diff --git a/.env.example b/.env.example
index ac74863..2de7d0f 100644
--- a/.env.example
+++ b/.env.example
@@ -44,3 +44,8 @@ PUSHER_APP_CLUSTER=mt1
MIX_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
MIX_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"
+
+LDAP_HOST=
+LDAP_BASE_DN=
+LDAP_USERNAME=
+LDAP_PASSWORD=
diff --git a/README.md b/README.md
index 4b02ba4..98450c0 100644
--- a/README.md
+++ b/README.md
@@ -26,7 +26,7 @@ With that PLA is going under a major revamp in preparation for v2 and will aim t
Some of the creations planned to be used in v2 include:
* Laravel (https://laravel.com)
-* adldap2/adldap2 (https://github.com/Adldap2/Adldap2)
+* directorytree/ldaprecord-laravel (https://ldaprecord.com/)
* JQuery (https://jquery.com)
* FancyTree (https://github.com/mar10/fancytree)
* ArchitectUI (https://architectui.com)
diff --git a/app/Classes/LDAP/Server.php b/app/Classes/LDAP/Server.php
index 6d1ce36..a6733cd 100644
--- a/app/Classes/LDAP/Server.php
+++ b/app/Classes/LDAP/Server.php
@@ -2,8 +2,7 @@
namespace App\Classes\LDAP;
-use Adldap\Adldap;
-use Adldap\Models\Entry;
+use App\Ldap\Entry;
use Illuminate\Support\Collection;
class Server
@@ -42,11 +41,10 @@ class Server
protected function getDNAttrValues(string $dn,array $attrs=['*','+'],int $deref=LDAP_DEREF_NEVER): ?Entry
{
try {
- return ($x=(new Adldap)
- ->addProvider(config('ldap.connections.default.settings'))
- ->search()
+ return ($x=(new Entry)
+ ->query()
->select($attrs)
- ->findByDn($dn)) ? $x : NULL;
+ ->find($dn)) ? $x : NULL;
// @todo Tidy up this exception
} catch (\Exception $e) {
@@ -60,14 +58,13 @@ class Server
* @param $dn
* @return |null
*/
- public function fetch(string $dn,array $attributes=['*'])
+ public function fetch(string $dn,array $attrs=['*','+'])
{
try {
- return ($x=(new Adldap)
- ->addProvider(config('ldap.connections.default.settings'))
- ->search()
- ->select($attributes)
- ->findByDn($dn)) ? $x : NULL;
+ return ($x=(new Entry)
+ ->query()
+ ->select($attrs)
+ ->find($dn)) ? $x : NULL;
// @todo Tidy up this exception
} catch (\Exception $e) {
@@ -84,11 +81,9 @@ class Server
public function query(string $dn)
{
try {
- return ($x=(new Adldap)
- ->addProvider(config('ldap.connections.default.settings'))
- ->search()
- ->setBaseDn($dn)
- //->select($attrs)
+ return ($x=(new Entry)
+ ->query()
+ ->setDn($dn)
->listing()
->get()) ? $x : NULL;
diff --git a/app/Http/Controllers/APIController.php b/app/Http/Controllers/APIController.php
index d9b88e2..faa6b57 100644
--- a/app/Http/Controllers/APIController.php
+++ b/app/Http/Controllers/APIController.php
@@ -3,9 +3,9 @@
namespace App\Http\Controllers;
use Illuminate\Http\Request;
-use Illuminate\Support\Collection;
use Illuminate\Support\Facades\Crypt;
use Illuminate\Support\Facades\Log;
+use LdapRecord\Query\Collection;
use App\Classes\LDAP\Server;
@@ -31,6 +31,10 @@ class APIController extends Controller
});
}
+ /**
+ * @param Request $request
+ * @return Collection
+ */
public function query(Request $request): Collection
{
$levels = $request->query('depth',1);
@@ -41,14 +45,12 @@ class APIController extends Controller
->query($dn)
->transform(function($item) {
return [
- 'title'=>$item->getDistinguishedName(),
- 'item'=>Crypt::encryptString($item->getDistinguishedName()),
+ 'title'=>$item->getDn(),
+ 'item'=>Crypt::encryptString($item->getDn()),
'icon'=>'fa-fw fas fa-sitemap',
'lazy'=>TRUE,
- 'tooltip'=>$item->getDistinguishedName(),
+ 'tooltip'=>$item->getDn(),
];
});
-
- Log::debug(sprintf('%s: Query [%s] - Levels [%d]: %s',__METHOD__,$dn,$levels,serialize($x)));
}
}
diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
index 9436e17..7a19223 100644
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@@ -5,6 +5,7 @@ namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use Illuminate\Foundation\Auth\AuthenticatesUsers;
+use Illuminate\Http\Request;
class LoginController extends Controller
{
@@ -38,6 +39,14 @@ class LoginController extends Controller
$this->middleware('guest')->except('logout');
}
+ protected function credentials(Request $request): array
+ {
+ return [
+ 'mail' => $request->get('email'),
+ 'password' => $request->get('password'),
+ ];
+ }
+
/**
* Show our themed login page
*/
@@ -50,14 +59,4 @@ class LoginController extends Controller
return view('architect::auth.login')->with('login_note',$login_note);
}
-
- /**
- * Get the login username to be used by the controller.
