Fix Authentication workflow
Fix ldap backends to use Credentials to work with. Fix some tests to use include right files. refs #4340
This commit is contained in:
Marius Hein
parent
8192c19424
commit
a1327a384c
|
|
@ -6,6 +6,9 @@ namespace Icinga\Authentication;
|
|||
|
||||
class Backend
|
||||
{
|
||||
/**
|
||||
* @var UserBackend
|
||||
*/
|
||||
protected $userBackend;
|
||||
|
||||
public function __construct($config)
|
||||
|
|
|
|||
|
|
@ -5,6 +5,8 @@
|
|||
namespace Icinga\Authentication\Backend;
|
||||
|
||||
use Icinga\Authentication\User as User;
|
||||
use Icinga\Authentication\UserBackend;
|
||||
use Icinga\Authentication\Credentials;
|
||||
use Icinga\Protocol\Ldap;
|
||||
|
||||
class LdapUserBackend implements UserBackend
|
||||
|
|
@ -16,14 +18,11 @@ class LdapUserBackend implements UserBackend
|
|||
$this->connection = new Ldap\Connection($config);
|
||||
}
|
||||
|
||||
public function hasUsername($username)
|
||||
public function hasUsername(Credentials $credential)
|
||||
{
|
||||
if (!$username) {
|
||||
return false;
|
||||
}
|
||||
return $this->connection->fetchOne(
|
||||
$this->selectUsername($username)
|
||||
) === $username;
|
||||
$this->selectUsername($credential->getUsername())
|
||||
) === $credential->getUsername();
|
||||
}
|
||||
|
||||
protected function stripAsterisks($string)
|
||||
|
|
@ -38,19 +37,15 @@ class LdapUserBackend implements UserBackend
|
|||
->where('sAMAccountName', $this->stripAsterisks($username));
|
||||
}
|
||||
|
||||
public function authenticate($username, $password = null)
|
||||
public function authenticate(Credentials $credentials)
|
||||
{
|
||||
if (empty($username) || empty($password)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!$this->connection->testCredentials(
|
||||
$this->connection->fetchDN($this->selectUsername($username)),
|
||||
$password
|
||||
$this->connection->fetchDN($this->selectUsername($credentials->getUsername())),
|
||||
$credentials->getPassword()
|
||||
) ) {
|
||||
return false;
|
||||
}
|
||||
$user = new User($username);
|
||||
$user = new User($credentials->getUsername());
|
||||
|
||||
return $user;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,15 +1,28 @@
|
|||
<?php
|
||||
// {{{ICINGA_LICENSE_HEADER}}}
|
||||
// {{{ICINGA_LICENSE_HEADER}}// {{{ICINGA_LICENSE_HEADER}}}
|
||||
// {{{ICINGA_LICENSE_HEADER}}}}
|
||||
|
||||
namespace Icinga\Authentication;
|
||||
|
||||
interface UserBackend
|
||||
{
|
||||
/**
|
||||
* Creates a new object
|
||||
* @param $config
|
||||
*/
|
||||
public function __construct($config);
|
||||
|
||||
/**
|
||||
* Test if the username exists
|
||||
* @param Credentials $credentials
|
||||
* @return boolean
|
||||
*/
|
||||
public function hasUsername(Credentials $credentials);
|
||||
|
||||
/**
|
||||
* Authenticate
|
||||
* @param Credentials $credentials
|
||||
* @return User
|
||||
*/
|
||||
public function authenticate(Credentials $credentials);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@ namespace Tests\Icinga\Authentication;
|
|||
require_once("../../library/Icinga/Authentication/Session.php");
|
||||
require_once("../../library/Icinga/Authentication/PhpSession.php");
|
||||
require_once("../../library/Icinga/Application/Logger.php");
|
||||
require_once("../../library/Icinga/Exception/ConfigurationError.php");
|
||||
require_once("Zend/Log.php");
|
||||
|
||||
use Icinga\Authentication\PhpSession as PhpSession;
|
||||
|
|
|
|||
Loading…
Reference in New Issue