summaryrefslogtreecommitdiffstats
path: root/apps/user_ldap/lib/Connection.php
diff options
context:
space:
mode:
Diffstat (limited to 'apps/user_ldap/lib/Connection.php')
-rw-r--r--apps/user_ldap/lib/Connection.php113
1 files changed, 55 insertions, 58 deletions
diff --git a/apps/user_ldap/lib/Connection.php b/apps/user_ldap/lib/Connection.php
index 51c35c2a665..cec4866b0ea 100644
--- a/apps/user_ldap/lib/Connection.php
+++ b/apps/user_ldap/lib/Connection.php
@@ -111,7 +111,7 @@ class Connection extends LDAPUtility {
$this->configuration = new Configuration($configPrefix,
!is_null($configID));
$memcache = \OC::$server->getMemCacheFactory();
- if($memcache->isAvailable()) {
+ if ($memcache->isAvailable()) {
$this->cache = $memcache->createDistributed();
}
$helper = new Helper(\OC::$server->getConfig());
@@ -120,7 +120,7 @@ class Connection extends LDAPUtility {
}
public function __destruct() {
- if(!$this->dontDestruct && $this->ldap->isResource($this->ldapConnectionRes)) {
+ if (!$this->dontDestruct && $this->ldap->isResource($this->ldapConnectionRes)) {
@$this->ldap->unbind($this->ldapConnectionRes);
$this->bindResult = [];
}
@@ -132,7 +132,7 @@ class Connection extends LDAPUtility {
public function __clone() {
$this->configuration = new Configuration($this->configPrefix,
!is_null($this->configID));
- if(count($this->bindResult) !== 0 && $this->bindResult['result'] === true) {
+ if (count($this->bindResult) !== 0 && $this->bindResult['result'] === true) {
$this->bindResult = [];
}
$this->ldapConnectionRes = null;
@@ -144,7 +144,7 @@ class Connection extends LDAPUtility {
* @return bool|mixed
*/
public function __get($name) {
- if(!$this->configured) {
+ if (!$this->configured) {
$this->readConfiguration();
}
@@ -160,7 +160,7 @@ class Connection extends LDAPUtility {
$before = $this->configuration->$name;
$this->configuration->$name = $value;
$after = $this->configuration->$name;
- if($before !== $after) {
+ if ($before !== $after) {
if ($this->configID !== '' && $this->configID !== null) {
$this->configuration->saveConfiguration();
}
@@ -200,13 +200,13 @@ class Connection extends LDAPUtility {
* Returns the LDAP handler
*/
public function getConnectionResource() {
- if(!$this->ldapConnectionRes) {
+ if (!$this->ldapConnectionRes) {
$this->init();
- } elseif(!$this->ldap->isResource($this->ldapConnectionRes)) {
+ } elseif (!$this->ldap->isResource($this->ldapConnectionRes)) {
$this->ldapConnectionRes = null;
$this->establishConnection();
}
- if(is_null($this->ldapConnectionRes)) {
+ if (is_null($this->ldapConnectionRes)) {
\OCP\Util::writeLog('user_ldap', 'No LDAP Connection to server ' . $this->configuration->ldapHost, ILogger::ERROR);
throw new ServerNotAvailableException('Connection to LDAP server could not be established');
}
@@ -217,7 +217,7 @@ class Connection extends LDAPUtility {
* resets the connection resource
*/
public function resetConnectionResource() {
- if(!is_null($this->ldapConnectionRes)) {
+ if (!is_null($this->ldapConnectionRes)) {
@$this->ldap->unbind($this->ldapConnectionRes);
$this->ldapConnectionRes = null;
$this->bindResult = [];
@@ -230,7 +230,7 @@ class Connection extends LDAPUtility {
*/
private function getCacheKey($key) {
$prefix = 'LDAP-'.$this->configID.'-'.$this->configPrefix.'-';
- if(is_null($key)) {
+ if (is_null($key)) {
return $prefix;
}
return $prefix.hash('sha256', $key);
@@ -241,10 +241,10 @@ class Connection extends LDAPUtility {
* @return mixed|null
*/
public function getFromCache($key) {
- if(!$this->configured) {
+ if (!$this->configured) {
$this->readConfiguration();
}
- if(is_null($this->cache) || !$this->configuration->ldapCacheTTL) {