- *
- * @return string
- */
- public function username()
- {
- return config('ldap_auth.identifiers.ldap.locate_users_by');
- }
}
diff --git a/app/Ldap/Entry.php b/app/Ldap/Entry.php
new file mode 100644
index 0000000..df636f4
--- /dev/null
+++ b/app/Ldap/Entry.php
@@ -0,0 +1,15 @@
+hasMany(Passport::clientModel(), 'user_id');
- }
-
- /**
- * Get all of the access tokens for the user.
- *
- * @return \Illuminate\Database\Eloquent\Relations\HasMany
- */
- public function tokens()
- {
- // return $this->hasMany(Passport::tokenModel(), 'user_id')->orderBy('created_at', 'desc');
- }
-
- /**
- * Get the current access token being used by the user.
- *
- * @return \Laravel\Passport\Token|null
- */
- public function token()
- {
- return $this->accessToken;
- }
-
- /**
- * Determine if the current API token has a given scope.
- *
- * @param string $scope
- * @return bool
- */
- public function tokenCan($scope)
- {
- return $this->accessToken ? $this->accessToken->can($scope) : false;
- }
-
- /**
- * Create a new personal access token for the user.
- *
- * @param string $name
- * @param array $scopes
- *
- * @return \Laravel\Passport\PersonalAccessTokenResult
- */
- public function createToken($name, array $scopes = [])
- {
- return Container::getInstance()->make(PersonalAccessTokenFactory::class)->make(
- $this->getKey(), $name, $scopes
- );
- }
-
- /**
- * Set the current access token for the user.
- *
- * @param \Laravel\Passport\Token $accessToken
- *
- * @return $this
- */
- public function withAccessToken($accessToken)
- {
- $this->accessToken = $accessToken;
-
- return $this;
- }
-}
diff --git a/composer.json b/composer.json
index f2e148a..bee8788 100644
--- a/composer.json
+++ b/composer.json
@@ -9,7 +9,7 @@
"license": "MIT",
"require": {
"php": "^7.2.5",
- "adldap2/adldap2-laravel": "^6.0",
+ "directorytree/ldaprecord-laravel": "^1.7",
"fideloper/proxy": "^4.2",
"fruitcake/laravel-cors": "^2.0",
"guzzlehttp/guzzle": "^6.3",
diff --git a/composer.lock b/composer.lock
index 255f81d..7f516e7 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,121 +4,8 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
- "content-hash": "6af914ca38690bee00357e0090846450",
+ "content-hash": "3305fba3e359e4cd7e2d41c6a65c7437",
"packages": [
- {
- "name": "adldap2/adldap2",
- "version": "v10.3.0",
- "source": {
- "type": "git",
- "url": "https://github.com/Adldap2/Adldap2.git",
- "reference": "1294c92746e3fb3bb59cd7756ca7838a1e705a2a"
- },
- "dist": {
- "type": "zip",
- "url": "https://api.github.com/repos/Adldap2/Adldap2/zipball/1294c92746e3fb3bb59cd7756ca7838a1e705a2a",
- "reference": "1294c92746e3fb3bb59cd7756ca7838a1e705a2a",
- "shasum": ""
- },
- "require": {
- "ext-json": "*",
- "ext-ldap": "*",
- "illuminate/contracts": "~5.0|~6.0|~7.0",
- "php": ">=7.0",
- "psr/log": "~1.0",
- "psr/simple-cache": "~1.0",
- "tightenco/collect": "~5.0|~6.0|~7.0"
- },
- "require-dev": {
- "mockery/mockery": "~1.0",
- "phpunit/phpunit": "~6.0"
- },
- "suggest": {
- "ext-fileinfo": "fileinfo is required when retrieving user encoded thumbnails"
- },
- "type": "library",
- "autoload": {
- "psr-4": {
- "Adldap\\": "src/"
- }
- },
- "notification-url": "https://packagist.org/downloads/",
- "license": [
- "MIT"
- ],
- "authors": [
- {
- "name": "Steve Bauman",
- "email": "steven_bauman@outlook.com",
- "role": "Developer"
- }
- ],
- "description": "A PHP LDAP Package for humans.",
- "keywords": [
- "active directory",
- "ad",
- "adLDAP",
- "adldap2",
- "directory",
- "ldap",
- "windows"
- ],
- "time": "2020-05-04T21:10:15+00:00"
- },
- {
- "name": "adldap2/adldap2-laravel",
- "version": "v6.1.1",
- "source": {
- "type": "git",
- "url": "https://github.com/Adldap2/Adldap2-Laravel.git",
- "reference": "c72a2e3757919c39d6a03bd345ec4e586284825c"
- },
- "dist": {
- "type": "zip",
