Swap out adldap2/adldap2 for directorytree/ldaprecord-laravel
This commit is contained in:
parent
f323be3d7f
commit
15ff508429
@ -44,3 +44,8 @@ PUSHER_APP_CLUSTER=mt1
|
|||||||
|
|
||||||
MIX_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
|
MIX_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
|
||||||
MIX_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"
|
MIX_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"
|
||||||
|
|
||||||
|
LDAP_HOST=
|
||||||
|
LDAP_BASE_DN=
|
||||||
|
LDAP_USERNAME=
|
||||||
|
LDAP_PASSWORD=
|
||||||
|
@ -26,7 +26,7 @@ With that PLA is going under a major revamp in preparation for v2 and will aim t
|
|||||||
|
|
||||||
Some of the creations planned to be used in v2 include:
|
Some of the creations planned to be used in v2 include:
|
||||||
* Laravel (https://laravel.com)
|
* Laravel (https://laravel.com)
|
||||||
* adldap2/adldap2 (https://github.com/Adldap2/Adldap2)
|
* directorytree/ldaprecord-laravel (https://ldaprecord.com/)
|
||||||
* JQuery (https://jquery.com)
|
* JQuery (https://jquery.com)
|
||||||
* FancyTree (https://github.com/mar10/fancytree)
|
* FancyTree (https://github.com/mar10/fancytree)
|
||||||
* ArchitectUI (https://architectui.com)
|
* ArchitectUI (https://architectui.com)
|
||||||
|
@ -2,8 +2,7 @@
|
|||||||
|
|
||||||
namespace App\Classes\LDAP;
|
namespace App\Classes\LDAP;
|
||||||
|
|
||||||
use Adldap\Adldap;
|
use App\Ldap\Entry;
|
||||||
use Adldap\Models\Entry;
|
|
||||||
use Illuminate\Support\Collection;
|
use Illuminate\Support\Collection;
|
||||||
|
|
||||||
class Server
|
class Server
|
||||||
@ -42,11 +41,10 @@ class Server
|
|||||||
protected function getDNAttrValues(string $dn,array $attrs=['*','+'],int $deref=LDAP_DEREF_NEVER): ?Entry
|
protected function getDNAttrValues(string $dn,array $attrs=['*','+'],int $deref=LDAP_DEREF_NEVER): ?Entry
|
||||||
{
|
{
|
||||||
try {
|
try {
|
||||||
return ($x=(new Adldap)
|
return ($x=(new Entry)
|
||||||
->addProvider(config('ldap.connections.default.settings'))
|
->query()
|
||||||
->search()
|
|
||||||
->select($attrs)
|
->select($attrs)
|
||||||
->findByDn($dn)) ? $x : NULL;
|
->find($dn)) ? $x : NULL;
|
||||||
|
|
||||||
// @todo Tidy up this exception
|
// @todo Tidy up this exception
|
||||||
} catch (\Exception $e) {
|
} catch (\Exception $e) {
|
||||||
@ -60,14 +58,13 @@ class Server
|
|||||||
* @param $dn
|
* @param $dn
|
||||||
* @return |null
|
* @return |null
|
||||||
*/
|
*/
|
||||||
public function fetch(string $dn,array $attributes=['*'])
|
public function fetch(string $dn,array $attrs=['*','+'])
|
||||||
{
|
{
|
||||||
try {
|
try {
|
||||||
return ($x=(new Adldap)
|
return ($x=(new Entry)
|
||||||
->addProvider(config('ldap.connections.default.settings'))
|
->query()
|
||||||
->search()
|
->select($attrs)
|
||||||
->select($attributes)
|
->find($dn)) ? $x : NULL;
|
||||||
->findByDn($dn)) ? $x : NULL;
|
|
||||||
|
|
||||||
// @todo Tidy up this exception
|
// @todo Tidy up this exception
|
||||||
} catch (\Exception $e) {
|
} catch (\Exception $e) {
|
||||||
@ -84,11 +81,9 @@ class Server
|
|||||||
public function query(string $dn)
|
public function query(string $dn)
|
||||||
{
|
{
|
||||||
try {
|
try {
|
||||||
return ($x=(new Adldap)
|
return ($x=(new Entry)
|
||||||
->addProvider(config('ldap.connections.default.settings'))
|
->query()
|
||||||
->search()
|
->setDn($dn)
|
||||||
->setBaseDn($dn)
|
|
||||||
//->select($attrs)
|
|
||||||
->listing()
|
->listing()
|
||||||
->get()) ? $x : NULL;
|
->get()) ? $x : NULL;
|
||||||
|
|
||||||
|
@ -3,9 +3,9 @@
|
|||||||
namespace App\Http\Controllers;
|
namespace App\Http\Controllers;
|
||||||
|
|
||||||
use Illuminate\Http\Request;
|
use Illuminate\Http\Request;
|
||||||
use Illuminate\Support\Collection;
|
|
||||||
use Illuminate\Support\Facades\Crypt;
|
use Illuminate\Support\Facades\Crypt;
|
||||||
use Illuminate\Support\Facades\Log;
|
use Illuminate\Support\Facades\Log;
|
||||||
|
use LdapRecord\Query\Collection;
|
||||||
|
|
||||||
use App\Classes\LDAP\Server;
|
use App\Classes\LDAP\Server;
|
||||||
|
|
||||||
@ -31,6 +31,10 @@ class APIController extends Controller
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param Request $request
|
||||||
|
* @return Collection
|
||||||
|
*/
|
||||||
public function query(Request $request): Collection
|
public function query(Request $request): Collection
|
||||||
{
|
{
|
||||||
$levels = $request->query('depth',1);
|
$levels = $request->query('depth',1);
|
||||||
@ -41,14 +45,12 @@ class APIController extends Controller
|
|||||||
->query($dn)
|
->query($dn)
|
||||||
->transform(function($item) {
|
->transform(function($item) {
|
||||||
return [
|
return [
|
||||||
'title'=>$item->getDistinguishedName(),
|
'title'=>$item->getDn(),
|
||||||
'item'=>Crypt::encryptString($item->getDistinguishedName()),
|
'item'=>Crypt::encryptString($item->getDn()),
|
||||||
'icon'=>'fa-fw fas fa-sitemap',
|
'icon'=>'fa-fw fas fa-sitemap',
|
||||||
'lazy'=>TRUE,
|
'lazy'=>TRUE,
|
||||||
'tooltip'=>$item->getDistinguishedName(),
|
'tooltip'=>$item->getDn(),
|
||||||
];
|
];
|
||||||
});
|
});
|
||||||
|
|
||||||
Log::debug(sprintf('%s: Query [%s] - Levels [%d]: %s',__METHOD__,$dn,$levels,serialize($x)));
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -5,6 +5,7 @@ namespace App\Http\Controllers\Auth;
|
|||||||
use App\Http\Controllers\Controller;
|
use App\Http\Controllers\Controller;
|
||||||
use App\Providers\RouteServiceProvider;
|
use App\Providers\RouteServiceProvider;
|
||||||
use Illuminate\Foundation\Auth\AuthenticatesUsers;
|
use Illuminate\Foundation\Auth\AuthenticatesUsers;
|
||||||
|
use Illuminate\Http\Request;
|
||||||
|
|
||||||
class LoginController extends Controller
|
class LoginController extends Controller
|
||||||
{
|
{
|
||||||
@ -38,6 +39,14 @@ class LoginController extends Controller
|
|||||||
$this->middleware('guest')->except('logout');
|
$this->middleware('guest')->except('logout');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
protected function credentials(Request $request): array
|
||||||
|
{
|
||||||
|
return [
|
||||||
|
'mail' => $request->get('email'),
|
||||||
|
'password' => $request->get('password'),
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Show our themed login page
|
* Show our themed login page
|
||||||
*/
|
*/
|
||||||
@ -50,14 +59,4 @@ class LoginController extends Controller
|
|||||||
|
|
||||||
return view('architect::auth.login')->with('login_note',$login_note);
|
return view('architect::auth.login')->with('login_note',$login_note);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Get the login username to be used by the controller.
