2014-03-03 17:21:17 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
namespace Icinga\Authentication;
|
|
|
|
|
|
|
|
use Iterator;
|
|
|
|
use Zend_Config;
|
2014-03-03 19:03:39 +01:00
|
|
|
use Icinga\Logger\Logger;
|
2014-03-03 17:21:17 +01:00
|
|
|
use Icinga\Exception\ConfigurationError;
|
|
|
|
|
2014-06-02 15:46:15 +02:00
|
|
|
/**
|
|
|
|
* Iterate user backends created from config
|
|
|
|
*/
|
2014-03-03 17:21:17 +01:00
|
|
|
class AuthChain implements Iterator
|
|
|
|
{
|
2014-06-02 15:46:15 +02:00
|
|
|
/**
|
|
|
|
* User backends configuration
|
|
|
|
*
|
|
|
|
* @var Zend_Config
|
|
|
|
*/
|
2014-03-03 17:21:17 +01:00
|
|
|
private $config;
|
|
|
|
|
2014-06-02 15:46:15 +02:00
|
|
|
/**
|
|
|
|
* The consecutive user backend while looping
|
|
|
|
*
|
|
|
|
* @var UserBackend
|
|
|
|
*/
|
2014-03-03 17:21:17 +01:00
|
|
|
private $currentBackend;
|
|
|
|
|
2014-06-02 15:46:15 +02:00
|
|
|
/**
|
|
|
|
* Create a new authentication chain from config
|
|
|
|
*
|
|
|
|
* @param Zend_Config $config User backends configuration
|
|
|
|
*/
|
2014-03-03 17:21:17 +01:00
|
|
|
public function __construct(Zend_Config $config)
|
|
|
|
{
|
|
|
|
$this->config = $config;
|
|
|
|
}
|
|
|
|
|
2014-06-02 15:46:15 +02:00
|
|
|
/**
|
|
|
|
* Rewind the chain
|
|
|
|
*/
|
2014-03-03 17:21:17 +01:00
|
|
|
public function rewind()
|
|
|
|
{
|
|
|
|
$this->config->rewind();
|
2014-06-02 15:46:15 +02:00
|
|
|
$this->currentBackend = null;
|
2014-03-03 17:21:17 +01:00
|
|
|
}
|
|
|
|
|
2014-06-02 15:46:15 +02:00
|
|
|
/**
|
|
|
|
* Return the current user backend
|
|
|
|
*
|
|
|
|
* @return UserBackend
|
|
|
|
*/
|
2014-03-03 17:21:17 +01:00
|
|
|
public function current()
|
|
|
|
{
|
|
|
|
return $this->currentBackend;
|
|
|
|
}
|
|
|
|
|
2014-06-02 15:46:15 +02:00
|
|
|
/**
|
|
|
|
* Return the key of the current user backend config
|
|
|
|
*
|
|
|
|
* @return string
|
|
|
|
*/
|
2014-03-03 17:21:17 +01:00
|
|
|
public function key()
|
|
|
|
{
|
|
|
|
return $this->config->key();
|
|
|
|
}
|
|
|
|
|
2014-06-02 15:46:15 +02:00
|
|
|
/**
|
|
|
|
* Move forward to the next user backend config
|
|
|
|
*/
|
2014-03-03 17:21:17 +01:00
|
|
|
public function next()
|
|
|
|
{
|
|
|
|
$this->config->next();
|
|
|
|
}
|
|
|
|
|
2014-06-02 15:46:15 +02:00
|
|
|
/**
|
|
|
|
* Check if the current user backend is valid, i.e. it's enabled and the config's valid
|
|
|
|
*
|
|
|
|
* @return bool
|
|
|
|
*/
|
2014-03-03 17:21:17 +01:00
|
|
|
public function valid()
|
|
|
|
{
|
|
|
|
if (!$this->config->valid()) {
|
2014-06-02 15:46:15 +02:00
|
|
|
// Stop when there are no more backends to check
|
2014-03-03 17:21:17 +01:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
$backendConfig = $this->config->current();
|
|
|
|
if ((bool) $backendConfig->get('disabled', false) === true) {
|
|
|
|
$this->next();
|
|
|
|
return $this->valid();
|
|
|
|
}
|
|
|
|
try {
|
|
|
|
$name = $this->key();
|
|
|
|
$backend = UserBackend::create($name, $backendConfig);
|
|
|
|
} catch (ConfigurationError $e) {
|
2014-03-03 19:03:39 +01:00
|
|
|
Logger::error(
|
2014-03-03 17:21:17 +01:00
|
|
|
new ConfigurationError(
|
|
|
|
'Cannot create authentication backend "' . $name . '". An exception was thrown:', 0, $e
|
|
|
|
)
|
|
|
|
);
|
|
|
|
$this->next();
|
|
|
|
return $this->valid();
|
|
|
|
}
|
|
|
|
$this->currentBackend = $backend;
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
}
|