d7/d13/AttributeAddFromLDAP_8php_source.html

 <?php

 class sspmod_ldap_Auth_Process_AttributeAddFromLDAP extends sspmod_ldap_Auth_Process_BaseFilter
 {

     protected $search_attributes;


     protected $search_filter;


     protected $attr_policy;

     public function __construct($config, $reserved)
     {
         /*
          * For backwards compatibility, check for old config names
          * @TODO Remove after 2.0
          */
         if (isset($config['ldap_host'])) {
             $config['ldap.hostname'] = $config['ldap_host'];
         }
         if (isset($config['ldap_port'])) {
             $config['ldap.port'] = $config['ldap_port'];
         }
         if (isset($config['ldap_bind_user'])) {
             $config['ldap.username'] = $config['ldap_bind_user'];
         }
         if (isset($config['ldap_bind_pwd'])) {
             $config['ldap.password'] = $config['ldap_bind_pwd'];
         }
         if (isset($config['userid_attribute'])) {
             $config['attribute.username'] = $config['userid_attribute'];
         }
         if (isset($config['ldap_search_base_dn'])) {
             $config['ldap.basedn'] = $config['ldap_search_base_dn'];
         }
         if (isset($config['ldap_search_filter'])) {
             $config['search.filter'] = $config['ldap_search_filter'];
         }
         if (isset($config['ldap_search_attribute'])) {
             $config['search.attribute'] = $config['ldap_search_attribute'];
         }
         if (isset($config['new_attribute_name'])) {
             $config['attribute.new'] = $config['new_attribute_name'];
         }

         /*
          * Remove the old config names
          * @TODO Remove after 2.0
          */
         unset(
             $config['ldap_host'],
             $config['ldap_port'],
             $config['ldap_bind_user'],
             $config['ldap_bind_pwd'],
             $config['userid_attribute'],
             $config['ldap_search_base_dn'],
             $config['ldap_search_filter'],
             $config['ldap_search_attribute'],
             $config['new_attribute_name']
         );

         // Now that we checked for BC, run the parent constructor
         parent::__construct($config, $reserved);

         // Get filter specific config options
         $this->search_attributes = $this->config->getArrayize('attributes', array());
         if (empty($this->search_attributes)) {
             $new_attribute = $this->config->getString('attribute.new', '');
             $this->search_attributes[$new_attribute] = $this->config->getString('search.attribute');
         }
         $this->search_filter = $this->config->getString('search.filter');

         // get the attribute policy
         $this->attr_policy = $this->config->getString('attribute.policy', 'merge');
     }


     public function process(&$request)
     {
         assert('is_array($request)');
         assert('array_key_exists("Attributes", $request)');

         $attributes =& $request['Attributes'];

         // perform a merge on the ldap_search_filter

         // loop over the attributes and build the search and replace arrays
         foreach ($attributes as $attr => $val) {
             $arrSearch[] = '%'.$attr.'%';

             if (strlen($val[0]) > 0) {
                 $arrReplace[] = SimpleSAML_Auth_LDAP::escape_filter_value($val[0]);
             } else {
                 $arrReplace[] = '';
             }
         }

         // merge the attributes into the ldap_search_filter
         $filter = str_replace($arrSearch, $arrReplace, $this->search_filter);

         if (strpos($filter, '%') !== false) {
             SimpleSAML\Logger::info('AttributeAddFromLDAP: There are non-existing attributes in the search filter. ('.
                                     $this->search_filter.')');
             return;
         }

         if (!in_array($this->attr_policy, array('merge', 'replace', 'add'), true)) {
             SimpleSAML\Logger::warning("AttributeAddFromLDAP: 'attribute.policy' must be one of 'merge',".
                                        "'replace' or 'add'.");
             return;
         }

         // getLdap
         try {
             $ldap = $this->getLdap();
         } catch (Exception $e) {
             // Added this warning in case $this->getLdap() fails
             SimpleSAML\Logger::warning("AttributeAddFromLDAP: exception = " . $e);
             return;
         }
         // search for matching entries
         try {
             $entries = $ldap->searchformultiple(
                 $this->base_dn,
                 $filter,
                 array_values($this->search_attributes),
                 true,
                 false
             );
         } catch (Exception $e) {
             return; // silent fail, error is still logged by LDAP search
         }

         // handle [multiple] values
         foreach ($entries as $entry) {
             foreach ($this->search_attributes as $target => $name) {
                 if (is_numeric($target)) {
                     $target = $name;
                 }

                 if (isset($attributes[$target]) && $this->attr_policy === 'replace') {
                     unset($attributes[$target]);
                 }
                 $name = strtolower($name);
                 if (isset($entry[$name])) {
                     unset($entry[$name]['count']);
                     if (isset($attributes[$target])) {
                         foreach (array_values($entry[$name]) as $value) {
                             if ($this->attr_policy === 'merge') {
                                 if (!in_array($value, $attributes[$target], true)) {
                                     $attributes[$target][] = $value;
                                 }
                             } else {
                                 $attributes[$target][] = $value;
                             }
                         }
                     } else {
                         $attributes[$target] = array_values($entry[$name]);
                     }
                 }
             }
         }
     }
 }
sspmod_ldap_Auth_Process_AttributeAddFromLDAP\__construct
__construct($config, $reserved)
Initialize this filter.
Definition: AttributeAddFromLDAP.php:67

$target
$target
Definition: generate-schema-cache.php:22

sspmod_ldap_Auth_Process_AttributeAddFromLDAP\process
process(&$request)
Add attributes from an LDAP server.
Definition: AttributeAddFromLDAP.php:138

$attributes
$attributes
Definition: serviceValidate.php:33

SimpleSAML_Auth_LDAP\escape_filter_value
static escape_filter_value($values=array(), $singleValue=true)
Borrowed function from PEAR:LDAP.
Definition: LDAP.php:651

sspmod_ldap_Auth_Process_AttributeAddFromLDAP
Definition: AttributeAddFromLDAP.php:35

$name
if($format !==null) $name
Definition: metadata.php:146

SimpleSAML\Logger\info
static info($string)
Definition: Logger.php:201

SimpleSAML\Logger\warning
static warning($string)
Definition: Logger.php:179

sspmod_ldap_Auth_Process_AttributeAddFromLDAP\$attr_policy
$attr_policy
Definition: AttributeAddFromLDAP.php:59

sspmod_ldap_Auth_Process_AttributeAddFromLDAP\$search_filter
$search_filter
Definition: AttributeAddFromLDAP.php:51

array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19

sspmod_ldap_Auth_Process_BaseFilter\$config
$config
Definition: BaseFilter.php:44

sspmod_ldap_Auth_Process_BaseFilter\getLdap
getLdap()
Getter for the LDAP connection object.
Definition: BaseFilter.php:256

sspmod_ldap_Auth_Process_BaseFilter\$ldap
$ldap
Definition: BaseFilter.php:53

sspmod_ldap_Auth_Process_BaseFilter
Definition: BaseFilter.php:15

sspmod_ldap_Auth_Process_AttributeAddFromLDAP\$search_attributes
$search_attributes
Definition: AttributeAddFromLDAP.php:43

Exception