jannik/grav-plugin-login-ldap
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'release/1.0.2'

Browse Source
This commit is contained in:
Andy Miller
2020-11-16 10:44:57 -07:00
parent ae335956c2 255c44093d
commit a347daad79
3 changed files with 27 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
CHANGELOG.md
View File

@@ -1,3 +1,11 @@
# v1.0.2
## 11/16/2020
1. [](#improved)
* Allow to login if LDAP user's DN contains double quotes [#18](https://github.com/trilbymedia/grav-plugin-login-ldap/pulls/18)
* Ignore authentication requests with empty username [#14](https://github.com/trilbymedia/grav-plugin-login-ldap/pulls/14)
* Better handling a null condition with `array_shift` [#8](https://github.com/trilbymedia/grav-plugin-login-ldap/pulls/8)
# v1.0.1 # v1.0.1
## 06/11/2018 ## 06/11/2018

4
blueprints.yaml
View File

@@ -1,5 +1,5 @@
name: Login LDAP name: Login LDAP
version: 1.0.1 version: 1.0.2
description: Allows for Grav user authentication against an LDAP Server such as OpenLDAP or ActiveDirectory description: Allows for Grav user authentication against an LDAP Server such as OpenLDAP or ActiveDirectory
icon: user-circle-o icon: user-circle-o
author: author:
@@ -13,7 +13,7 @@ docs: https://github.com/trilbymedia/grav-plugin-login-ldap/blob/develop/README.
license: MIT license: MIT
dependencies: dependencies:
- { name: login, version: '>=2.6.3' } - { name: login, version: '>=3.0.0' }
form: form:
validation: strict validation: strict

22
login-ldap.php
View File

@@ -7,6 +7,7 @@ use Grav\Common\Utils;
use Grav\Plugin\Login\Events\UserLoginEvent; use Grav\Plugin\Login\Events\UserLoginEvent;
use Grav\Plugin\Login\Login; use Grav\Plugin\Login\Login;
use Symfony\Component\Ldap\Ldap; use Symfony\Component\Ldap\Ldap;
use Symfony\Component\Ldap\LdapInterface;
use Symfony\Component\Ldap\Exception\ConnectionException; use Symfony\Component\Ldap\Exception\ConnectionException;
use Symfony\Component\Yaml\Yaml; use Symfony\Component\Yaml\Yaml;
@@ -69,6 +70,12 @@ class LoginLDAPPlugin extends Plugin
public function userLoginAuthenticate(UserLoginEvent $event) public function userLoginAuthenticate(UserLoginEvent $event)
{ {
$credentials = $event->getCredentials(); $credentials = $event->getCredentials();
// empty username -> ignore
if($credentials['username'] == ''){
$event->setStatus($event::AUTHENTICATION_FAILURE);
return;
}
// Get Proper username // Get Proper username
$user_dn = $this->config->get('plugins.login-ldap.user_dn'); $user_dn = $this->config->get('plugins.login-ldap.user_dn');
@@ -171,7 +178,7 @@ class LoginLDAPPlugin extends Plugin
if ($group_dn) { if ($group_dn) {
// retrieves all extra groups for user // retrieves all extra groups for user
$group_query = str_replace('[username]', $credentials['username'], $group_query); $group_query = str_replace('[username]', $credentials['username'], $group_query);
$group_query = str_replace('[dn]', $userdata['dn'], $group_query); $group_query = str_replace('[dn]', $ldap->escape($userdata['dn'], '', LdapInterface::ESCAPE_FILTER), $group_query);
$query = $ldap->query($group_dn, $group_query); $query = $ldap->query($group_dn, $group_query);
$groups = $query->execute()->toArray(); $groups = $query->execute()->toArray();
@@ -181,11 +188,16 @@ class LoginLDAPPlugin extends Plugin
foreach ($groups as $group) { foreach ($groups as $group) {
$attributes = $group->getAttributes(); $attributes = $group->getAttributes();
$user_group = array_shift($attributes[$group_indentifier]);
$user_groups[] = $user_group; // make sure we have an array to read
if ( !empty($attributes) && !empty($attributes[$group_indentifier]) && is_array($attributes[$group_indentifier]) )
{
$user_group = array_shift($attributes[$group_indentifier]);
$user_groups[] = $user_group;
if ($this->config->get('plugins.login-ldap.store_ldap_data', false)) { if ($this->config->get('plugins.login-ldap.store_ldap_data', false)) {
$userdata['ldap']['groups'][] = $user_group; $userdata['ldap']['groups'][] = $user_group;
}
} }
} }
} }