- "url": "https://api.github.com/repos/Adldap2/Adldap2-Laravel/zipball/c72a2e3757919c39d6a03bd345ec4e586284825c",
- "reference": "c72a2e3757919c39d6a03bd345ec4e586284825c",
- "shasum": ""
- },
- "require": {
- "adldap2/adldap2": "^10.1",
- "illuminate/support": "~5.5|~6.0|~7.0",
- "php": ">=7.1"
- },
- "require-dev": {
- "mockery/mockery": "~1.0",
- "orchestra/testbench": "~3.7",
- "phpunit/phpunit": "~7.0"
- },
- "type": "project",
- "extra": {
- "laravel": {
- "providers": [
- "Adldap\\Laravel\\AdldapServiceProvider",
- "Adldap\\Laravel\\AdldapAuthServiceProvider"
- ],
- "aliases": {
- "Adldap": "Adldap\\Laravel\\Facades\\Adldap"
- }
- }
- },
- "autoload": {
- "psr-4": {
- "Adldap\\Laravel\\": "src/"
- }
- },
- "notification-url": "https://packagist.org/downloads/",
- "license": [
- "MIT"
- ],
- "description": "LDAP Authentication & Management for Laravel.",
- "keywords": [
- "adLDAP",
- "adldap2",
- "laravel",
- "ldap"
- ],
- "time": "2020-06-02T00:45:05+00:00"
- },
{
"name": "asm89/stack-cors",
"version": "v2.0.1",
@@ -345,6 +232,130 @@
],
"time": "2018-07-24T23:27:56+00:00"
},
+ {
+ "name": "directorytree/ldaprecord",
+ "version": "v1.10.1",
+ "source": {
+ "type": "git",
+ "url": "https://github.com/DirectoryTree/LdapRecord.git",
+ "reference": "601e2fb47802795b27ea6052e78557c56f397082"
+ },
+ "dist": {
+ "type": "zip",
+ "url": "https://api.github.com/repos/DirectoryTree/LdapRecord/zipball/601e2fb47802795b27ea6052e78557c56f397082",
+ "reference": "601e2fb47802795b27ea6052e78557c56f397082",
+ "shasum": ""
+ },
+ "require": {
+ "ext-json": "*",
+ "ext-ldap": "*",
+ "illuminate/contracts": "^5.0|^6.0|^7.0|^8.0",
+ "nesbot/carbon": "^1.0|^2.0",
+ "php": ">=7.2",
+ "psr/log": "^1.0",
+ "psr/simple-cache": "^1.0",
+ "tightenco/collect": "^5.0|^6.0|^7.0|^8.0"
+ },
+ "require-dev": {
+ "mockery/mockery": "^1.0",
+ "phpunit/phpunit": "^6.0"
+ },
+ "type": "library",
+ "autoload": {
+ "psr-4": {
+ "LdapRecord\\": "src/"
+ }
+ },
+ "notification-url": "https://packagist.org/downloads/",
+ "license": [
+ "MIT"
+ ],
+ "authors": [
+ {
+ "name": "Steve Bauman",
+ "email": "steven_bauman@outlook.com",
+ "role": "Developer"
+ }
+ ],
+ "description": "A fully-featured LDAP ORM.",
+ "homepage": "https://www.ldaprecord.com",
+ "keywords": [
+ "active directory",
+ "ad",
+ "adLDAP",
+ "adldap2",
+ "directory",
+ "ldap",
+ "ldaprecord",
+ "orm",
+ "windows"
+ ],
+ "funding": [
+ {
+ "url": "https://github.com/stevebauman",
+ "type": "github"
+ }
+ ],
+ "time": "2020-09-08T16:57:58+00:00"
+ },
+ {
+ "name": "directorytree/ldaprecord-laravel",
+ "version": "v1.7.1",
+ "source": {
+ "type": "git",
+ "url": "https://github.com/DirectoryTree/LdapRecord-Laravel.git",
+ "reference": "98e6698057321aef9d777bfe312bd1d968a5d67e"
+ },
+ "dist": {
+ "type": "zip",
+ "url": "https://api.github.com/repos/DirectoryTree/LdapRecord-Laravel/zipball/98e6698057321aef9d777bfe312bd1d968a5d67e",
+ "reference": "98e6698057321aef9d777bfe312bd1d968a5d67e",
+ "shasum": ""
+ },
+ "require": {
+ "directorytree/ldaprecord": "^1.8.2",
+ "ext-ldap": "*",
+ "illuminate/support": "^5.6|^6.0|^7.0|^8.0",
+ "php": ">=7.2"
+ },
+ "require-dev": {
+ "mockery/mockery": "~1.0",
+ "orchestra/testbench": "~3.7|~4.0|~5.0|~6.0",
+ "phpunit/phpunit": "~7.0|~8.0|~9.0"
+ },
+ "type": "project",
+ "extra": {
+ "laravel": {
+ "providers": [
+ "LdapRecord\\Laravel\\LdapServiceProvider",
+ "LdapRecord\\Laravel\\LdapAuthServiceProvider"
+ ]
+ }
+ },
+ "autoload": {
+ "psr-4": {
+ "LdapRecord\\Laravel\\": "src/"
+ }
+ },
+ "notification-url": "https://packagist.org/downloads/",
+ "license": [
+ "MIT"
+ ],
+ "description": "LDAP Authentication & Management for Laravel.",
+ "keywords": [
+ "adldap2",
+ "laravel",
+ "ldap",
+ "ldaprecord"
+ ],
+ "funding": [
+ {
+ "url": "https://github.com/stevebauman",
+ "type": "github"
+ }
+ ],
+ "time": "2020-09-08T18:14:11+00:00"
+ },
{
