119 lines
3.2 KiB
PHP
119 lines
3.2 KiB
PHP
<?php
|
|
|
|
require_once "database.php";
|
|
|
|
$ldap_domain_name = "woodywood";
|
|
|
|
$handle = ldap_connect("ldaps://$ldap_domain_name.local");
|
|
ldap_set_option($handle, LDAP_OPT_PROTOCOL_VERSION, 3);
|
|
ldap_set_option($handle, LDAP_OPT_REFERRALS, 0);
|
|
|
|
class UserInfo
|
|
{
|
|
public ?string $fullName;
|
|
public array $ous;
|
|
|
|
public function __construct(?string $fullName, array $ous)
|
|
{
|
|
$this->fullName = $fullName;
|
|
$this->ous = $ous;
|
|
}
|
|
}
|
|
|
|
function LdapConnect(string $domain, string $username, string $password): LDAP\Result|false
|
|
{
|
|
global $handle;
|
|
$bind = ldap_bind_ext($handle, $username . '@' . $domain, $password);
|
|
return $bind;
|
|
}
|
|
|
|
function LdapIsConnected(string $domain, string $username, string $password) {
|
|
global $handle;
|
|
$result = LdapConnect($domain, $username, $password);
|
|
ldap_parse_result($handle, $result, $error_code, $matched_dn, $error_message, $referrals, $controls);
|
|
$success = $error_code == 0;
|
|
LogConnection($username, $success);
|
|
return $success;
|
|
}
|
|
|
|
function LogConnection(string $username, bool $success) {
|
|
InsertLine(new AuthAttempt($username, $success ? "success" : "failure", $_SERVER['REMOTE_ADDR']));
|
|
}
|
|
|
|
function LdapConnectAndBind()
|
|
{
|
|
global $ldap_domain_name;
|
|
$ldap_instance = ldap_connect("ldap://$ldap_domain_name.local");
|
|
ldap_set_option($ldap_instance, LDAP_OPT_PROTOCOL_VERSION, 3);
|
|
ldap_set_option($ldap_instance, LDAP_OPT_REFERRALS, 0);
|
|
ldap_bind($ldap_instance, "Administrateur@woodywood", "3AFISE+25");
|
|
return $ldap_instance;
|
|
}
|
|
|
|
function LdapGetUserInfo(string $user): ?UserInfo
|
|
{
|
|
global $handle;
|
|
global $ldap_domain_name;
|
|
$search_base = "DC=$ldap_domain_name,DC=local";
|
|
$search_filter = "(sAMAccountName=$user)";
|
|
$search_attributes = ["distinguishedname"];
|
|
$result = ldap_search($handle, $search_base, $search_filter, $search_attributes);
|
|
$entries = ldap_get_entries($handle, $result);
|
|
|
|
if ($entries['count'] > 0) {
|
|
$dn = $entries[0]['distinguishedname'][0];
|
|
return new UserInfo(GetValue($dn, "CN")[0], GetValue($dn, "OU"));
|
|
}
|
|
|
|
return null;
|
|
}
|
|
|
|
function GetValue(string $dnStr, string $key): array
|
|
{
|
|
preg_match_all("/$key=([^,]+)/", $dnStr, $matches);
|
|
return isset($matches[1]) ? $matches[1] : [];
|
|
}
|
|
|
|
function LdapGetObjectsInOU(string $ou, string $objectType, string $field): array
|
|
{
|
|
global $ldap_domain_name;
|
|
global $handle;
|
|
// $handle = LdapConnectAndBind();
|
|
$searchBase = "DC=$ldap_domain_name,DC=local";
|
|
$filter = "(objectClass=$objectType)";
|
|
$attributes = [];
|
|
|
|
$object_values = [];
|
|
|
|
$result = ldap_search($handle, $searchBase, $filter, $attributes);
|
|
$entries = ldap_get_entries($handle, $result);
|
|
|
|
if ($entries['count'] > 0) {
|
|
foreach ($entries as $key => $entry) {
|
|
if (!isset($entry["dn"]))
|
|
continue;
|
|
$dn = $entry["dn"];
|
|
$ous = GetValue($dn, "OU");
|
|
|
|
$res = array_search($ou, $ous);
|
|
if (!is_numeric($res))
|
|
continue;
|
|
|
|
$cn = GetValue($dn, $field);
|
|
array_push($object_values, $cn);
|
|
}
|
|
}
|
|
|
|
return $object_values;
|
|
}
|
|
|
|
function LdapGetUsersInOU(string $ou): array
|
|
{
|
|
return LdapGetObjectsInOU($ou, "user", "CN");
|
|
}
|
|
|
|
function LdapGetGroupsInOU(string $ou): array
|
|
{
|
|
return LdapGetObjectsInOU($ou, "group", "CN");
|
|
}
|