Page Menu
Home
Phorge
Search
Configure Global Search
Log In
Files
F8198560
HTTPAuth.php
No One
Temporary
Actions
Download File
Edit File
Delete File
View Transforms
Subscribe
Flag For Later
Award Token
Size
3 KB
Referenced Files
None
Subscribers
None
HTTPAuth.php
View Options
<?php
namespace
Kolab\FreeBusy
;
use
\Net_LDAP3
;
use
\Monolog\Logger
as
Monolog
;
/**
* Static class to process HTTP authentication to this service
*/
class
HTTPAuth
{
private
static
$logger
;
/**
* Validate HTTP basic auth against the configured backend
*/
public
static
function
check
(
$config
)
{
$logger
=
Logger
::
get
(
'httpauth'
);
// no http auth submitted, abort!
if
(
empty
(
$_SERVER
[
'PHP_AUTH_USER'
])
||
!
isset
(
$_SERVER
[
'PHP_AUTH_PW'
]))
{
$logger
->
addDebug
(
'No HTTP auth submitted'
);
return
false
;
}
switch
(
$config
[
'type'
])
{
case
'static'
:
return
self
::
checkStatic
(
$config
,
$_SERVER
[
'PHP_AUTH_USER'
],
$_SERVER
[
'PHP_AUTH_PW'
]);
case
'ldap'
:
return
self
::
checkLDAP
(
$config
,
$_SERVER
[
'PHP_AUTH_USER'
],
$_SERVER
[
'PHP_AUTH_PW'
]);
default
:
$logger
->
addWarning
(
'Unsupported auth type '
.
$config
[
'type'
]);
break
;
}
return
false
;
}
/**
* Validate static user credentials from config
*/
private
static
function
checkStatic
(
$config
,
$user
,
$pass
)
{
$valid
=
$user
==
$config
[
'username'
]
&&
$pass
==
$config
[
'password'
];
Logger
::
get
(
'httpauth'
)->
addInfo
(
"Static: authenticating user '$user': "
.
(
$valid
?
'SUCCESS'
:
'FAILURE'
));
return
$valid
;
}
/**
* Validate user credentials against the configured LDAP backend
*/
private
static
function
checkLDAP
(
$config
,
$user
,
$pass
)
{
self
::
$logger
=
Logger
::
get
(
'httpauth'
,
intval
(
$config
[
'loglevel'
]));
$host
=
parse_url
(
$config
[
'host'
]);
$ldap_config
=
array
(
'hosts'
=>
array
(
$host
[
'host'
]),
'port'
=>
$host
[
'port'
]
?:
389
,
'use_tls'
=>
$host
[
'scheme'
]
==
'tls'
||
$host
[
'scheme'
]
==
'ldaps'
,
'root_dn'
=>
$config
[
'base_dn'
],
'filter'
=>
$config
[
'filter'
],
'service_bind_dn'
=>
$config
[
'bind_dn'
],
'service_bind_pw'
=>
$config
[
'bind_pw'
],
'sizelimit'
=>
0
,
'timelimit'
=>
0
,
);
// instantiate Net_LDAP3 and connect with logger
$ldap
=
new
Net_LDAP3
(
$ldap_config
);
$ldap
->
config_set
(
'log_hook'
,
'Kolab
\F
reeBusy
\H
TTPAuth::ldapLog'
);
// connect + bind to LDAP server
if
(
$ldap
->
connect
())
{
self
::
$logger
->
addDebug
(
"LDAP: connected to $config[host] with '$config[bind_dn]'"
);
// extract domain part from base_dn
$dn_domain
=
ldap_explode_dn
(
$config
[
'base_dn'
],
1
);
unset
(
$dn_domain
[
'count'
]);
$domain
=
join
(
'.'
,
$dn_domain
);
$valid
=
(
bool
)
$ldap
->
login
(
$user
,
$pass
,
$domain
);
}
else
{
self
::
$logger
->
addWarning
(
"LDAP: connectiion to $config[host] with '$config[bind_dn]' failed!"
);
}
self
::
$logger
->
addInfo
(
"LDAP: authenticating user '$user': "
.
(
$valid
?
'SUCCESS'
:
'FAILURE'
));
return
$valid
;
}
/**
* Callback for Net_LDAP3 logging
*/
public
static
function
ldapLog
(
$level
,
$msg
)
{
// map PHP log levels to Monolog levels
static
$loglevels
=
array
(
LOG_DEBUG
=>
Monolog
::
DEBUG
,
LOG_NOTICE
=>
Monolog
::
NOTICE
,
LOG_INFO
=>
Monolog
::
INFO
,
LOG_WARNING
=>
Monolog
::
WARNING
,
LOG_ERR
=>
Monolog
::
ERROR
,
LOG_CRIT
=>
Monolog
::
CRITICAL
,
LOG_ALERT
=>
Monolog
::
ALERT
,
LOG_EMERG
=>
Monolog
::
EMERGENCY
,
);
$msg
=
is_array
(
$msg
)
?
join
(
'; '
,
$msg
)
:
strval
(
$msg
);
self
::
$logger
->
addRecord
(
$loglevels
[
$level
],
$msg
);
}
}
File Metadata
Details
Attached
Mime Type
text/x-php
Expires
Wed, Jul 8, 8:08 PM (1 d, 21 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
1051915
Default Alt Text
HTTPAuth.php (3 KB)
Attached To
Mode
R28 freebusy
Attached
Detach File
Event Timeline
Log In to Comment