"name": "doctrine/inflector",
"version": "2.0.3",
@@ -2141,16 +2152,16 @@
},
{
"name": "nesbot/carbon",
- "version": "2.39.1",
+ "version": "2.39.2",
"source": {
"type": "git",
"url": "https://github.com/briannesbitt/Carbon.git",
- "reference": "7af467873250583cc967a59ee9df29fabab193c1"
+ "reference": "326efde1bc09077a26cb77f6e2e32e13f06c27f2"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/briannesbitt/Carbon/zipball/7af467873250583cc967a59ee9df29fabab193c1",
- "reference": "7af467873250583cc967a59ee9df29fabab193c1",
+ "url": "https://api.github.com/repos/briannesbitt/Carbon/zipball/326efde1bc09077a26cb77f6e2e32e13f06c27f2",
+ "reference": "326efde1bc09077a26cb77f6e2e32e13f06c27f2",
"shasum": ""
},
"require": {
@@ -2226,7 +2237,7 @@
"type": "tidelift"
}
],
- "time": "2020-09-04T13:11:37+00:00"
+ "time": "2020-09-10T12:16:42+00:00"
},
{
"name": "nyholm/psr7",
@@ -5389,16 +5400,16 @@
},
{
"name": "symfony/translation-contracts",
- "version": "v2.1.3",
+ "version": "v2.2.0",
"source": {
"type": "git",
"url": "https://github.com/symfony/translation-contracts.git",
- "reference": "616a9773c853097607cf9dd6577d5b143ffdcd63"
+ "reference": "77ce1c3627c9f39643acd9af086631f842c50c4d"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/symfony/translation-contracts/zipball/616a9773c853097607cf9dd6577d5b143ffdcd63",
- "reference": "616a9773c853097607cf9dd6577d5b143ffdcd63",
+ "url": "https://api.github.com/repos/symfony/translation-contracts/zipball/77ce1c3627c9f39643acd9af086631f842c50c4d",
+ "reference": "77ce1c3627c9f39643acd9af086631f842c50c4d",
"shasum": ""
},
"require": {
@@ -5410,7 +5421,7 @@
"type": "library",
"extra": {
"branch-alias": {
- "dev-master": "2.1-dev"
+ "dev-master": "2.2-dev"
},
"thanks": {
"name": "symfony/contracts",
@@ -5460,7 +5471,7 @@
"type": "tidelift"
}
],
- "time": "2020-07-06T13:23:11+00:00"
+ "time": "2020-09-07T11:33:47+00:00"
},
{
"name": "symfony/var-dumper",
@@ -5554,16 +5565,16 @@
},
{
"name": "tightenco/collect",
- "version": "v7.26.1",
+ "version": "v8.0.0",
"source": {
"type": "git",
- "url": "https://github.com/tightenco/collect.git",
- "reference": "5e460929279ad806e59fc731e649e9b25fc8774a"
+ "url": "https://github.com/tighten/collect.git",
+ "reference": "90aa058ca9250eebc3e07f25377949f43855ecae"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/tightenco/collect/zipball/5e460929279ad806e59fc731e649e9b25fc8774a",
- "reference": "5e460929279ad806e59fc731e649e9b25fc8774a",
+ "url": "https://api.github.com/repos/tighten/collect/zipball/90aa058ca9250eebc3e07f25377949f43855ecae",
+ "reference": "90aa058ca9250eebc3e07f25377949f43855ecae",
"shasum": ""
},
"require": {
@@ -5600,7 +5611,7 @@
"collection",
"laravel"
],
- "time": "2020-09-05T00:05:48+00:00"
+ "time": "2020-09-08T16:43:13+00:00"
},
{
"name": "tijsverkoyen/css-to-inline-styles",
diff --git a/config/auth.php b/config/auth.php
index 927c3eb..4cb9951 100644
--- a/config/auth.php
+++ b/config/auth.php
@@ -38,7 +38,7 @@ return [
'guards' => [
'web' => [
'driver' => 'session',
- 'provider' => 'users',
+ 'provider' => 'ldap',
],
'api' => [
@@ -68,13 +68,18 @@ return [
'providers' => [
'users' => [
'driver' => 'ldap',
- // 'model' => App\User::class,
+ 'model' => App\Ldap\User::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
+
+ 'ldap' => [
+ 'driver' => 'ldap',
+ 'model' => App\Ldap\User::class,
+ ],
],
/*
diff --git a/config/ldap.php b/config/ldap.php
index 03d3536..fd94d32 100644
--- a/config/ldap.php
+++ b/config/ldap.php
@@ -4,242 +4,70 @@ return [
/*
|--------------------------------------------------------------------------
- | Logging
+ | Default LDAP Connection Name
|--------------------------------------------------------------------------
|
- | This option enables logging all LDAP operations on all configured
- | connections such as bind requests and CRUD operations.