|
|
||||||
*
|
|
||||||
* @return string
|
|
||||||
*/
|
|
||||||
public function username()
|
|
||||||
{
|
|
||||||
return config('ldap_auth.identifiers.ldap.locate_users_by');
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
15
app/Ldap/Entry.php
Normal file
15
app/Ldap/Entry.php
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace App\Ldap;
|
||||||
|
|
||||||
|
use LdapRecord\Models\Model;
|
||||||
|
|
||||||
|
class Entry extends Model
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* The object classes of the LDAP model.
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public static $objectClasses = [];
|
||||||
|
}
|
20
app/Ldap/User.php
Normal file
20
app/Ldap/User.php
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace App\Ldap;
|
||||||
|
|
||||||
|
use Laravel\Passport\HasApiTokens;
|
||||||
|
use LdapRecord\Models\OpenLDAP\User as Model;
|
||||||
|
|
||||||
|
class User extends Model
|
||||||
|
{
|
||||||
|
use HasApiTokens;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The object classes of the LDAP model.
|
||||||
|
*
|
||||||
|
* @var array
|
||||||
|
*/
|
||||||
|
public static $objectClasses = [
|
||||||
|
'posixAccount',
|
||||||
|
];
|
||||||
|
}
|
@ -1,81 +0,0 @@
|
|||||||
<?php
|
|
||||||
|
|
||||||
namespace App;
|
|
||||||
|
|
||||||
use Laravel\Passport\HasApiTokens;
|
|
||||||
use Adldap\Models\User as BaseModel;
|
|
||||||
|
|
||||||
class LdapUser extends BaseModel
|
|
||||||
{
|
|
||||||
use HasApiTokens;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get all of the user's registered OAuth clients.
|
|
||||||
*
|
|
||||||
* @return \Illuminate\Database\Eloquent\Relations\HasMany
|
|
||||||
*/
|
|
||||||
public function clients()
|
|
||||||
{
|
|
||||||
// return $this->hasMany(Passport::clientModel(), 'user_id');
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get all of the access tokens for the user.
|
|
||||||
*
|
|
||||||
* @return \Illuminate\Database\Eloquent\Relations\HasMany
|
|
||||||
*/
|
|
||||||
public function tokens()
|
|
||||||
{
|
|
||||||
// return $this->hasMany(Passport::tokenModel(), 'user_id')->orderBy('created_at', 'desc');
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get the current access token being used by the user.
|
|
||||||
*
|
|
||||||
* @return \Laravel\Passport\Token|null
|
|
||||||
*/
|
|
||||||
public function token()
|
|
||||||
{
|
|
||||||
return $this->accessToken;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Determine if the current API token has a given scope.
|
|
||||||
*
|
|
||||||
* @param string $scope
|
|
||||||
* @return bool
|
|
||||||
*/
|
|
||||||
public function tokenCan($scope)
|
|
||||||
{
|
|
||||||
return $this->accessToken ? $this->accessToken->can($scope) : false;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Create a new personal access token for the user.
|
|
||||||
*
|
|
||||||
* @param string $name
|
|
||||||
* @param array $scopes
|
|
||||||
*
|
|
||||||
* @return \Laravel\Passport\PersonalAccessTokenResult
|
|
||||||
*/
|
|
||||||
public function createToken($name, array $scopes = [])
|
|
||||||
{
|
|
||||||
return Container::getInstance()->make(PersonalAccessTokenFactory::class)->make(
|
|
||||||
$this->getKey(), $name, $scopes
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Set the current access token for the user.
|
|
||||||
*
|
|
||||||
* @param \Laravel\Passport\Token $accessToken
|
|
||||||
*
|
|
||||||
* @return $this
|
|
||||||
*/
|
|
||||||
public function withAccessToken($accessToken)
|
|
||||||
{
|
|
||||||
$this->accessToken = $accessToken;
|
|
||||||
|
|
||||||
return $this;
|
|
||||||
}
|
|
||||||
}
|
|
@ -9,7 +9,7 @@
|
|||||||
"license": "MIT",
|
"license": "MIT",
|
||||||
"require": {
|
"require": {
|
||||||
"php": "^7.2.5",
|
"php": "^7.2.5",
|
||||||
"adldap2/adldap2-laravel": "^6.0",
|
"directorytree/ldaprecord-laravel": "^1.7",
|
||||||
"fideloper/proxy": "^4.2",
|
"fideloper/proxy": "^4.2",
|
||||||
"fruitcake/laravel-cors": "^2.0",
|
"fruitcake/laravel-cors": "^2.0",
|
||||||
"guzzlehttp/guzzle": "^6.3",
|
"guzzlehttp/guzzle": "^6.3",
|
||||||
|
273
composer.lock
generated
273
composer.lock
generated
@ -4,121 +4,8 @@
|
|||||||
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
|
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
|
||||||
"This file is @generated automatically"
|
"This file is @generated automatically"
|
||||||
],
|
],
|
||||||
"content-hash": "6af914ca38690bee00357e0090846450",
|
"content-hash": "3305fba3e359e4cd7e2d41c6a65c7437",
|
||||||
"packages": [
|
"packages": [
|
||||||
{
|
|
||||||
"name": "adldap2/adldap2",
|
|
||||||
"version": "v10.3.0",
|
|
||||||
"source": {
|
|
||||||
"type": "git",
|
|
||||||
"url": "https://github.com/Adldap2/Adldap2.git",
|
|
||||||
"reference": "1294c92746e3fb3bb59cd7756ca7838a1e705a2a"
|
|
||||||
},
|
|
||||||
"dist": {
|
|
||||||
"type": "zip",
|
|
||||||
"url": "https://api.github.com/repos/Adldap2/Adldap2/zipball/1294c92746e3fb3bb59cd7756ca7838a1e705a2a",
|
|
||||||
"reference": "1294c92746e3fb3bb59cd7756ca7838a1e705a2a",
|
|
||||||
"shasum": ""
|
|
||||||
},
|
|
||||||
"require": {
|
|
||||||
"ext-json": "*",
|
|
||||||
"ext-ldap": "*",
|
|
||||||
"illuminate/contracts": "~5.0|~6.0|~7.0",
|
|
||||||
"php": ">=7.0",
|
|
||||||
"psr/log": "~1.0",
|
|
||||||
"psr/simple-cache": "~1.0",
|
|
||||||
"tightenco/collect": "~5.0|~6.0|~7.0"
|
|
||||||
},
|
|
||||||
"require-dev": {
|
|
||||||
"mockery/mockery": "~1.0",
|
|
||||||
"phpunit/phpunit": "~6.0"