+ if (is_null($this->cache) || !$this->configuration->ldapCacheTTL) {
return null;
}
$key = $this->getCacheKey($key);
@@ -259,10 +259,10 @@ class Connection extends LDAPUtility {
* @return string
*/
public function writeToCache($key, $value) {
- if(!$this->configured) {
+ if (!$this->configured) {
$this->readConfiguration();
}
- if(is_null($this->cache)
+ if (is_null($this->cache)
|| !$this->configuration->ldapCacheTTL
|| !$this->configuration->ldapConfigurationActive) {
return null;
@@ -273,7 +273,7 @@ class Connection extends LDAPUtility {
}
public function clearCache() {
- if(!is_null($this->cache)) {
+ if (!is_null($this->cache)) {
$this->cache->clear($this->getCacheKey(null));
}
}
@@ -285,7 +285,7 @@ class Connection extends LDAPUtility {
* @return null
*/
private function readConfiguration($force = false) {
- if((!$this->configured || $force) && !is_null($this->configID)) {
+ if ((!$this->configured || $force) && !is_null($this->configID)) {
$this->configuration->readConfiguration();
$this->configured = $this->validateConfiguration();
}
@@ -298,12 +298,12 @@ class Connection extends LDAPUtility {
* @return boolean true if config validates, false otherwise. Check with $setParameters for detailed success on single parameters
*/
public function setConfiguration($config, &$setParameters = null) {
- if(is_null($setParameters)) {
+ if (is_null($setParameters)) {
$setParameters = [];
}
$this->doNotValidate = false;
$this->configuration->setConfiguration($config, $setParameters);
- if(count($setParameters) > 0) {
+ if (count($setParameters) > 0) {
$this->configured = $this->validateConfiguration();
}
@@ -330,10 +330,10 @@ class Connection extends LDAPUtility {
$config = $this->configuration->getConfiguration();
$cta = $this->configuration->getConfigTranslationArray();
$result = [];
- foreach($cta as $dbkey => $configkey) {
- switch($configkey) {
+ foreach ($cta as $dbkey => $configkey) {
+ switch ($configkey) {
case 'homeFolderNamingRule':
- if(strpos($config[$configkey], 'attr:') === 0) {
+ if (strpos($config[$configkey], 'attr:') === 0) {
$result[$dbkey] = substr($config[$configkey], 5);
} else {
$result[$dbkey] = '';
@@ -344,7 +344,7 @@ class Connection extends LDAPUtility {
case 'ldapBaseGroups':
case 'ldapAttributesForUserSearch':
case 'ldapAttributesForGroupSearch':
- if(is_array($config[$configkey])) {
+ if (is_array($config[$configkey])) {
$result[$dbkey] = implode("\n", $config[$configkey]);
break;
} //else follows default
@@ -357,23 +357,23 @@ class Connection extends LDAPUtility {
private function doSoftValidation() {
//if User or Group Base are not set, take over Base DN setting
- foreach(['ldapBaseUsers', 'ldapBaseGroups'] as $keyBase) {
+ foreach (['ldapBaseUsers', 'ldapBaseGroups'] as $keyBase) {
$val = $this->configuration->$keyBase;
- if(empty($val)) {
+ if (empty($val)) {
$this->configuration->$keyBase = $this->configuration->ldapBase;
}
}
- foreach(['ldapExpertUUIDUserAttr' => 'ldapUuidUserAttribute',
+ foreach (['ldapExpertUUIDUserAttr' => 'ldapUuidUserAttribute',
'ldapExpertUUIDGroupAttr' => 'ldapUuidGroupAttribute']
as $expertSetting => $effectiveSetting) {
$uuidOverride = $this->configuration->$expertSetting;
- if(!empty($uuidOverride)) {
+ if (!empty($uuidOverride)) {
$this->configuration->$effectiveSetting = $uuidOverride;
} else {
$uuidAttributes = Access::UUID_ATTRIBUTES;
array_unshift($uuidAttributes, 'auto');
- if(!in_array($this->configuration->$effectiveSetting,
+ if (!in_array($this->configuration->$effectiveSetting,
$uuidAttributes)
&& (!is_null($this->configID))) {
$this->configuration->$effectiveSetting = 'auto';
@@ -383,7 +383,6 @@ class Connection extends LDAPUtility {
$effectiveSetting.', '.'reset to '.