- |
- | Log entries will be created in your default logging stack.
- |
- | This option is extremely helpful for debugging connectivity issues.
+ | Here you may specify which of the LDAP connections below you wish
+ | to use as your default connection for all LDAP operations. Of
+ | course you may add as many connections you'd like below.
|
*/
- 'logging' => env('LDAP_LOGGING', false),
+ 'default' => env('LDAP_CONNECTION', 'default'),
/*
|--------------------------------------------------------------------------
- | Connections
+ | LDAP Connections
|--------------------------------------------------------------------------
|
- | This array stores the connections that are added to Adldap. You can add
- | as many connections as you like.
- |
- | The key is the name of the connection you wish to use and the value is
- | an array of configuration settings.
+ | Below you may configure each LDAP connection your application requires
+ | access to. Be sure to include a valid base DN - otherwise you may
+ | not receive any results when performing LDAP search operations.
|
*/
'connections' => [
'default' => [
-
- /*
- |--------------------------------------------------------------------------
- | Auto Connect
- |--------------------------------------------------------------------------
- |
- | If auto connect is true, Adldap will try to automatically connect to
- | your LDAP server in your configuration. This allows you to assume
- | connectivity rather than having to connect manually
- | in your application.
- |
- | If this is set to false, you **must** connect manually before running
- | LDAP operations. Otherwise, you will receive exceptions.
- |
- */
-
- 'auto_connect' => env('LDAP_AUTO_CONNECT', true),
-
- /*
- |--------------------------------------------------------------------------
- | Connection
- |--------------------------------------------------------------------------
- |
- | The connection class to use to run raw LDAP operations on.
- |
- | Custom connection classes must implement:
- |
- | Adldap\Connections\ConnectionInterface
- |
- */
-
- 'connection' => Adldap\Connections\Ldap::class,
-
- /*
- |--------------------------------------------------------------------------
- | Connection Settings
- |--------------------------------------------------------------------------
- |
- | This connection settings array is directly passed into the Adldap constructor.
- |
- | Feel free to add or remove settings you don't need.
- |
- */
-
- 'settings' => [
-
- /*
- |--------------------------------------------------------------------------
- | Schema
- |--------------------------------------------------------------------------
- |
- | The schema class to use for retrieving attributes and generating models.
- |
- | You can also set this option to `null` to use the default schema class.
- |
- | For OpenLDAP, you must use the schema:
- |
- | Adldap\Schemas\OpenLDAP::class
- |
- | For FreeIPA, you must use the schema:
- |
- | Adldap\Schemas\FreeIPA::class
- |
- | Custom schema classes must implement Adldap\Schemas\SchemaInterface
- |
- */
-
- //'schema' => Adldap\Schemas\OpenLDAP::class,
- 'schema' => App\Schema\Adldap::class,
-
- /*
- |--------------------------------------------------------------------------
- | Account Prefix
- |--------------------------------------------------------------------------
- |
- | The account prefix option is the prefix of your user accounts in LDAP directory.
- |
- | This string is prepended to all authenticating users usernames.
- |
- */
-
- 'account_prefix' => env('LDAP_ACCOUNT_PREFIX', 'prefix'),
-
- /*
- |--------------------------------------------------------------------------
- | Account Suffix
- |--------------------------------------------------------------------------
- |
- | The account suffix option is the suffix of your user accounts in your LDAP directory.
- |
- | This string is appended to all authenticating users usernames.