|
|
||||||
},
|
|
||||||
"suggest": {
|
|
||||||
"ext-fileinfo": "fileinfo is required when retrieving user encoded thumbnails"
|
|
||||||
},
|
|
||||||
"type": "library",
|
|
||||||
"autoload": {
|
|
||||||
"psr-4": {
|
|
||||||
"Adldap\\": "src/"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"notification-url": "https://packagist.org/downloads/",
|
|
||||||
"license": [
|
|
||||||
"MIT"
|
|
||||||
],
|
|
||||||
"authors": [
|
|
||||||
{
|
|
||||||
"name": "Steve Bauman",
|
|
||||||
"email": "steven_bauman@outlook.com",
|
|
||||||
"role": "Developer"
|
|
||||||
}
|
|
||||||
],
|
|
||||||
"description": "A PHP LDAP Package for humans.",
|
|
||||||
"keywords": [
|
|
||||||
"active directory",
|
|
||||||
"ad",
|
|
||||||
"adLDAP",
|
|
||||||
"adldap2",
|
|
||||||
"directory",
|
|
||||||
"ldap",
|
|
||||||
"windows"
|
|
||||||
],
|
|
||||||
"time": "2020-05-04T21:10:15+00:00"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"name": "adldap2/adldap2-laravel",
|
|
||||||
"version": "v6.1.1",
|
|
||||||
"source": {
|
|
||||||
"type": "git",
|
|
||||||
"url": "https://github.com/Adldap2/Adldap2-Laravel.git",
|
|
||||||
"reference": "c72a2e3757919c39d6a03bd345ec4e586284825c"
|
|
||||||
},
|
|
||||||
"dist": {
|
|
||||||
"type": "zip",
|
|
||||||
"url": "https://api.github.com/repos/Adldap2/Adldap2-Laravel/zipball/c72a2e3757919c39d6a03bd345ec4e586284825c",
|
|
||||||
"reference": "c72a2e3757919c39d6a03bd345ec4e586284825c",
|
|
||||||
"shasum": ""
|
|
||||||
},
|
|
||||||
"require": {
|
|
||||||
"adldap2/adldap2": "^10.1",
|
|
||||||
"illuminate/support": "~5.5|~6.0|~7.0",
|
|
||||||
"php": ">=7.1"
|
|
||||||
},
|
|
||||||
"require-dev": {
|
|
||||||
"mockery/mockery": "~1.0",
|
|
||||||
"orchestra/testbench": "~3.7",
|
|
||||||
"phpunit/phpunit": "~7.0"
|
|
||||||
},
|
|
||||||
"type": "project",
|
|
||||||
"extra": {
|
|
||||||
"laravel": {
|
|
||||||
"providers": [
|
|
||||||
"Adldap\\Laravel\\AdldapServiceProvider",
|
|
||||||
"Adldap\\Laravel\\AdldapAuthServiceProvider"
|
|
||||||
],
|
|
||||||
"aliases": {
|
|
||||||
"Adldap": "Adldap\\Laravel\\Facades\\Adldap"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"autoload": {
|
|
||||||
"psr-4": {
|
|
||||||
"Adldap\\Laravel\\": "src/"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"notification-url": "https://packagist.org/downloads/",
|
|
||||||
"license": [
|
|
||||||
"MIT"
|
|
||||||
],
|
|
||||||
"description": "LDAP Authentication & Management for Laravel.",
|
|
||||||
"keywords": [
|
|
||||||
"adLDAP",
|
|
||||||
"adldap2",
|
|
||||||
"laravel",
|
|
||||||
"ldap"
|
|
||||||
],
|
|
||||||
"time": "2020-06-02T00:45:05+00:00"
|
|
||||||
},
|
|
||||||
{
|
{
|
||||||
"name": "asm89/stack-cors",
|
"name": "asm89/stack-cors",
|
||||||
"version": "v2.0.1",
|
"version": "v2.0.1",
|
||||||
@ -345,6 +232,130 @@
|
|||||||
],
|
],
|
||||||
"time": "2018-07-24T23:27:56+00:00"
|
"time": "2018-07-24T23:27:56+00:00"
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
"name": "directorytree/ldaprecord",
|
||||||
|
"version": "v1.10.1",
|
||||||
|
"source": {
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://github.com/DirectoryTree/LdapRecord.git",
|
||||||
|
"reference": "601e2fb47802795b27ea6052e78557c56f397082"
|
||||||
|
},
|
||||||
|
"dist": {
|
||||||
|
"type": "zip",
|
||||||
|
"url": "https://api.github.com/repos/DirectoryTree/LdapRecord/zipball/601e2fb47802795b27ea6052e78557c56f397082",
|
||||||
|
"reference": "601e2fb47802795b27ea6052e78557c56f397082",
|
||||||
|
"shasum": ""
|
||||||
|
},
|
||||||
|
"require": {
|
||||||
|
"ext-json": "*",
|
||||||
|
"ext-ldap": "*",
|
||||||
|
"illuminate/contracts": "^5.0|^6.0|^7.0|^8.0",
|
||||||
|
"nesbot/carbon": "^1.0|^2.0",
|
||||||
|
"php": ">=7.2",
|
||||||
|
"psr/log": "^1.0",
|
||||||
|
"psr/simple-cache": "^1.0",
|
||||||
|
"tightenco/collect": "^5.0|^6.0|^7.0|^8.0"
|
||||||
|
},
|
||||||
|
"require-dev": {
|
||||||
|
"mockery/mockery": "^1.0",
|
||||||
|
"phpunit/phpunit": "^6.0"
|
||||||
|
},
|
||||||
|
"type": "library",
|
||||||
|
"autoload": {
|
||||||
|
"psr-4": {
|
||||||
|
"LdapRecord\\": "src/"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"notification-url": "https://packagist.org/downloads/",
|
||||||
|
"license": [
|
||||||
|
"MIT"
|
||||||
|
],
|
||||||
|
"authors": [
|
||||||
|
{
|
||||||
|
"name": "Steve Bauman",
|
||||||
|
"email": "steven_bauman@outlook.com",
|
||||||
|
"role": "Developer"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"description": "A fully-featured LDAP ORM.",
|
||||||
|
"homepage": "https://www.ldaprecord.com",
|
||||||
|
"keywords": [
|
||||||
|
"active directory",
|
||||||
|
"ad",
|
||||||
|
"adLDAP",
|
||||||
|
"adldap2",
|
||||||
|
"directory",
|
||||||
|
"ldap",
|
||||||
|
"ldaprecord",
|
||||||
|
"orm",
|
||||||
|
"windows"
|
||||||
|
],
|
||||||
|
"funding": [
|
||||||
|
{
|
||||||
|
"url": "https://github.com/stevebauman",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"time": "2020-09-08T16:57:58+00:00"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"name": "directorytree/ldaprecord-laravel",
|
||||||
|
"version": "v1.7.1",
|
||||||
|
"source": {
|
||||||
|
"type": "git",
|
||||||
|
"url": "https://github.com/DirectoryTree/LdapRecord-Laravel.git",
|
||||||
|
"reference": "98e6698057321aef9d777bfe312bd1d968a5d67e"
|
||||||
|
},
|
||||||
|
"dist": {
|
||||||
|
"type": "zip",
|
||||||
|
"url": "https://api.github.com/repos/DirectoryTree/LdapRecord-Laravel/zipball/98e6698057321aef9d777bfe312bd1d968a5d67e",