'autodetect.', ILogger::INFO);
}
-
}
}
@@ -395,14 +394,14 @@ class Connection extends LDAPUtility {
//make sure empty search attributes are saved as simple, empty array
$saKeys = ['ldapAttributesForUserSearch',
'ldapAttributesForGroupSearch'];
- foreach($saKeys as $key) {
+ foreach ($saKeys as $key) {
$val = $this->configuration->$key;
- if(is_array($val) && count($val) === 1 && empty($val[0])) {
+ if (is_array($val) && count($val) === 1 && empty($val[0])) {
$this->configuration->$key = [];
}
}
- if((stripos($this->configuration->ldapHost, 'ldaps://') === 0)
+ if ((stripos($this->configuration->ldapHost, 'ldaps://') === 0)
&& $this->configuration->ldapTLS) {
$this->configuration->ldapTLS = false;
\OCP\Util::writeLog(
@@ -424,10 +423,10 @@ class Connection extends LDAPUtility {
//options that shall not be empty
$options = ['ldapHost', 'ldapPort', 'ldapUserDisplayName',
'ldapGroupDisplayName', 'ldapLoginFilter'];
- foreach($options as $key) {
+ foreach ($options as $key) {
$val = $this->configuration->$key;
- if(empty($val)) {
- switch($key) {
+ if (empty($val)) {
+ switch ($key) {
case 'ldapHost':
$subj = 'LDAP Host';
break;
@@ -475,7 +474,7 @@ class Connection extends LDAPUtility {
$baseUsers = $this->configuration->ldapBaseUsers;
$baseGroups = $this->configuration->ldapBaseGroups;
- if(empty($base) && empty($baseUsers) && empty($baseGroups)) {
+ if (empty($base) && empty($baseUsers) && empty($baseGroups)) {
\OCP\Util::writeLog(
'user_ldap',
$errorStr.'Not a single Base DN given.',
@@ -484,7 +483,7 @@ class Connection extends LDAPUtility {
$configurationOK = false;
}
- if(mb_strpos($this->configuration->ldapLoginFilter, '%uid', 0, 'UTF-8')
+ if (mb_strpos($this->configuration->ldapLoginFilter, '%uid', 0, 'UTF-8')
=== false) {
\OCP\Util::writeLog(
'user_ldap',
@@ -502,8 +501,7 @@ class Connection extends LDAPUtility {
* @return bool true if configuration seems OK, false otherwise
*/
private function validateConfiguration() {
-
- if($this->doNotValidate) {
+ if ($this->doNotValidate) {
//don't do a validation if it is a new configuration with pure
//default values. Will be allowed on changes via __set or
//setConfiguration
@@ -526,14 +524,14 @@ class Connection extends LDAPUtility {
* @throws ServerNotAvailableException
*/
private function establishConnection() {
- if(!$this->configuration->ldapConfigurationActive) {
+ if (!$this->configuration->ldapConfigurationActive) {
return null;
}
static $phpLDAPinstalled = true;
- if(!$phpLDAPinstalled) {
+ if (!$phpLDAPinstalled) {
return false;
}
- if(!$this->ignoreValidation && !$this->configured) {
+ if (!$this->ignoreValidation && !$this->configured) {
\OCP\Util::writeLog(
'user_ldap',
'Configuration is invalid, cannot connect',
@@ -541,8 +539,8 @@ class Connection extends LDAPUtility {
);
return false;
}
- if(!$this->ldapConnectionRes) {
- if(!$this->ldap->areLDAPFunctionsAvailable()) {
+ if (!$this->ldapConnectionRes) {
+ if (!$this->ldap->areLDAPFunctionsAvailable()) {
$phpLDAPinstalled = false;
\OCP\Util::writeLog(
'user_ldap',
@@ -552,8 +550,8 @@ class Connection extends LDAPUtility {
return false;
}
- if($this->configuration->turnOffCertCheck) {
- if(putenv('LDAPTLS_REQCERT=never')) {
+ if ($this->configuration->turnOffCertCheck) {
+ if (putenv('LDAPTLS_REQCERT=never')) {
\OCP\Util::writeLog('user_ldap',
'Turned off SSL certificate validation successfully.',
ILogger::DEBUG);
@@ -577,20 +575,20 @@ class Connection extends LDAPUtility {
return $this->bind();
}
} catch (ServerNotAvailableException $e) {
- if(!$isBackupHost) {
+ if (!$isBackupHost) {
throw $e;
}
}
//if LDAP server is not reachable, try the Backup (Replica!) Server
- if($isBackupHost || $isOverrideMainServer) {
+ if ($isBackupHost || $isOverrideMainServer) {
$this->doConnect($this->configuration->ldapBackupHost,
$this->configuration->ldapBackupPort);
$this->bindResult = [];
$bindStatus = $this->bind();
$error = $this->ldap->isResource($this->ldapConnectionRes) ?