- |
- */
-
- 'account_suffix' => env('LDAP_ACCOUNT_SUFFIX', 'suffix'),
-
- /*
- |--------------------------------------------------------------------------
- | Domain Controllers
- |--------------------------------------------------------------------------
- |
- | The domain controllers option is an array of servers located on your
- | network that serve Active Directory. You can insert as many servers or
- | as little as you'd like depending on your forest (with the
- | minimum of one of course).
- |
- | These can be IP addresses of your server(s), or the host name.
- |
- */
-
- 'hosts' => explode(' ', env('LDAP_HOSTS', 'corp-dc1.corp.acme.org corp-dc2.corp.acme.org')),
-
- /*
- |--------------------------------------------------------------------------
- | Port
- |--------------------------------------------------------------------------
- |
- | The port option is used for authenticating and binding to your LDAP server.
- |
- */
-
- 'port' => env('LDAP_PORT', 389),
-
- /*
- |--------------------------------------------------------------------------
- | Timeout
- |--------------------------------------------------------------------------
- |
- | The timeout option allows you to configure the amount of time in
- | seconds that your application waits until a response
- | is received from your LDAP server.
- |
- */
-
- 'timeout' => env('LDAP_TIMEOUT', 5),
-
- /*
- |--------------------------------------------------------------------------
- | Base Distinguished Name
- |--------------------------------------------------------------------------
- |
- | The base distinguished name is the base distinguished name you'd
- | like to perform query operations on. An example base DN would be:
- |
- | dc=corp,dc=acme,dc=org
- |
- | A correct base DN is required for any query results to be returned.
- |
- */
-
- 'base_dn' => env('LDAP_BASE_DN', 'dc=corp,dc=acme,dc=org'),
-
- /*
- |--------------------------------------------------------------------------
- | LDAP Username & Password
- |--------------------------------------------------------------------------
- |
- | When connecting to your LDAP server, a username and password is required
- | to be able to query and run operations on your server(s). You can
- | use any user account that has these permissions. This account
- | does not need to be a domain administrator unless you
- | require changing and resetting user passwords.
- |
- */
-
- 'username' => env('LDAP_USERNAME'),
- 'password' => env('LDAP_PASSWORD'),
-
- /*
- |--------------------------------------------------------------------------
- | Follow Referrals
- |--------------------------------------------------------------------------
- |
- | The follow referrals option is a boolean to tell active directory
- | to follow a referral to another server on your network if the
- | server queried knows the information your asking for exists,
- | but does not yet contain a copy of it locally.
- |
- | This option is defaulted to false.
- |
- */
-
- 'follow_referrals' => false,
-
- /*
- |--------------------------------------------------------------------------
- | SSL & TLS
- |--------------------------------------------------------------------------
- |
- | If you need to be able to change user passwords on your server, then an
- | SSL or TLS connection is required. All other operations are allowed
- | on unsecured protocols.
- |
- | One of these options are definitely recommended if you
- | have the ability to connect to your server securely.
- |
- */
-
- 'use_ssl' => env('LDAP_USE_SSL', false),
- 'use_tls' => env('LDAP_USE_TLS', false),
-
- ],
-
- 'name' => 'OpenLDAP',
+ 'hosts' => [env('LDAP_HOST', '127.0.0.1')],
+ 'username' => env('LDAP_USERNAME', 'cn=user,dc=local,dc=com'),
+ 'password' => env('LDAP_PASSWORD', 'secret'),
+ 'port' => env('LDAP_PORT', 389),
+ 'base_dn' => env('LDAP_BASE_DN', 'dc=local,dc=com'),
+ 'timeout' => env('LDAP_TIMEOUT', 5),
+ 'use_ssl' => env('LDAP_SSL', false),
+ 'use_tls' => env('LDAP_TLS', false),
],
],
+ /*
+ |--------------------------------------------------------------------------
+ | LDAP Logging
+ |--------------------------------------------------------------------------
+ |
+ | When LDAP logging is enabled, all LDAP search and authentication
+ | operations are logged using the default application logging
+ | driver. This can assist in debugging issues and more.
+ |
+ */
+
+ 'logging' => env('LDAP_LOGGING', true),
+
+ /*
+ |--------------------------------------------------------------------------
+ | LDAP Cache
+ |--------------------------------------------------------------------------
+ |
+ | LDAP caching enables the ability of caching search results using the
+ | query builder. This is great for running expensive operations that
+ | may take many seconds to complete, such as a pagination request.
+ |
+ */
+
+ 'cache' => [
+ 'enabled' => env('LDAP_CACHE', false),
+ 'driver' => env('CACHE_DRIVER', 'file'),
+ ],
+
];
diff --git a/config/ldap_auth.php b/config/ldap_auth.php
deleted file mode 100644
index d2244bf..0000000
--- a/config/ldap_auth.php
+++ /dev/null
@@ -1,339 +0,0 @@
- env('LDAP_CONNECTION', 'default'),
-
- /*
- |--------------------------------------------------------------------------
- | Provider
- |--------------------------------------------------------------------------
- |
- | The LDAP authentication provider to use depending
- | if you require database synchronization.
