8000 [ldap][2.8] moved "search DN before bind" functionality to LdapBindAu… · symfony/symfony@b79e663 · GitHub
[go: up one dir, main page]
Skip to content

Commit b79e663

Browse files
markusscmarkussc
committed
[ldap][2.8] moved "search DN before bind" functionality to LdapBindAuthenticationProvider
1 parent b0e74e8 commit b79e663

File tree

3 files changed

+18
-12
lines changed

3 files changed

+18
-12
lines changed

src/Symfony/Component/Ldap/LdapClient.php

100755100644
Lines changed: 0 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -75,14 +75,6 @@ public function bind($dn = null, $password = null)
7575
if (!$this->connection) {
7676
$this->connect();
7777
}
78-
79-
if($this->ldapBaseDn && $this->ldapSearchDn){
80-
$ldapUserProvider = new LdapUserProvider($this, $this->ldapBaseDn, $this->ldapSearchDn, $this->ldapSearchPassword, null, $this->ldapUidKey, $this->ldapFilter);
81-
$ldapUser = $ldapUserProvider->getUser($dn);
82-
if(count($ldapUser)){
83-
$dn = $ldapUser['dn'];
84-
}
85-
}
8678

8779
if (false === @ldap_bind($this->connection, $dn, $password)) {
8880
throw new ConnectionException(ldap_error($this->connection));

src/Symfony/Component/Security/Core/Authentication/Provider/LdapBindAuthenticationProvider.php

Lines changed: 17 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@
1919
use Symfony\Component\Security\Core\User\UserProviderInterface;
2020
use Symfony\Component\Ldap\LdapClientInterface;
2121
use Symfony\Component\Ldap\Exception\ConnectionException;
22+
use Symfony\Component\Security\Core\User\LdapUserProvider;
2223

2324
/**
2425
* LdapBindAuthenticationProvider authenticates a user against an LDAP server.
@@ -74,9 +75,22 @@ protected function checkAuthentication(UserInterface $user, UsernamePasswordToke
7475
$password = $token->getCredentials();
7576

7677
try {
77-
$username = $this->ldap->escape($username, '', LDAP_ESCAPE_DN);
78-
$dn = str_replace('{username}', $username, $this->dnString);
79-
78+
79+
$username = $this->ldap->escape($username, '', LDAP_ESCAPE_DN);
80+
$dn = str_replace('{username}', $username, $this->dnString);
81+
82+
if($this->ldap->ldapBaseDn && $this->ldap->ldapSearchDn){
83+
if($this->userProvider instanceof LdapUserProvider) {
84+
$ldapUser = $this->userProvider->getUser($dn);
85+
}
86+
else{
87+
$ldapUserProvider = new LdapUserProvider($this->ldap, $this->ldap->ldapBaseDn, $this->ldap->ldapSearchDn, $this->ldap->ldapSearchPassword, array(), $this->ldap->ldapUidKey, $this->ldap->ldapFilter);
88+
$ldapUser = $ldapUserProvider->getUser($dn);
89+
if(count($ldapUser)){
90+
$dn = $ldapUser['dn'];
91+
}
92+
}
93+
}
8094
$this->ldap->bind($dn, $password);
8195
} catch (ConnectionException $e) {
8296
throw new BadCredentialsException('The presented password is invalid.');

src/Symfony/Component/Security/Core/User/LdapUserProvider.php

100755100644
Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -92,7 +92,7 @@ public function supportsClass($class)
9292
/**
9393
* {@inheritdoc}
9494
*/
95-
private function getUser($username)
95+
public function getUser($username)
9696
{
9797
try {
9898
$this->ldap->bind($this->searchDn, $this->searchPassword);

0 commit comments

Comments
 (0)
0