sspmod_ldap_Auth_Process_AttributeAddFromLDAP Class Reference
Inheritance diagram for sspmod_ldap_Auth_Process_AttributeAddFromLDAP:
Collaboration diagram for sspmod_ldap_Auth_Process_AttributeAddFromLDAP:
Public Member Functions | |
| __construct ($config, $reserved) | |
| Initialize this filter. More... | |
| process (&$request) | |
| Add attributes from an LDAP server. More... | |
| Public Member Functions inherited from sspmod_ldap_Auth_Process_BaseFilter | |
| __construct (&$config, $reserved) | |
| Checks the authsource, if defined, for configuration values to the LDAP server. More... | |
| __construct (&$config, $reserved) | |
| Constructor for a processing filter. More... | |
| process (&$request) | |
| Process a request. More... | |
Protected Attributes | |
| $search_attributes | |
| $search_filter | |
| $attr_policy | |
| Protected Attributes inherited from sspmod_ldap_Auth_Process_BaseFilter | |
| $attribute_map | |
| $base_dn | |
| $config | |
| $product | |
| $title = 'ldap:BaseFilter : ' | |
| $type_map | |
Additional Inherited Members | |
| Data Fields inherited from SimpleSAML_Auth_ProcessingFilter | |
| $priority = 50 | |
| Priority of this filter. More... | |
| Protected Member Functions inherited from sspmod_ldap_Auth_Process_BaseFilter | |
| getLdap () | |
| Getter for the LDAP connection object. More... | |
| var_export ($value) | |
| Local utility function to get details about a variable, basically converting it to a string to be used in a log message. More... | |
Detailed Description
Definition at line 35 of file AttributeAddFromLDAP.php.
Constructor & Destructor Documentation
◆ __construct()
| sspmod_ldap_Auth_Process_AttributeAddFromLDAP::__construct | ( | $config, | |
| $reserved | |||
| ) |
Initialize this filter.
- Parameters
-
array $config Configuration information about this filter. mixed $reserved For future use.
Definition at line 67 of file AttributeAddFromLDAP.php.
68 {
69 /*
70 * For backwards compatibility, check for old config names
71 * @TODO Remove after 2.0
72 */
75 }
78 }
81 }
84 }
87 }
90 }
93 }
96 }
99 }
100
101 /*
102 * Remove the old config names
103 * @TODO Remove after 2.0
104 */
105 unset(
115 );
116
117 // Now that we checked for BC, run the parent constructor
118 parent::__construct($config, $reserved);
119
120 // Get filter specific config options
121 $this->search_attributes = $this->config->getArrayize('attributes', array());
122 if (empty($this->search_attributes)) {
123 $new_attribute = $this->config->getString('attribute.new', '');
124 $this->search_attributes[$new_attribute] = $this->config->getString('search.attribute');
125 }
126 $this->search_filter = $this->config->getString('search.filter');
127
128 // get the attribute policy
129 $this->attr_policy = $this->config->getString('attribute.policy', 'merge');
130 }
References sspmod_ldap_Auth_Process_BaseFilter\$config.
Member Function Documentation
◆ process()
| sspmod_ldap_Auth_Process_AttributeAddFromLDAP::process | ( | & | $request | ) |
Add attributes from an LDAP server.
- Parameters
-
array &$request The current request
Reimplemented from SimpleSAML_Auth_ProcessingFilter.
Definition at line 138 of file AttributeAddFromLDAP.php.
139 {
140 assert('is_array($request)');
141 assert('array_key_exists("Attributes", $request)');
142
144
145 // perform a merge on the ldap_search_filter
146
147 // loop over the attributes and build the search and replace arrays
149 $arrSearch[] = '%'.$attr.'%';
150
151 if (strlen($val[0]) > 0) {
152 $arrReplace[] = SimpleSAML_Auth_LDAP::escape_filter_value($val[0]);
153 } else {
154 $arrReplace[] = '';
155 }
156 }
157
158 // merge the attributes into the ldap_search_filter
159 $filter = str_replace($arrSearch, $arrReplace, $this->search_filter);
160
161 if (strpos($filter, '%') !== false) {
162 SimpleSAML\Logger::info('AttributeAddFromLDAP: There are non-existing attributes in the search filter. ('.
163 $this->search_filter.')');
164 return;
165 }
166
167 if (!in_array($this->attr_policy, array('merge', 'replace', 'add'), true)) {
169 "'replace' or 'add'.");
170 return;
171 }
172
173 // getLdap
174 try {
176 } catch (Exception $e) {
177 // Added this warning in case $this->getLdap() fails
179 return;
180 }
181 // search for matching entries
182 try {
183 $entries = $ldap->searchformultiple(
184 $this->base_dn,
185 $filter,
186 array_values($this->search_attributes),
187 true,
188 false
189 );
190 } catch (Exception $e) {
191 return; // silent fail, error is still logged by LDAP search
192 }
193
194 // handle [multiple] values
195 foreach ($entries as $entry) {
199 }
200
203 }
209 if ($this->attr_policy === 'merge') {
212 }
213 } else {
215 }
216 }
217 } else {
219 }
220 }
221 }
222 }
223 }
static escape_filter_value($values=array(), $singleValue=true)
Borrowed function from PEAR:LDAP.
Definition: LDAP.php:651
References $attributes, sspmod_ldap_Auth_Process_BaseFilter\$ldap, $name, $target, SimpleSAML_Auth_LDAP\escape_filter_value(), sspmod_ldap_Auth_Process_BaseFilter\getLdap(), SimpleSAML\Logger\info(), and SimpleSAML\Logger\warning().
Here is the call graph for this function:
Field Documentation
◆ $attr_policy
|
protected |
Definition at line 59 of file AttributeAddFromLDAP.php.
◆ $search_attributes
|
protected |
Definition at line 43 of file AttributeAddFromLDAP.php.
◆ $search_filter
|
protected |
Definition at line 51 of file AttributeAddFromLDAP.php.
The documentation for this class was generated from the following file:
- libs/composer/vendor/simplesamlphp/simplesamlphp/modules/ldap/lib/Auth/Process/AttributeAddFromLDAP.php