|
||||||
|
"reference": "98e6698057321aef9d777bfe312bd1d968a5d67e",
|
||||||
|
"shasum": ""
|
||||||
|
},
|
||||||
|
"require": {
|
||||||
|
"directorytree/ldaprecord": "^1.8.2",
|
||||||
|
"ext-ldap": "*",
|
||||||
|
"illuminate/support": "^5.6|^6.0|^7.0|^8.0",
|
||||||
|
"php": ">=7.2"
|
||||||
|
},
|
||||||
|
"require-dev": {
|
||||||
|
"mockery/mockery": "~1.0",
|
||||||
|
"orchestra/testbench": "~3.7|~4.0|~5.0|~6.0",
|
||||||
|
"phpunit/phpunit": "~7.0|~8.0|~9.0"
|
||||||
|
},
|
||||||
|
"type": "project",
|
||||||
|
"extra": {
|
||||||
|
"laravel": {
|
||||||
|
"providers": [
|
||||||
|
"LdapRecord\\Laravel\\LdapServiceProvider",
|
||||||
|
"LdapRecord\\Laravel\\LdapAuthServiceProvider"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"autoload": {
|
||||||
|
"psr-4": {
|
||||||
|
"LdapRecord\\Laravel\\": "src/"
|
||||||
|
}
|
||||||
|
},
|
||||||
|
"notification-url": "https://packagist.org/downloads/",
|
||||||
|
"license": [
|
||||||
|
"MIT"
|
||||||
|
],
|
||||||
|
"description": "LDAP Authentication & Management for Laravel.",
|
||||||
|
"keywords": [
|
||||||
|
"adldap2",
|
||||||
|
"laravel",
|
||||||
|
"ldap",
|
||||||
|
"ldaprecord"
|
||||||
|
],
|
||||||
|
"funding": [
|
||||||
|
{
|
||||||
|
"url": "https://github.com/stevebauman",
|
||||||
|
"type": "github"
|
||||||
|
}
|
||||||
|
],
|
||||||
|
"time": "2020-09-08T18:14:11+00:00"
|
||||||
|
},
|
||||||
{
|
{
|
||||||
"name": "doctrine/inflector",
|
"name": "doctrine/inflector",
|
||||||
"version": "2.0.3",
|
"version": "2.0.3",
|
||||||
@ -2141,16 +2152,16 @@
|
|||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "nesbot/carbon",
|
"name": "nesbot/carbon",
|
||||||
"version": "2.39.1",
|
"version": "2.39.2",
|
||||||
"source": {
|
"source": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/briannesbitt/Carbon.git",
|
"url": "https://github.com/briannesbitt/Carbon.git",
|
||||||
"reference": "7af467873250583cc967a59ee9df29fabab193c1"
|
"reference": "326efde1bc09077a26cb77f6e2e32e13f06c27f2"
|
||||||
},
|
},
|
||||||
"dist": {
|
"dist": {
|
||||||
"type": "zip",
|
"type": "zip",
|
||||||
"url": "https://api.github.com/repos/briannesbitt/Carbon/zipball/7af467873250583cc967a59ee9df29fabab193c1",
|
"url": "https://api.github.com/repos/briannesbitt/Carbon/zipball/326efde1bc09077a26cb77f6e2e32e13f06c27f2",
|
||||||
"reference": "7af467873250583cc967a59ee9df29fabab193c1",
|
"reference": "326efde1bc09077a26cb77f6e2e32e13f06c27f2",
|
||||||
"shasum": ""
|
"shasum": ""
|
||||||
},
|
},
|
||||||
"require": {
|
"require": {
|
||||||
@ -2226,7 +2237,7 @@
|
|||||||
"type": "tidelift"
|
"type": "tidelift"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"time": "2020-09-04T13:11:37+00:00"
|
"time": "2020-09-10T12:16:42+00:00"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "nyholm/psr7",
|
"name": "nyholm/psr7",
|
||||||
@ -5389,16 +5400,16 @@
|
|||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "symfony/translation-contracts",
|
"name": "symfony/translation-contracts",
|
||||||
"version": "v2.1.3",
|
"version": "v2.2.0",
|
||||||
"source": {
|
"source": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/symfony/translation-contracts.git",
|
"url": "https://github.com/symfony/translation-contracts.git",
|
||||||
"reference": "616a9773c853097607cf9dd6577d5b143ffdcd63"
|
"reference": "77ce1c3627c9f39643acd9af086631f842c50c4d"
|
||||||
},
|
},
|
||||||
"dist": {
|
"dist": {
|
||||||
"type": "zip",
|
"type": "zip",
|
||||||
"url": "https://api.github.com/repos/symfony/translation-contracts/zipball/616a9773c853097607cf9dd6577d5b143ffdcd63",
|
"url": "https://api.github.com/repos/symfony/translation-contracts/zipball/77ce1c3627c9f39643acd9af086631f842c50c4d",
|
||||||
"reference": "616a9773c853097607cf9dd6577d5b143ffdcd63",
|
"reference": "77ce1c3627c9f39643acd9af086631f842c50c4d",
|
||||||
"shasum": ""
|
"shasum": ""
|
||||||
},
|
},
|
||||||
"require": {
|
"require": {
|
||||||
@ -5410,7 +5421,7 @@
|
|||||||
"type": "library",
|
"type": "library",
|
||||||
"extra": {
|
"extra": {
|
||||||
"branch-alias": {
|
"branch-alias": {
|
||||||
"dev-master": "2.1-dev"
|
"dev-master": "2.2-dev"
|
||||||
},
|
},
|
||||||
"thanks": {
|
"thanks": {
|
||||||
"name": "symfony/contracts",
|
"name": "symfony/contracts",
|
||||||
@ -5460,7 +5471,7 @@
|
|||||||
"type": "tidelift"
|
"type": "tidelift"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"time": "2020-07-06T13:23:11+00:00"
|
"time": "2020-09-07T11:33:47+00:00"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "symfony/var-dumper",
|
"name": "symfony/var-dumper",
|
||||||
@ -5554,16 +5565,16 @@
|
|||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "tightenco/collect",
|
"name": "tightenco/collect",
|
||||||
"version": "v7.26.1",
|
"version": "v8.0.0",
|
||||||
"source": {
|
"source": {
|
||||||
"type": "git",
|
"type": "git",
|
||||||
"url": "https://github.com/tightenco/collect.git",
|
"url": "https://github.com/tighten/collect.git",
|
||||||
"reference": "5e460929279ad806e59fc731e649e9b25fc8774a"
|
"reference": "90aa058ca9250eebc3e07f25377949f43855ecae"
|
||||||
},
|
},
|
||||||
"dist": {
|
"dist": {
|
||||||
"type": "zip",
|
"type": "zip",
|
||||||
"url": "https://api.github.com/repos/tightenco/collect/zipball/5e460929279ad806e59fc731e649e9b25fc8774a",
|
"url": "https://api.github.com/repos/tighten/collect/zipball/90aa058ca9250eebc3e07f25377949f43855ecae",
|
||||||
"reference": "5e460929279ad806e59fc731e649e9b25fc8774a",
|
