10000 [Ldap] Add users extraFields in ldap component by Simperfit · Pull Request #31532 · symfony/symfony · GitHub
[go: up one dir, main page]
Skip to content

[Ldap] Add users extraFields in ldap component #31532

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Jun 22, 2019
Merged

[Ldap] Add users extraFields in ldap component #31532

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
[Ldap] Add users extra_fields in ldap component
  • Loading branch information
@Simperfit
Simperfit committed Jun 22, 2019
commit bcfff0479755be61e65513dc90fd59c620c5cdeb
4 changes: 4 additions & 0 deletions src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/UserProvider/LdapFactory.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@ public function create(ContainerBuilder $container, $id, $config)
->replaceArgument(5, $config['uid_key'])
->replaceArgument(6, $config['filter'])
->replaceArgument(7, $config['password_attribute'])
->replaceArgument(8, $config['extra_fields'])
;
}

Expand All @@ -52,6 +53,9 @@ public function addConfiguration(NodeDefinition $node)
->scalarNode('base_dn')->isRequired()->cannotBeEmpty()->end()
->scalarNode('search_dn')->end()
->scalarNode('search_password')->end()
->arrayNode('extra_fields')
->prototype('scalar')->end()
->end()
->arrayNode('default_roles')
->beforeNormalization()->ifString()->then(function ($v) { return preg_split('/\s*,\s*/', $v); })->end()
->requiresAtLeastOneElement()
Expand Down
1 change: 1 addition & 0 deletions src/Symfony/Bundle/SecurityBundle/Resources/config/security.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -184,6 +184,7 @@
<argument /> <!-- uid key -->
<argument /> <!-- filter -->
<argument /> <!-- password_attribute -->
<argument /> <!-- extra_fields (email etc) -->
</service>

<service id="security.user.provider.chain" class="Symfony\Component\Security\Core\User\ChainUserProvider" abstract="true" />
Expand Down
1 change: 1 addition & 0 deletions src/Symfony/Bundle/SecurityBundle/Tests/Functional/app/JsonLoginLdap/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ security:
search_password: ''
default_roles: ROLE_USER
uid_key: uid
extra_fields: ['email']

firewalls:
main:
Expand Down
5 changes: 5 additions & 0 deletions src/Symfony/Component/Ldap/CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,11 @@
CHANGELOG
=========

4.4.0
-----

* Added the "extra_fields" option, an array of custom fields to pull from the LDAP server

4.3.0
-----

Expand Down
3 changes: 2 additions & 1 deletion src/Symfony/Component/Security/Core/Tests/User/LdapUserProviderTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -334,6 +334,7 @@ public function testLoadUserByUsernameIsSuccessfulWithPasswordAttribute()
->will($this->returnValue(new Entry('foo', [
'sAMAccountName' => ['foo'],
'userpassword' => ['bar'],
'email' => ['elsa@symfony.com'],
]
)))
;
Expand All @@ -353,7 +354,7 @@ public function testLoadUserByUsernameIsSuccessfulWithPasswordAttribute()
->will($this->returnValue($query))
;

$provider = new LdapUserProvider($ldap, 'ou=MyBusiness,dc=symfony,dc=com', null, null, [], 'sAMAccountName', '({uid_key}={username})', 'userpassword');
$provider = new LdapUserProvider($ldap, 'ou=MyBusiness,dc=symfony,dc=com', null, null, [], 'sAMAccountName', '({uid_key}={username})', 'userpassword', ['email']);
$this->assertInstanceOf(
'Symfony\Component\Security\Core\User\User',
$provider->loadUserByUsername('foo')
Expand Down
11 changes: 9 additions & 2 deletions src/Symfony/Component/Security/Core/User/LdapUserProvider.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,8 +34,9 @@ class LdapUserProvider implements UserProviderInterface
private $uidKey;
private $defaultSearch;
private $passwordAttribute;
private $extraFields;

public function __construct(LdapInterface $ldap, string $baseDn, string $searchDn = null, string $searchPassword = null, array $defaultRoles = [], string $uidKey = null, string $filter = null, string $passwordAttribute = null)
public function __construct(LdapInterface $ldap, string $baseDn, string $searchDn = null, string $searchPassword = null, array $defaultRoles = [], string $uidKey = null, string $filter = null, string $passwordAttribute = null, array $extraFields = [])
{
if (null === $uidKey) {
$uidKey = 'sAMAccountName';
Expand All @@ -53,6 +54,7 @@ public function __construct(LdapInterface $ldap, string $baseDn, string $searchD
$this->uidKey = $uidKey;
$this->defaultSearch = str_replace('{uid_key}', $uidKey, $filter);
$this->passwordAttribute = $passwordAttribute;
$this->extraFields = $extraFields;
}

/**
Expand Down Expand Up @@ -123,12 +125,17 @@ public function supportsClass($class)
protected function loadUser($username, Entry $entry)
{
$password = null;
$extraFields = [];

if (null !== $this->passwordAttribute) {
$password = $this->getAttributeValue($entry, $this->passwordAttribute);
}

return new User($username, $password, $this->defaultRoles);
foreach ($this->extraFields as $field) {
$extraFields[$field] = $this->getAttributeValue($entry, $field);
}

return new User($username, $password, $this->defaultRoles, true, true, true, true, $extraFields);
}

/**
Expand Down
9 changes: 8 additions & 1 deletion src/Symfony/Component/Security/Core/User/User.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,8 +27,9 @@ final class User implements UserInterface, EquatableInterface, AdvancedUserInter
private $credentialsNonExpired;
private $accountNonLocked;
private $roles;
private $extraFields;

public function __construct(?string $username, ?string $password, array $roles = [], bool $enabled = true, bool $userNonExpired = true, bool $credentialsNonExpired = true, bool $userNonLocked = true)
public function __construct(?string $username, ?string $password, array $roles = [], bool $enabled = true, bool $userNonExpired = true, bool $credentialsNonExpired = true, bool $userNonLocked = true, array $extraFields = [])
{
if ('' === $username || null === $username) {
throw new \InvalidArgumentException('The username cannot be empty.');
Expand All @@ -41,6 +42,7 @@ public function __construct(?string $username, ?string $password, array $roles =
$this->credentialsNonExpired = $credentialsNonExpired;
$this->accountNonLocked = $userNonLocked;
$this->roles = $roles;
$this->extraFields = $extraFields;
}

public function __toString()
Expand Down Expand Up @@ -118,6 +120,11 @@ public function eraseCredentials()
{
}

public function getExtraFields()
{
return $this->extraFields;
}

/**
* {@inheritdoc}
*/
Expand Down
0