- |
- | For synchronizing LDAP users to your local applications database, use the provider:
- |
- | Adldap\Laravel\Auth\DatabaseUserProvider::class
- |
- | Otherwise, if you just require LDAP authentication, use the provider:
- |
- | Adldap\Laravel\Auth\NoDatabaseUserProvider::class
- |
- */
-
- 'provider' => Adldap\Laravel\Auth\NoDatabaseUserProvider::class,
-
- /*
- |--------------------------------------------------------------------------
- | Model
- |--------------------------------------------------------------------------
- |
- | The model to utilize for authentication and importing.
- |
- | This option is only applicable to the DatabaseUserProvider.
- |
- */
-
- 'model' => App\User::class,
-
- /*
- |--------------------------------------------------------------------------
- | Rules
- |--------------------------------------------------------------------------
- |
- | Rules allow you to control user authentication requests depending on scenarios.
- |
- | You can create your own rules and insert them here.
- |
- | All rules must extend from the following class:
- |
- | Adldap\Laravel\Validation\Rules\Rule
- |
- */
-
- 'rules' => [
-
- // Denys deleted users from authenticating.
-
- Adldap\Laravel\Validation\Rules\DenyTrashed::class,
-
- // Allows only manually imported users to authenticate.
-
- // Adldap\Laravel\Validation\Rules\OnlyImported::class,
-
- ],
-
- /*
- |--------------------------------------------------------------------------
- | Scopes
- |--------------------------------------------------------------------------
- |
- | Scopes allow you to restrict the LDAP query that locates
- | users upon import and authentication.
- |
- | All scopes must implement the following interface:
- |
- | Adldap\Laravel\Scopes\ScopeInterface
- |
- */
-
- 'scopes' => [
-
- // Only allows users with a user principal name to authenticate.
- // Suitable when using ActiveDirectory.
- // Adldap\Laravel\Scopes\UpnScope::class,
-
- // Only allows users with a uid to authenticate.
- // Suitable when using OpenLDAP.
- // Adldap\Laravel\Scopes\UidScope::class,
-
- ],
-
- 'identifiers' => [
-
- /*
- |--------------------------------------------------------------------------
- | LDAP
- |--------------------------------------------------------------------------
- |
- | Locate Users By:
- |
- | This value is the users attribute you would like to locate LDAP
- | users by in your directory.
- |
- | For example, using the default configuration below, if you're
- | authenticating users with an email address, your LDAP server
- | will be queried for a user with the a `userprincipalname`
- | equal to the entered email address.
- |
- | Bind Users By:
- |
- | This value is the users attribute you would
- | like to use to bind to your LDAP server.
- |
- | For example, when a user is located by the above attribute,
- | the users attribute you specify below will be used as
- | the 'username' to bind to your LDAP server.
- |
- | This is usually their distinguished name.
- |
- */
-
- 'ldap' => [
-
- 'locate_users_by' => 'mail',
-
- 'bind_users_by' => 'dn',
-
- ],
-
- 'database' => [
-
- /*
- |--------------------------------------------------------------------------
- | GUID Column
- |--------------------------------------------------------------------------
- |
- | The value of this option is the database column that will contain the
- | LDAP users global identifier. This column does not need to be added
- | to the sync attributes below. It is synchronized automatically.
- |
- | This option is only applicable to the DatabaseUserProvider.
- |
- */
-
- 'guid_column' => 'objectguid',
-
- /*
- |--------------------------------------------------------------------------
- | Username Column
- |--------------------------------------------------------------------------
- |
- | The value of this option is the database column that contains your
- | users login username.
- |
- | This column must be added to your sync attributes below to be
- | properly synchronized.
- |
- | This option is only applicable to the DatabaseUserProvider.
- |
- */
-
- 'username_column' => 'mail',
-
- ],
-
- /*
- |--------------------------------------------------------------------------
- | Windows Authentication Middleware (SSO)
- |--------------------------------------------------------------------------
- |
- | Local Users By:
- |
- | This value is the users attribute you would like to locate LDAP
- | users by in your directory.
- |
- | For example, if 'samaccountname' is the value, then your LDAP server is
- | queried for a user with the 'samaccountname' equal to the value of
- | $_SERVER['AUTH_USER'].
- |
- | If a user is found, they are imported (if using the DatabaseUserProvider)
- | into your local database, then logged in.
- |
- | Server Key:
- |
- | This value represents the 'key' of the $_SERVER
- | array to pull the users account name from.
- |
- | For example, $_SERVER['AUTH_USER'].