"reference": "90aa058ca9250eebc3e07f25377949f43855ecae",
|
||||||
"shasum": ""
|
"shasum": ""
|
||||||
},
|
},
|
||||||
"require": {
|
"require": {
|
||||||
@ -5600,7 +5611,7 @@
|
|||||||
"collection",
|
"collection",
|
||||||
"laravel"
|
"laravel"
|
||||||
],
|
],
|
||||||
"time": "2020-09-05T00:05:48+00:00"
|
"time": "2020-09-08T16:43:13+00:00"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"name": "tijsverkoyen/css-to-inline-styles",
|
"name": "tijsverkoyen/css-to-inline-styles",
|
||||||
|
@ -38,7 +38,7 @@ return [
|
|||||||
'guards' => [
|
'guards' => [
|
||||||
'web' => [
|
'web' => [
|
||||||
'driver' => 'session',
|
'driver' => 'session',
|
||||||
'provider' => 'users',
|
'provider' => 'ldap',
|
||||||
],
|
],
|
||||||
|
|
||||||
'api' => [
|
'api' => [
|
||||||
@ -68,13 +68,18 @@ return [
|
|||||||
'providers' => [
|
'providers' => [
|
||||||
'users' => [
|
'users' => [
|
||||||
'driver' => 'ldap',
|
'driver' => 'ldap',
|
||||||
// 'model' => App\User::class,
|
'model' => App\Ldap\User::class,
|
||||||
],
|
],
|
||||||
|
|
||||||
// 'users' => [
|
// 'users' => [
|
||||||
// 'driver' => 'database',
|
// 'driver' => 'database',
|
||||||
// 'table' => 'users',
|
// 'table' => 'users',
|
||||||
// ],
|
// ],
|
||||||
|
|
||||||
|
'ldap' => [
|
||||||
|
'driver' => 'ldap',
|
||||||
|
'model' => App\Ldap\User::class,
|
||||||
|
],
|
||||||
],
|
],
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
264
config/ldap.php
264
config/ldap.php
@ -4,242 +4,70 @@ return [
|
|||||||
|
|
||||||
/*
|
/*
|
||||||
|--------------------------------------------------------------------------
|
|--------------------------------------------------------------------------
|
||||||
| Logging
|
| Default LDAP Connection Name
|
||||||
|--------------------------------------------------------------------------
|
|--------------------------------------------------------------------------
|
||||||
|
|
|
|
||||||
| This option enables logging all LDAP operations on all configured
|
| Here you may specify which of the LDAP connections below you wish
|
||||||
| connections such as bind requests and CRUD operations.
|
| to use as your default connection for all LDAP operations. Of
|
||||||
|
|
| course you may add as many connections you'd like below.
|
||||||
| Log entries will be created in your default logging stack.
|
|
||||||
|
|
|
||||||
| This option is extremely helpful for debugging connectivity issues.
|
|
||||||
|
|
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
'logging' => env('LDAP_LOGGING', false),
|
'default' => env('LDAP_CONNECTION', 'default'),
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|--------------------------------------------------------------------------
|
|--------------------------------------------------------------------------
|
||||||
| Connections
|
| LDAP Connections
|
||||||
|--------------------------------------------------------------------------
|
|--------------------------------------------------------------------------
|
||||||
|
|
|
|
||||||
| This array stores the connections that are added to Adldap. You can add
|
| Below you may configure each LDAP connection your application requires
|
||||||
| as many connections as you like.
|
| access to. Be sure to include a valid base DN - otherwise you may
|
||||||
|
|
| not receive any results when performing LDAP search operations.
|
||||||
| The key is the name of the connection you wish to use and the value is
|
|
||||||
| an array of configuration settings.
|
|
||||||
|
|
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
'connections' => [
|
'connections' => [
|
||||||
|
|
||||||
'default' => [
|
'default' => [
|
||||||
|
'hosts' => [env('LDAP_HOST', '127.0.0.1')],
|
||||||
/*
|
'username' => env('LDAP_USERNAME', 'cn=user,dc=local,dc=com'),
|
||||||
|--------------------------------------------------------------------------
|
'password' => env('LDAP_PASSWORD', 'secret'),
|
||||||
| Auto Connect
|
'port' => env('LDAP_PORT', 389),
|
||||||
|--------------------------------------------------------------------------
|
'base_dn' => env('LDAP_BASE_DN', 'dc=local,dc=com'),
|
||||||
|
|
'timeout' => env('LDAP_TIMEOUT', 5),
|
||||||
| If auto connect is true, Adldap will try to automatically connect to
|
'use_ssl' => env('LDAP_SSL', false),
|
||||||
| your LDAP server in your configuration. This allows you to assume
|
'use_tls' => env('LDAP_TLS', false),
|
||||||
| connectivity rather than having to connect manually
|
|
||||||
| in your application.
|
|
||||||
|
|
|
||||||
| If this is set to false, you **must** connect manually before running
|
|
||||||
| LDAP operations. Otherwise, you will receive exceptions.
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'auto_connect' => env('LDAP_AUTO_CONNECT', true),
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| Connection
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| The connection class to use to run raw LDAP operations on.
|
|
||||||
|
|
|
||||||
| Custom connection classes must implement:
|
|
||||||
|
|
|
||||||
| Adldap\Connections\ConnectionInterface
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'connection' => Adldap\Connections\Ldap::class,
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| Connection Settings
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| This connection settings array is directly passed into the Adldap constructor.
|
|
||||||
|
|
|
||||||
| Feel free to add or remove settings you don't need.
