diff options
| author | Thomas Müller <thomas.mueller@tmit.eu> | 2015-08-19 08:31:27 +0200 |
|---|---|---|
| committer | Thomas Müller <thomas.mueller@tmit.eu> | 2015-08-19 08:31:27 +0200 |
| commit | d9172a19070051660e5a94d84e54eaad6854acfd (patch) | |
| tree | 930ad91f0d9decbb86a43dfd8344259f02309b16 /apps/user_ldap/user_ldap.php | |
| parent | 69e72eeb37b6d0084c137e1cffffe8717c2f1de0 (diff) | |
| parent | 41ad4f46c8e1a02ef811d5a9205041bb7a619144 (diff) | |
| download | nextcloud-server-d9172a19070051660e5a94d84e54eaad6854acfd.tar.gz nextcloud-server-d9172a19070051660e5a94d84e54eaad6854acfd.zip | |
Merge pull request #14401 from owncloud/ux-s2s-ldap
allow login names to be used for s2s with LDAP users
Diffstat (limited to 'apps/user_ldap/user_ldap.php')
| -rw-r--r-- | apps/user_ldap/user_ldap.php | 60 |
1 files changed, 48 insertions, 12 deletions
diff --git a/apps/user_ldap/user_ldap.php b/apps/user_ldap/user_ldap.php index a2f4b4ee9e5..00cba718369 100644 --- a/apps/user_ldap/user_ldap.php +++ b/apps/user_ldap/user_ldap.php @@ -71,6 +71,43 @@ class USER_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn } /** + * returns the username for the given login name, if available + * + * @param string $loginName + * @return string|false + */ + public function loginName2UserName($loginName) { + try { + $ldapRecord = $this->getLDAPUserByLoginName($loginName); + $user = $this->access->userManager->get($ldapRecord['dn']); + if($user instanceof OfflineUser) { + return false; + } + return $user->getUsername(); + } catch (\Exception $e) { + return false; + } + } + + /** + * returns an LDAP record based on a given login name + * + * @param string $loginName + * @return array + * @throws \Exception + */ + public function getLDAPUserByLoginName($loginName) { + //find out dn of the user name + $attrs = array($this->access->connection->ldapUserDisplayName, 'dn', + 'uid', 'samaccountname'); + $users = $this->access->fetchUsersByLoginName($loginName, $attrs); + if(count($users) < 1) { + throw new \Exception('No user available for the given login name.'); + } + return $users[0]; + } + + /** * Check if the password is correct * @param string $uid The username * @param string $password The password @@ -79,15 +116,14 @@ class USER_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn * Check if the password is correct without logging in the user */ public function checkPassword($uid, $password) { - //find out dn of the user name - $attrs = array($this->access->connection->ldapUserDisplayName, 'dn', - 'uid', 'samaccountname'); - $users = $this->access->fetchUsersByLoginName($uid, $attrs); - if(count($users) < 1) { + try { + $ldapRecord = $this->getLDAPUserByLoginName($uid); + } catch(\Exception $e) { return false; } - $dn = $users[0]['dn']; + $dn = $ldapRecord['dn']; $user = $this->access->userManager->get($dn); + if(!$user instanceof User) { \OCP\Util::writeLog('user_ldap', 'LDAP Login: Could not get user object for DN ' . $dn . @@ -102,14 +138,14 @@ class USER_LDAP extends BackendUtility implements \OCP\IUserBackend, \OCP\UserIn } $user->markLogin(); - if(isset($users[0][$this->access->connection->ldapUserDisplayName])) { - $dpn = $users[0][$this->access->connection->ldapUserDisplayName]; + if(isset($ldapRecord[$this->access->connection->ldapUserDisplayName])) { + $dpn = $ldapRecord[$this->access->connection->ldapUserDisplayName]; $user->storeDisplayName($dpn); } - if(isset($users[0]['uid'])) { - $user->storeLDAPUserName($users[0]['uid']); - } else if(isset($users[0]['samaccountname'])) { - $user->storeLDAPUserName($users[0]['samaccountname']); + if(isset($ldapRecord['uid'])) { + $user->storeLDAPUserName($ldapRecord['uid']); + } else if(isset($ldapRecord['samaccountname'])) { + $user->storeLDAPUserName($ldapRecord['samaccountname']); } return $user->getUsername(); |