$this->ldap->errno($this->ldapConnectionRes) : -1;
- if($bindStatus && $error === 0 && !$this->getFromCache('overrideMainServer')) {
+ if ($bindStatus && $error === 0 && !$this->getFromCache('overrideMainServer')) {
//when bind to backup server succeeded and failed to main server,
//skip contacting him until next cache refresh
$this->writeToCache('overrideMainServer', true);
@@ -615,16 +613,16 @@ class Connection extends LDAPUtility {
$this->ldapConnectionRes = $this->ldap->connect($host, $port);
- if(!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_PROTOCOL_VERSION, 3)) {
+ if (!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_PROTOCOL_VERSION, 3)) {
throw new ServerNotAvailableException('Could not set required LDAP Protocol version.');
}
- if(!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_REFERRALS, 0)) {
+ if (!$this->ldap->setOption($this->ldapConnectionRes, LDAP_OPT_REFERRALS, 0)) {
throw new ServerNotAvailableException('Could not disable LDAP referrals.');
}
- if($this->configuration->ldapTLS) {
- if(!$this->ldap->startTls($this->ldapConnectionRes)) {
+ if ($this->configuration->ldapTLS) {
+ if (!$this->ldap->startTls($this->ldapConnectionRes)) {
throw new ServerNotAvailableException('Start TLS failed, when connecting to LDAP host ' . $host . '.');
}
}
@@ -636,15 +634,15 @@ class Connection extends LDAPUtility {
* Binds to LDAP
*/
public function bind() {
- if(!$this->configuration->ldapConfigurationActive) {
+ if (!$this->configuration->ldapConfigurationActive) {
return false;
}
$cr = $this->ldapConnectionRes;
- if(!$this->ldap->isResource($cr)) {
+ if (!$this->ldap->isResource($cr)) {
$cr = $this->getConnectionResource();
}
- if(
+ if (
count($this->bindResult) !== 0
&& $this->bindResult['dn'] === $this->configuration->ldapAgentName
&& \OC::$server->getHasher()->verify(
@@ -668,7 +666,7 @@ class Connection extends LDAPUtility {
'result' => $ldapLogin,
];
- if(!$ldapLogin) {
+ if (!$ldapLogin) {
$errno = $this->ldap->errno($cr);
\OCP\Util::writeLog('user_ldap',
@@ -677,7 +675,7 @@ class Connection extends LDAPUtility {
// Set to failure mode, if LDAP error code is not LDAP_SUCCESS or LDAP_INVALID_CREDENTIALS
// or (needed for Apple Open Directory:) LDAP_INSUFFICIENT_ACCESS
- if($errno !== 0 && $errno !== 49 && $errno !== 50) {
+ if ($errno !== 0 && $errno !== 49 && $errno !== 50) {
$this->ldapConnectionRes = null;
}
@@ -685,5 +683,4 @@ class Connection extends LDAPUtility {
}
return true;
}
-
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-01 15:17:44 +0000