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'settings' => [
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| Schema
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| The schema class to use for retrieving attributes and generating models.
|
|
||||||
|
|
|
||||||
| You can also set this option to `null` to use the default schema class.
|
|
||||||
|
|
|
||||||
| For OpenLDAP, you must use the schema:
|
|
||||||
|
|
|
||||||
| Adldap\Schemas\OpenLDAP::class
|
|
||||||
|
|
|
||||||
| For FreeIPA, you must use the schema:
|
|
||||||
|
|
|
||||||
| Adldap\Schemas\FreeIPA::class
|
|
||||||
|
|
|
||||||
| Custom schema classes must implement Adldap\Schemas\SchemaInterface
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
//'schema' => Adldap\Schemas\OpenLDAP::class,
|
|
||||||
'schema' => App\Schema\Adldap::class,
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| Account Prefix
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| The account prefix option is the prefix of your user accounts in LDAP directory.
|
|
||||||
|
|
|
||||||
| This string is prepended to all authenticating users usernames.
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'account_prefix' => env('LDAP_ACCOUNT_PREFIX', 'prefix'),
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| Account Suffix
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| The account suffix option is the suffix of your user accounts in your LDAP directory.
|
|
||||||
|
|
|
||||||
| This string is appended to all authenticating users usernames.
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'account_suffix' => env('LDAP_ACCOUNT_SUFFIX', 'suffix'),
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| Domain Controllers
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| The domain controllers option is an array of servers located on your
|
|
||||||
| network that serve Active Directory. You can insert as many servers or
|
|
||||||
| as little as you'd like depending on your forest (with the
|
|
||||||
| minimum of one of course).
|
|
||||||
|
|
|
||||||
| These can be IP addresses of your server(s), or the host name.
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'hosts' => explode(' ', env('LDAP_HOSTS', 'corp-dc1.corp.acme.org corp-dc2.corp.acme.org')),
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| Port
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| The port option is used for authenticating and binding to your LDAP server.
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'port' => env('LDAP_PORT', 389),
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| Timeout
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| The timeout option allows you to configure the amount of time in
|
|
||||||
| seconds that your application waits until a response
|
|
||||||
| is received from your LDAP server.
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'timeout' => env('LDAP_TIMEOUT', 5),
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| Base Distinguished Name
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| The base distinguished name is the base distinguished name you'd
|
|
||||||
| like to perform query operations on. An example base DN would be:
|
|
||||||
|
|
|
||||||
| dc=corp,dc=acme,dc=org
|
|
||||||
|
|
|
||||||
| A correct base DN is required for any query results to be returned.
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'base_dn' => env('LDAP_BASE_DN', 'dc=corp,dc=acme,dc=org'),
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| LDAP Username & Password
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| When connecting to your LDAP server, a username and password is required
|
|
||||||
| to be able to query and run operations on your server(s). You can
|
|
||||||
| use any user account that has these permissions. This account
|
|
||||||
| does not need to be a domain administrator unless you
|
|
||||||
| require changing and resetting user passwords.
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'username' => env('LDAP_USERNAME'),
|
|
||||||
'password' => env('LDAP_PASSWORD'),
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| Follow Referrals
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| The follow referrals option is a boolean to tell active directory
|
|
||||||
| to follow a referral to another server on your network if the
|
|
||||||
| server queried knows the information your asking for exists,
|
|
||||||
| but does not yet contain a copy of it locally.
|
|
||||||
|
|
|
||||||
| This option is defaulted to false.
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'follow_referrals' => false,
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| SSL & TLS
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| If you need to be able to change user passwords on your server, then an
|
|
||||||
| SSL or TLS connection is required. All other operations are allowed
|
|
||||||
| on unsecured protocols.
|
|
||||||
|
|
|
||||||
| One of these options are definitely recommended if you
|
|
||||||
| have the ability to connect to your server securely.
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'use_ssl' => env('LDAP_USE_SSL', false),
|
|
||||||
'use_tls' => env('LDAP_USE_TLS', false),
|
|
||||||
|
|
||||||
],
|
|
||||||
|
|
||||||
'name' => 'OpenLDAP',
|
|
||||||
],
|
],
|
||||||
|
|
||||||
],
|
],
|
||||||
|
|
||||||
|
/*
|
||||||
|
|--------------------------------------------------------------------------
|
||||||
|
| LDAP Logging
|
||||||
|
|--------------------------------------------------------------------------
|
||||||
|
|
|
||||||
|
| When LDAP logging is enabled, all LDAP search and authentication
|
||||||
|
| operations are logged using the default application logging
|
||||||
|
| driver. This can assist in debugging issues and more.
|
||||||
|
|
|
||||||
|
*/
|
||||||
|
|
||||||
|
'logging' => env('LDAP_LOGGING', true),
|
||||||
|
|
||||||
|
/*
|
||||||
|
|--------------------------------------------------------------------------
|
||||||
|
| LDAP Cache
|
||||||
|
|--------------------------------------------------------------------------
|
||||||
|
|
|
||||||
|
| LDAP caching enables the ability of caching search results using the
|
||||||
|
| query builder. This is great for running expensive operations that
|
||||||
|
| may take many seconds to complete, such as a pagination request.
|
||||||
|
|
|
||||||
|
*/
|
||||||
|
|
||||||
|
'cache' => [
|
||||||
|
'enabled' => env('LDAP_CACHE', false),
|
||||||
|
'driver' => env('CACHE_DRIVER', 'file'),
|
||||||
|
],
|
||||||
|
|
||||||
];
|
];
|
||||||
|
@ -1,339 +0,0 @@
|
|||||||
<?php
|
|
||||||
|
|
||||||
return [
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| Connection
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| The LDAP connection to use for Laravel authentication.
|
|
||||||
|
|
|
||||||
| You must specify connections in your `config/ldap.php` configuration file.
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'connection' => env('LDAP_CONNECTION', 'default'),
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| Provider
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| The LDAP authentication provider to use depending
|
|
||||||
| if you require database synchronization.
|
|
||||||
|
|
|
||||||
| For synchronizing LDAP users to your local applications database, use the provider:
|
|
||||||
|
|
|
||||||
| Adldap\Laravel\Auth\DatabaseUserProvider::class
|
|
||||||
|
|
|
||||||
| Otherwise, if you just require LDAP authentication, use the provider:
|
|
||||||
|
|
|
||||||
| Adldap\Laravel\Auth\NoDatabaseUserProvider::class
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'provider' => Adldap\Laravel\Auth\NoDatabaseUserProvider::class,
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| Model
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| The model to utilize for authentication and importing.
|
|
||||||
|
|
|
||||||
| This option is only applicable to the DatabaseUserProvider.
