2016-01-09 20:23:35 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace BookStack\Providers;
|
|
|
|
|
2018-09-25 13:30:50 +02:00
|
|
|
use BookStack\Auth\Access\LdapService;
|
2016-01-09 20:23:35 +01:00
|
|
|
use Illuminate\Contracts\Auth\Authenticatable;
|
|
|
|
use Illuminate\Contracts\Auth\UserProvider;
|
|
|
|
|
|
|
|
class LdapUserProvider implements UserProvider
|
|
|
|
{
|
|
|
|
|
|
|
|
/**
|
|
|
|
* The user model.
|
|
|
|
*
|
|
|
|
* @var string
|
|
|
|
*/
|
|
|
|
protected $model;
|
|
|
|
|
2016-01-11 23:41:05 +01:00
|
|
|
/**
|
2018-09-25 13:30:50 +02:00
|
|
|
* @var \BookStack\Auth\LdapService
|
2016-01-11 23:41:05 +01:00
|
|
|
*/
|
|
|
|
protected $ldapService;
|
|
|
|
|
2016-01-09 20:23:35 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* LdapUserProvider constructor.
|
2016-01-11 23:41:05 +01:00
|
|
|
* @param $model
|
2018-09-25 13:30:50 +02:00
|
|
|
* @param \BookStack\Auth\LdapService $ldapService
|
2016-01-09 20:23:35 +01:00
|
|
|
*/
|
2016-01-11 23:41:05 +01:00
|
|
|
public function __construct($model, LdapService $ldapService)
|
2016-01-09 20:23:35 +01:00
|
|
|
{
|
|
|
|
$this->model = $model;
|
2016-01-11 23:41:05 +01:00
|
|
|
$this->ldapService = $ldapService;
|
2016-01-09 20:23:35 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Create a new instance of the model.
|
|
|
|
*
|
|
|
|
* @return \Illuminate\Database\Eloquent\Model
|
|
|
|
*/
|
|
|
|
public function createModel()
|
|
|
|
{
|
2016-01-11 23:41:05 +01:00
|
|
|
$class = '\\' . ltrim($this->model, '\\');
|
2016-01-09 20:23:35 +01:00
|
|
|
return new $class;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Retrieve a user by their unique identifier.
|
|
|
|
*
|
|
|
|
* @param mixed $identifier
|
|
|
|
* @return \Illuminate\Contracts\Auth\Authenticatable|null
|
|
|
|
*/
|
|
|
|
public function retrieveById($identifier)
|
|
|
|
{
|
|
|
|
return $this->createModel()->newQuery()->find($identifier);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Retrieve a user by their unique identifier and "remember me" token.
|
|
|
|
*
|
|
|
|
* @param mixed $identifier
|
2016-01-11 23:41:05 +01:00
|
|
|
* @param string $token
|
2016-01-09 20:23:35 +01:00
|
|
|
* @return \Illuminate\Contracts\Auth\Authenticatable|null
|
|
|
|
*/
|
|
|
|
public function retrieveByToken($identifier, $token)
|
|
|
|
{
|
|
|
|
$model = $this->createModel();
|
|
|
|
|
|
|
|
return $model->newQuery()
|
|
|
|
->where($model->getAuthIdentifierName(), $identifier)
|
|
|
|
->where($model->getRememberTokenName(), $token)
|
|
|
|
->first();
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Update the "remember me" token for the given user in storage.
|
|
|
|
*
|
|
|
|
* @param \Illuminate\Contracts\Auth\Authenticatable $user
|
|
|
|
* @param string $token
|
|
|
|
* @return void
|
|
|
|
*/
|
|
|
|
public function updateRememberToken(Authenticatable $user, $token)
|
|
|
|
{
|
2016-01-16 00:21:47 +01:00
|
|
|
if ($user->exists) {
|
|
|
|
$user->setRememberToken($token);
|
|
|
|
$user->save();
|
|
|
|
}
|
2016-01-09 20:23:35 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Retrieve a user by the given credentials.
|
|
|
|
*
|
|
|
|
* @param array $credentials
|
|
|
|
* @return \Illuminate\Contracts\Auth\Authenticatable|null
|
|
|
|
*/
|
|
|
|
public function retrieveByCredentials(array $credentials)
|
|
|
|
{
|
|
|
|
// Get user via LDAP
|
2016-01-11 23:41:05 +01:00
|
|
|
$userDetails = $this->ldapService->getUserDetails($credentials['username']);
|
2018-01-28 17:58:52 +01:00
|
|
|
if ($userDetails === null) {
|
|
|
|
return null;
|
|
|
|
}
|
2016-01-09 20:23:35 +01:00
|
|
|
|
|
|
|
// Search current user base by looking up a uid
|
2016-01-11 23:41:05 +01:00
|
|
|
$model = $this->createModel();
|
|
|
|
$currentUser = $model->newQuery()
|
|
|
|
->where('external_auth_id', $userDetails['uid'])
|
|
|
|
->first();
|
2016-01-09 20:23:35 +01:00
|
|
|
|
2018-01-28 17:58:52 +01:00
|
|
|
if ($currentUser !== null) {
|
|
|
|
return $currentUser;
|
|
|
|
}
|
2016-01-09 20:23:35 +01:00
|
|
|
|
2016-01-11 23:41:05 +01:00
|
|
|
$model->name = $userDetails['name'];
|
|
|
|
$model->external_auth_id = $userDetails['uid'];
|
2016-01-13 23:22:30 +01:00
|
|
|
$model->email = $userDetails['email'];
|
2016-04-03 13:16:54 +02:00
|
|
|
$model->email_confirmed = false;
|
2016-01-11 23:41:05 +01:00
|
|
|
return $model;
|
2016-01-09 20:23:35 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Validate a user against the given credentials.
|
|
|
|
*
|
|
|
|
* @param \Illuminate\Contracts\Auth\Authenticatable $user
|
|
|
|
* @param array $credentials
|
|
|
|
* @return bool
|
|
|
|
*/
|
|
|
|
public function validateCredentials(Authenticatable $user, array $credentials)
|
|
|
|
{
|
2016-01-11 23:41:05 +01:00
|
|
|
return $this->ldapService->validateUserCredentials($user, $credentials['username'], $credentials['password']);
|
2016-01-09 20:23:35 +01:00
|
|
|
}
|
|
|
|
}
|