- |
- */
-
- 'windows' => [
-
- 'locate_users_by' => 'samaccountname',
-
- 'server_key' => 'AUTH_USER',
-
- ],
-
- ],
-
- 'passwords' => [
-
- /*
- |--------------------------------------------------------------------------
- | Password Sync
- |--------------------------------------------------------------------------
- |
- | The password sync option allows you to automatically synchronize users
- | LDAP passwords to your local database. These passwords are hashed
- | natively by Laravel using the Hash::make() method.
- |
- | Enabling this option would also allow users to login to their accounts
- | using the password last used when an LDAP connection was present.
- |
- | If this option is disabled, the local database account is applied a
- | random 16 character hashed password upon first login, and will
- | lose access to this account upon loss of LDAP connectivity.
- |
- | This option is only applicable to the DatabaseUserProvider.
- |
- */
-
- 'sync' => env('LDAP_PASSWORD_SYNC', false),
-
- /*
- |--------------------------------------------------------------------------
- | Column
- |--------------------------------------------------------------------------
- |
- | This is the column of your users database table
- | that is used to store passwords.
- |
- | Set this to `null` if you do not have a password column.
- |
- | This option is only applicable to the DatabaseUserProvider.
- |
- */
-
- 'column' => 'password',
-
- ],
-
- /*
- |--------------------------------------------------------------------------
- | Login Fallback
- |--------------------------------------------------------------------------
- |
- | The login fallback option allows you to login as a user located on the
- | local database if active directory authentication fails.
- |
- | Set this to true if you would like to enable it.
- |
- | This option is only applicable to the DatabaseUserProvider.
- |
- */
-
- 'login_fallback' => env('LDAP_LOGIN_FALLBACK', false),
-
- /*
- |--------------------------------------------------------------------------
- | Sync Attributes
- |--------------------------------------------------------------------------
- |
- | Attributes specified here will be added / replaced on the user model
- | upon login, automatically synchronizing and keeping the attributes
- | up to date.
- |
- | The array key represents the users Laravel model key, and
- | the value represents the users LDAP attribute.
- |
- | You **must** include the users login attribute here.
- |
- | This option is only applicable to the DatabaseUserProvider.
- |
- */
-
- 'sync_attributes' => [
-
- 'mail' => 'userprincipalname',
-
- 'name' => 'cn',
-
- ],
-
- /*
- |--------------------------------------------------------------------------
- | Logging
- |--------------------------------------------------------------------------
- |
- | User authentication attempts will be logged using Laravel's
- | default logger if this setting is enabled.
- |
- | No credentials are logged, only usernames.
- |
- | This is usually stored in the '/storage/logs' directory
- | in the root of your application.
- |
- | This option is useful for debugging as well as auditing.
- |
- | You can freely remove any events you would not like to log below,
- | as well as use your own listeners if you would prefer.
- |
- */
-
- 'logging' => [
-
- 'enabled' => env('LDAP_LOGGING', true),
-
- 'events' => [
-
- \Adldap\Laravel\Events\Importing::class => \Adldap\Laravel\Listeners\LogImport::class,
- \Adldap\Laravel\Events\Synchronized::class => \Adldap\Laravel\Listeners\LogSynchronized::class,
- \Adldap\Laravel\Events\Synchronizing::class => \Adldap\Laravel\Listeners\LogSynchronizing::class,
- \Adldap\Laravel\Events\Authenticated::class => \Adldap\Laravel\Listeners\LogAuthenticated::class,
- \Adldap\Laravel\Events\Authenticating::class => \Adldap\Laravel\Listeners\LogAuthentication::class,
- \Adldap\Laravel\Events\AuthenticationFailed::class => \Adldap\Laravel\Listeners\LogAuthenticationFailure::class,
- \Adldap\Laravel\Events\AuthenticationRejected::class => \Adldap\Laravel\Listeners\LogAuthenticationRejection::class,
- \Adldap\Laravel\Events\AuthenticationSuccessful::class => \Adldap\Laravel\Listeners\LogAuthenticationSuccess::class,
- \Adldap\Laravel\Events\DiscoveredWithCredentials::class => \Adldap\Laravel\Listeners\LogDiscovery::class,
- \Adldap\Laravel\Events\AuthenticatedWithWindows::class => \Adldap\Laravel\Listeners\LogWindowsAuth::class,
- \Adldap\Laravel\Events\AuthenticatedModelTrashed::class => \Adldap\Laravel\Listeners\LogTrashedModel::class,
-
- ],
- ],
-
-];
diff --git a/resources/themes/architect/views/auth/login.blade.php b/resources/themes/architect/views/auth/login.blade.php
index bfc053e..9159526 100644
--- a/resources/themes/architect/views/auth/login.blade.php
+++ b/resources/themes/architect/views/auth/login.blade.php
@@ -14,20 +14,9 @@
@endisset
- @if (count($errors) > 0)
-