We use cookies to ensure you get the best experience on our website
Home Esplora Aiuto
Registrati Accedi
0ct0pu5
/
XBackBone
1
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Albero (Tree): 6f46b70b83
Rami (Branch) Tag
XBackBone
/
app
/
Controllers
/
Auth
/
AuthController.php

AuthController.php 3.1 KB
Cronologia Originale

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889 
  1. <?php
    2. 

  2. 

  3. 

  4. namespace App\Controllers\Auth;
    5. 

  5. 

  6. use App\Controllers\Controller;
    7. 

  7. use App\Web\Session;
    8. 

  8. use App\Web\ValidationHelper;
    9. 

  9. use Psr\Http\Message\ServerRequestInterface as Request;
    10. 

  10. 

  11. abstract class AuthController extends Controller
    12. 

  12. {
    13. 

  13.     protected function checkRecaptcha(ValidationHelper $validator, Request $request)
    14. 

  14.     {
    15. 

  15.         $validator->callIf($this->getSetting('recaptcha_enabled') === 'on', function (Session $session) use (&$request) {
    16. 

  16.             $recaptcha = json_decode(file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$this->getSetting('recaptcha_secret_key').'&response='.param($request, 'recaptcha_token')));
    17. 

  17. 

  18.             if ($recaptcha->success && $recaptcha->score < 0.5) {
    19. 

  19.                 $session->alert(lang('recaptcha_failed'), 'danger');
    20. 

  20.                 return false;
    21. 

  21.             }
    22. 

  22.             return true;
    23. 

  23.         });
    24. 

  24.         return $validator;
    25. 

  25.     }
    26. 

  26. 

  27. 

  28.     /**
    29. 

  29.      * @return bool|false|resource
    30. 

  30.      */
    31. 

  31.     public function ldapConnect()
    32. 

  32.     {
    33. 

  33.         if (!extension_loaded('ldap')) {
    34. 

  34.             $this->logger->error('The LDAP extension is not loaded.');
    35. 

  35.             return false;
    36. 

  36.         }
    37. 

  37.         // Building LDAP URI
    38. 

  38.         $ldapSchema=array_key_exists('schema', $this->config['ldap']) ?
    39. 

  39.             strtolower($this->config['ldap']['schema']) : 'ldap';
    40. 

  40.         $ldapURI="$ldapSchema://".$this->config['ldap']['host'].':'.$this->config['ldap']['port'];
    41. 

  41.         
    42. 

  42.         // Connecting to LDAP server
    43. 

  43.         $server = ldap_connect($ldapURI);
    44. 

  44.         if ($server) {
    45. 

  45.             ldap_set_option($server, LDAP_OPT_PROTOCOL_VERSION, 3);
    46. 

  46.             ldap_set_option($server, LDAP_OPT_REFERRALS, 0);
    47. 

  47.             ldap_set_option($server, LDAP_OPT_NETWORK_TIMEOUT, 10);
    48. 

  48.         }
    49. 

  49.         
    50. 

  50.         // Upgrade to StartTLS
    51. 

  51.         if ($this->config['ldap']['useStartTLS'] === true) {
    52. 

  52.             if (ldap_start_tls($server) === false) { 
    53. 

  53.                 $this->logger-error("Failed to establish secure LDAP swith StartTLS");
    54. 

  54.                 return false;
    55. 

  55.             }
    56. 

  56.         }
    57. 

  57.         
    58. 

  58.         // Authenticating LDAP service account
    59. 

  59.         $serviceAccountFQDN= (array_key_exists('service_account_dn', $this->config['ldap'])) ? 
    60. 

  60.             $this->config['ldap']['service_account_dn'] : null;
    61. 

  61.         if (is_string($serviceAccountFQDN)) {
    62. 

  62.             if (ldap_bind($server,$serviceAccountFQDN,$this->config['ldap']['service_account_password']) === false) {
    63. 

  63.                 $this->logger->error("Bind with service account ($serviceAccountFQDN) failed.");
    64. 

  64.                 return false;
    65. 

  65.             }
    66. 

  66.             
    67. 

  67.         } 
    68. 

  68. 

  69.         return $server;
    70. 

  70.     }
    71. 

  71. 

  72.     /**
    73. 

  73.      * @param  string  $username
    74. 

  74.      * @return string
    75. 

  75.      */
    76. 

  76.     protected function getLdapRdn(string $username)
    77. 

  77.     {
    78. 

  78.         $bindString = ($this->config['ldap']['rdn_attribute'] ?? 'uid=').addslashes($username);
    79. 

  79.         if ($this->config['ldap']['user_domain'] !== null) {
    80. 

  80.             $bindString .= ','.$this->config['ldap']['user_domain'];
    81. 

  81.         }
    82. 

  82. 

  83.         if ($this->config['ldap']['base_domain'] !== null) {
    84. 

  84.             $bindString .= ','.$this->config['ldap']['base_domain'];
    85. 

  85.         }
    86. 

  86. 

  87.         return $bindString;
    88. 

  88.     }
    89. 

  89. }
    90.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5