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'model' => App\User::class,
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| Rules
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| Rules allow you to control user authentication requests depending on scenarios.
|
|
||||||
|
|
|
||||||
| You can create your own rules and insert them here.
|
|
||||||
|
|
|
||||||
| All rules must extend from the following class:
|
|
||||||
|
|
|
||||||
| Adldap\Laravel\Validation\Rules\Rule
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'rules' => [
|
|
||||||
|
|
||||||
// Denys deleted users from authenticating.
|
|
||||||
|
|
||||||
Adldap\Laravel\Validation\Rules\DenyTrashed::class,
|
|
||||||
|
|
||||||
// Allows only manually imported users to authenticate.
|
|
||||||
|
|
||||||
// Adldap\Laravel\Validation\Rules\OnlyImported::class,
|
|
||||||
|
|
||||||
],
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| Scopes
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| Scopes allow you to restrict the LDAP query that locates
|
|
||||||
| users upon import and authentication.
|
|
||||||
|
|
|
||||||
| All scopes must implement the following interface:
|
|
||||||
|
|
|
||||||
| Adldap\Laravel\Scopes\ScopeInterface
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'scopes' => [
|
|
||||||
|
|
||||||
// Only allows users with a user principal name to authenticate.
|
|
||||||
// Suitable when using ActiveDirectory.
|
|
||||||
// Adldap\Laravel\Scopes\UpnScope::class,
|
|
||||||
|
|
||||||
// Only allows users with a uid to authenticate.
|
|
||||||
// Suitable when using OpenLDAP.
|
|
||||||
// Adldap\Laravel\Scopes\UidScope::class,
|
|
||||||
|
|
||||||
],
|
|
||||||
|
|
||||||
'identifiers' => [
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| LDAP
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| Locate Users By:
|
|
||||||
|
|
|
||||||
| This value is the users attribute you would like to locate LDAP
|
|
||||||
| users by in your directory.
|
|
||||||
|
|
|
||||||
| For example, using the default configuration below, if you're
|
|
||||||
| authenticating users with an email address, your LDAP server
|
|
||||||
| will be queried for a user with the a `userprincipalname`
|
|
||||||
| equal to the entered email address.
|
|
||||||
|
|
|
||||||
| Bind Users By:
|
|
||||||
|
|
|
||||||
| This value is the users attribute you would
|
|
||||||
| like to use to bind to your LDAP server.
|
|
||||||
|
|
|
||||||
| For example, when a user is located by the above attribute,
|
|
||||||
| the users attribute you specify below will be used as
|
|
||||||
| the 'username' to bind to your LDAP server.
|
|
||||||
|
|
|
||||||
| This is usually their distinguished name.
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'ldap' => [
|
|
||||||
|
|
||||||
'locate_users_by' => 'mail',
|
|
||||||
|
|
||||||
'bind_users_by' => 'dn',
|
|
||||||
|
|
||||||
],
|
|
||||||
|
|
||||||
'database' => [
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| GUID Column
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| The value of this option is the database column that will contain the
|
|
||||||
| LDAP users global identifier. This column does not need to be added
|
|
||||||
| to the sync attributes below. It is synchronized automatically.
|
|
||||||
|
|
|
||||||
| This option is only applicable to the DatabaseUserProvider.
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'guid_column' => 'objectguid',
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| Username Column
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| The value of this option is the database column that contains your
|
|
||||||
| users login username.
|
|
||||||
|
|
|
||||||
| This column must be added to your sync attributes below to be
|
|
||||||
| properly synchronized.
|
|
||||||
|
|
|
||||||
| This option is only applicable to the DatabaseUserProvider.
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'username_column' => 'mail',
|
|
||||||
|
|
||||||
],
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| Windows Authentication Middleware (SSO)
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| Local Users By:
|
|
||||||
|
|
|
||||||
| This value is the users attribute you would like to locate LDAP
|
|
||||||
| users by in your directory.
|
|
||||||
|
|
|
||||||
| For example, if 'samaccountname' is the value, then your LDAP server is
|
|
||||||
| queried for a user with the 'samaccountname' equal to the value of
|
|
||||||
| $_SERVER['AUTH_USER'].
|
|
||||||
|
|
|
||||||
| If a user is found, they are imported (if using the DatabaseUserProvider)
|
|
||||||
| into your local database, then logged in.
|
|
||||||
|
|
|
||||||
| Server Key:
|
|
||||||
|
|
|
||||||
| This value represents the 'key' of the $_SERVER
|
|
||||||
| array to pull the users account name from.
|
|
||||||
|
|
|
||||||
| For example, $_SERVER['AUTH_USER'].
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'windows' => [
|
|
||||||
|
|
||||||
'locate_users_by' => 'samaccountname',
|
|
||||||
|
|
||||||
'server_key' => 'AUTH_USER',
|
|
||||||
|
|
||||||
],
|
|
||||||
|
|
||||||
],
|
|
||||||
|
|
||||||
'passwords' => [
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| Password Sync
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| The password sync option allows you to automatically synchronize users
|
|
||||||
| LDAP passwords to your local database. These passwords are hashed
|
|
||||||
| natively by Laravel using the Hash::make() method.
|
|
||||||
|
|
|
||||||
| Enabling this option would also allow users to login to their accounts
|
|
||||||
| using the password last used when an LDAP connection was present.
|
|
||||||
|
|
|
||||||
| If this option is disabled, the local database account is applied a
|
|
||||||
| random 16 character hashed password upon first login, and will
|
|
||||||
| lose access to this account upon loss of LDAP connectivity.
|
|
||||||
|
|
|
||||||
| This option is only applicable to the DatabaseUserProvider.
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'sync' => env('LDAP_PASSWORD_SYNC', false),
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| Column
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| This is the column of your users database table
|
|
||||||
| that is used to store passwords.
|
|
||||||
|
|
|
||||||
| Set this to `null` if you do not have a password column.
|
|
||||||
|
|
|
||||||
| This option is only applicable to the DatabaseUserProvider.
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'column' => 'password',
|
|
||||||
|
|
||||||
],
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| Login Fallback
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| The login fallback option allows you to login as a user located on the
|
|
||||||
| local database if active directory authentication fails.
|
|
||||||
|
|
|
||||||
| Set this to true if you would like to enable it.
|
|
||||||
|
|
|
||||||
| This option is only applicable to the DatabaseUserProvider.
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'login_fallback' => env('LDAP_LOGIN_FALLBACK', false),
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| Sync Attributes
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| Attributes specified here will be added / replaced on the user model
|
|
||||||
| upon login, automatically synchronizing and keeping the attributes
|
|
||||||
| up to date.
|
|
||||||
|
|
|
||||||
| The array key represents the users Laravel model key, and
|
|
||||||
| the value represents the users LDAP attribute.
|
|
||||||
|
|
|
||||||
| You **must** include the users login attribute here.
|
|
||||||
|
|
|
||||||
| This option is only applicable to the DatabaseUserProvider.
