021-11-06 01:32:01 +01:00
|
|
|
public function connect(string $hostName, int $port)
|
2016-01-16 00:21:47 +01:00
|
|
|
{
|
|
|
|
return ldap_connect($hostName, $port);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Set the value of a LDAP option for the given connection.
|
2021-06-26 17:23:15 +02:00
|
|
|
*
|
2016-01-16 00:21:47 +01:00
|
|
|
* @param resource $ldapConnection
|
2021-06-26 17:23:15 +02:00
|
|
|
* @param mixed $value
|
2016-01-16 00:21:47 +01:00
|
|
|
*/
|
2021-11-06 01:32:01 +01:00
|
|
|
public function setOption($ldapConnection, int $option, $value): bool
|
2016-01-16 00:21:47 +01:00
|
|
|
{
|
|
|
|
return ldap_set_option($ldapConnection, $option, $value);
|
|
|
|
}
|
|
|
|
|
2021-02-07 21:00:04 +01:00
|
|
|
/**
|
|
|
|
* Start TLS on the given LDAP connection.
|
|
|
|
*/
|
|
|
|
public function startTls($ldapConnection): bool
|
|
|
|
{
|
|
|
|
return ldap_start_tls($ldapConnection);
|
|
|
|
}
|
|
|
|
|
2016-05-02 12:38:07 +02:00
|
|
|
/**
|
|
|
|
* Set the version number for the given ldap connection.
|
2021-06-26 17:23:15 +02:00
|
|
|
*
|
2021-11-06 01:32:01 +01:00
|
|
|
* @param resource $ldapConnection
|
2016-05-02 12:38:07 +02:00
|
|
|
*/
|
2021-11-06 01:32:01 +01:00
|
|
|
public function setVersion($ldapConnection, int $version): bool
|
2016-05-02 12:38:07 +02:00
|
|
|
{
|
|
|
|
return $this->setOption($ldapConnection, LDAP_OPT_PROTOCOL_VERSION, $version);
|
|
|
|
}
|
|
|
|
|
2016-01-16 00:21:47 +01:00
|
|
|
/**
|
|
|
|
* Search LDAP tree using the provided filter.
|
2021-06-26 17:23:15 +02:00
|
|
|
*
|
2016-01-16 00:21:47 +01:00
|
|
|
* @param resource $ldapConnection
|
|
|
|
* @param string $baseDn
|
|
|
|
* @param string $filter
|
|
|
|
* @param array|null $attributes
|
2021-06-26 17:23:15 +02:00
|
|
|
*
|
2016-01-16 00:21:47 +01:00
|
|
|
* @return resource
|
|
|
|
*/
|
|
|
|
public function search($ldapConnection, $baseDn, $filter, array $attributes = null)
|
|
|
|
{
|
|
|
|
return ldap_search($ldapConnection, $baseDn, $filter, $attributes);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Get entries from an ldap search result.
|
2021-06-26 17:23:15 +02:00
|
|
|
*
|
2016-01-16 00:21:47 +01:00
|
|
|
* @param resource $ldapConnection
|
|
|
|
* @param resource $ldapSearchResult
|
2021-06-26 17:23:15 +02:00
|
|
|
*
|
2016-01-16 00:21:47 +01:00
|
|
|
* @return array
|
|
|
|
*/
|
|
|
|
public function getEntries($ldapConnection, $ldapSearchResult)
|
|
|
|
{
|
|
|
|
return ldap_get_entries($ldapConnection, $ldapSearchResult);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Search and get entries immediately.
|
2021-06-26 17:23:15 +02:00
|
|
|
*
|
2016-01-16 00:21:47 +01:00
|
|
|
* @param resource $ldapConnection
|
|
|
|
* @param string $baseDn
|
|
|
|
* @param string $filter
|
|
|
|
* @param array|null $attributes
|
2021-06-26 17:23:15 +02:00
|
|
|
*
|
2016-01-16 00:21:47 +01:00
|
|
|
* @return resource
|
|
|
|
*/
|
|
|
|
public function searchAndGetEntries($ldapConnection, $baseDn, $filter, array $attributes = null)
|
|
|
|
{
|
|
|
|
$search = $this->search($ldapConnection, $baseDn, $filter, $attributes);
|
2021-06-26 17:23:15 +02:00
|
|
|
|
2016-01-16 00:21:47 +01:00
|
|
|
return $this->getEntries($ldapConnection, $search);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Bind to LDAP directory.
|
2021-06-26 17:23:15 +02:00
|
|
|
*
|
2016-01-16 00:21:47 +01:00
|
|
|
* @param resource $ldapConnection
|
|
|
|
* @param string $bindRdn
|
|
|
|
* @param string $bindPassword
|
2021-06-26 17:23:15 +02:00
|
|
|
*
|
2016-01-16 00:21:47 +01:00
|
|
|
* @return bool
|
|
|
|
*/
|
|
|
|
public function bind($ldapConnection, $bindRdn = null, $bindPassword = null)
|
|
|
|
{
|
|
|
|
return ldap_bind($ldapConnection, $bindRdn, $bindPassword);
|
|
|
|
}
|
2018-12-20 21:04:09 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Explode a LDAP dn string into an array of components.
|
2021-06-26 17:23:15 +02:00
|
|
|
*
|
2018-12-20 21:04:09 +01:00
|
|
|
* @param string $dn
|
2021-06-26 17:23:15 +02:00
|
|
|
* @param int $withAttrib
|
|
|
|
*
|
2018-12-20 21:04:09 +01:00
|
|
|
* @return array
|
|
|
|
*/
|
|
|
|
public function explodeDn(string $dn, int $withAttrib)
|
|
|
|
{
|
|
|
|
return ldap_explode_dn($dn, $withAttrib);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Escape a string for use in an LDAP filter.
|
2021-06-26 17:23:15 +02:00
|
|
|
*
|
2018-12-20 21:04:09 +01:00
|
|
|
* @param string $value
|
|
|
|
* @param string $ignore
|
2021-06-26 17:23:15 +02:00
|
|
|
* @param int $flags
|
|
|
|
*
|
2018-12-20 21:04:09 +01:00
|
|
|
* @return string
|
|
|
|
*/
|
2021-06-26 17:23:15 +02:00
|
|
|
public function escape(string $value, string $ignore = '', int $flags = 0)
|
2018-12-20 21:04:09 +01:00
|
|
|
{
|
|
|
|
return ldap_escape($value, $ignore, $flags);
|
|
|
|
}
|
2016-11-15 11:10:12 +01:00
|
|
|
}
|