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'sync_attributes' => [
|
|
||||||
|
|
||||||
'mail' => 'userprincipalname',
|
|
||||||
|
|
||||||
'name' => 'cn',
|
|
||||||
|
|
||||||
],
|
|
||||||
|
|
||||||
/*
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
| Logging
|
|
||||||
|--------------------------------------------------------------------------
|
|
||||||
|
|
|
||||||
| User authentication attempts will be logged using Laravel's
|
|
||||||
| default logger if this setting is enabled.
|
|
||||||
|
|
|
||||||
| No credentials are logged, only usernames.
|
|
||||||
|
|
|
||||||
| This is usually stored in the '/storage/logs' directory
|
|
||||||
| in the root of your application.
|
|
||||||
|
|
|
||||||
| This option is useful for debugging as well as auditing.
|
|
||||||
|
|
|
||||||
| You can freely remove any events you would not like to log below,
|
|
||||||
| as well as use your own listeners if you would prefer.
|
|
||||||
|
|
|
||||||
*/
|
|
||||||
|
|
||||||
'logging' => [
|
|
||||||
|
|
||||||
'enabled' => env('LDAP_LOGGING', true),
|
|
||||||
|
|
||||||
'events' => [
|
|
||||||
|
|
||||||
\Adldap\Laravel\Events\Importing::class => \Adldap\Laravel\Listeners\LogImport::class,
|
|
||||||
\Adldap\Laravel\Events\Synchronized::class => \Adldap\Laravel\Listeners\LogSynchronized::class,
|
|
||||||
\Adldap\Laravel\Events\Synchronizing::class => \Adldap\Laravel\Listeners\LogSynchronizing::class,
|
|
||||||
\Adldap\Laravel\Events\Authenticated::class => \Adldap\Laravel\Listeners\LogAuthenticated::class,
|
|
||||||
\Adldap\Laravel\Events\Authenticating::class => \Adldap\Laravel\Listeners\LogAuthentication::class,
|
|
||||||
\Adldap\Laravel\Events\AuthenticationFailed::class => \Adldap\Laravel\Listeners\LogAuthenticationFailure::class,
|
|
||||||
\Adldap\Laravel\Events\AuthenticationRejected::class => \Adldap\Laravel\Listeners\LogAuthenticationRejection::class,
|
|
||||||
\Adldap\Laravel\Events\AuthenticationSuccessful::class => \Adldap\Laravel\Listeners\LogAuthenticationSuccess::class,
|
|
||||||
\Adldap\Laravel\Events\DiscoveredWithCredentials::class => \Adldap\Laravel\Listeners\LogDiscovery::class,
|
|
||||||
\Adldap\Laravel\Events\AuthenticatedWithWindows::class => \Adldap\Laravel\Listeners\LogWindowsAuth::class,
|
|
||||||
\Adldap\Laravel\Events\AuthenticatedModelTrashed::class => \Adldap\Laravel\Listeners\LogTrashedModel::class,
|
|
||||||
|
|
||||||
],
|
|
||||||
],
|
|
||||||
|
|
||||||
];
|
|
@ -14,20 +14,9 @@
|
|||||||
<br>
|
<br>
|
||||||
@endisset
|
@endisset
|
||||||
|
|
||||||
@if (count($errors) > 0)
|
|
||||||
<div class="alert alert-danger">
|
|
||||||
<strong>Whoops!</strong> {{ trans('adminlte_lang::message.someproblems') }}<br><br>
|
|
||||||
<ul>
|
|
||||||
@foreach ($errors->all() as $error)
|
|
||||||
<li>{{ $error }}</li>
|
|
||||||
@endforeach
|
|
||||||
</ul>
|
|
||||||
</div>
|
|
||||||
@endif
|
|
||||||
|
|
||||||
@if (Session::has('error'))
|
@if (Session::has('error'))
|
||||||
<div class="alert alert-danger">
|
<div class="alert alert-danger">
|
||||||
<strong>Whoops!</strong> {{ trans('adminlte_lang::message.someproblems') }}<br><br>
|
<strong>Hmm...</strong> {{ trans('message.someproblems') }}<br><br>
|
||||||
<ul>
|
<ul>
|
||||||
<li>{{ Session::get('error') }}</li>
|
<li>{{ Session::get('error') }}</li>
|
||||||
</ul>
|
</ul>
|
||||||
@ -42,20 +31,21 @@
|
|||||||
<div class="mx-auto app-login-box col-md-8">
|
<div class="mx-auto app-login-box col-md-8">
|
||||||
<div class="modal-dialog w-100 mx-auto">
|
<div class="modal-dialog w-100 mx-auto">
|
||||||
<div class="modal-content">
|
<div class="modal-content">
|
||||||
<form method="post">
|
<form method="post">
|
||||||
{{ csrf_field() }}
|
{{ csrf_field() }}
|
||||||
<div class="modal-body">
|
|
||||||
<div class="h5 modal-title text-center">
|
<div class="modal-body">
|
||||||
<h4 class="mt-2">
|
<div class="h5 modal-title text-center">
|
||||||
<div class="app-logo mx-auto mb-3"><img class="w-75" src="{{ url('img/logo-h-lg.png') }}"></div>
|
<h4 class="mt-2">
|
||||||
<small>Please sign in to your account below.</small>
|
<div class="app-logo mx-auto mb-3"><img class="w-75" src="{{ url('img/logo-h-lg.png') }}"></div>
|
||||||
</h4>
|
<small>Please sign in to your account below.</small>
|
||||||
</div>
|
</h4>
|
||||||
|
</div>
|
||||||
|
|
||||||
<div class="form-row">
|
<div class="form-row">
|
||||||
<div class="col-md-12">
|
<div class="col-md-12">
|
||||||
<div class="position-relative form-group">
|
<div class="position-relative form-group">
|
||||||
<input name="{{ config('ldap_auth.identifiers.ldap.locate_users_by') }}" id="user" placeholder="Email..." type="email" class="form-control">
|
<input name="email" id="user" placeholder="Email..." type="email" class="form-control">
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="col-md-12">
|
<div class="col-md-12">
|
||||||
@ -64,22 +54,32 @@
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
{{--
|
{{--
|
||||||
<div class="divider"></div>
|
<div class="divider"></div>
|
||||||
<h6 class="mb-0">No account? <a href="javascript:void(0);" class="text-primary">Sign up now</a></h6>
|
<h6 class="mb-0">No account? <a href="javascript:void(0);" class="text-primary">Sign up now</a></h6>
|
||||||
--}}
|
--}}
|
||||||
</div>
|
|
||||||
<div class="modal-footer">
|
|
||||||
{{--
|
|
||||||
<div class="float-left">
|
|
||||||
<a href="javascript:void(0);" class="btn-lg btn btn-link">Recover Password</a>
|
|
||||||
</div>
|
</div>
|
||||||
--}}
|
<div class="modal-footer">
|
||||||
<div class="float-right">
|
@if (count($errors) > 0)
|
||||||
<button class="btn btn-primary btn-lg">Login</button>
|
<div class="alert alert-danger w-100">
|
||||||
|
<strong>Whoops!</strong> Something went wrong?<br><br>
|
||||||
|
<ul>
|
||||||
|
@foreach ($errors->all() as $error)
|
||||||
|
<li>{{ $error }}</li>
|
||||||
|
@endforeach
|
||||||
|
</ul>
|
||||||
|
</div>
|
||||||
|
@endif
|
||||||
|
{{--
|
||||||
|
<div class="float-left">
|
||||||
|
<a href="javascript:void(0);" class="btn-lg btn btn-link">Recover Password</a>
|
||||||
|
</div>
|
||||||
|
--}}
|
||||||
|
<div class="float-right">
|
||||||
|
<button class="btn btn-primary btn-lg">Login</button>
|
||||||
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</form>
|
||||||
</form>
|
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
Loading…
Reference in New Issue
Block a user