Capture LDAP authentication failure when querying baseDNs
This commit is contained in:
parent
6751c9dd81
commit
482d9670e3
@ -44,7 +44,7 @@ class Entry extends Model
|
||||
* @throws ObjectNotFoundException
|
||||
* @testedin GetBaseDNTest::testBaseDNExists();
|
||||
*/
|
||||
public static function baseDNs($connection = NULL): ?Collection
|
||||
public static function baseDNs($connection = NULL): Collection
|
||||
{
|
||||
$cachetime = Carbon::now()->addSeconds(Config::get('ldap.cache.time'));
|
||||
|
||||
@ -57,9 +57,107 @@ class Entry extends Model
|
||||
->whereHas('objectclass')
|
||||
->firstOrFail();
|
||||
|
||||
/**
|
||||
* LDAP Error Codes:
|
||||
* https://ldap.com/ldap-result-code-reference/
|
||||
* + success 0
|
||||
* + operationsError 1
|
||||
* + protocolError 2
|
||||
* + timeLimitExceeded 3
|
||||
* + sizeLimitExceeded 4
|
||||
* + compareFalse 5
|
||||
* + compareTrue 6
|
||||
* + authMethodNotSupported 7
|
||||
* + strongerAuthRequired 8
|
||||
* + referral 10
|
||||
* + adminLimitExceeded 11
|
||||
* + unavailableCriticalExtension 12
|
||||
* + confidentialityRequired 13
|
||||
* + saslBindInProgress 14
|
||||
* + noSuchAttribute 16
|
||||
* + undefinedAttributeType 17
|
||||
* + inappropriateMatching 18
|
||||
* + constraintViolation 19
|
||||
* + attributeOrValueExists 20
|
||||
* + invalidAttributeSyntax 21
|
||||
* + noSuchObject 32
|
||||
* + aliasProblem 33
|
||||
* + invalidDNSyntax 34
|
||||
* + isLeaf 35
|
||||
* + aliasDereferencingProblem 36
|
||||
* + inappropriateAuthentication 48
|
||||
* + invalidCredentials 49
|
||||
* + insufficientAccessRights 50
|
||||
* + busy 51
|
||||
* + unavailable 52
|
||||
* + unwillingToPerform 53
|
||||
* + loopDetect 54
|
||||
* + sortControlMissing 60
|
||||
* + offsetRangeError 61
|
||||
* + namingViolation 64
|
||||
* + objectClassViolation 65
|
||||
* + notAllowedOnNonLeaf 66
|
||||
* + notAllowedOnRDN 67
|
||||
* + entryAlreadyExists 68
|
||||
* + objectClassModsProhibited 69
|
||||
* + resultsTooLarge 70
|
||||
* + affectsMultipleDSAs 71
|
||||
* + virtualListViewError or controlError 76
|
||||
* + other 80
|
||||
* + serverDown 81
|
||||
* + localError 82
|
||||
* + encodingError 83
|
||||
* + decodingError 84
|
||||
* + timeout 85
|
||||
* + authUnknown 86
|
||||
* + filterError 87
|
||||
* + userCanceled 88
|
||||
* + paramError 89
|
||||
* + noMemory 90
|
||||
* + connectError 91
|
||||
* + notSupported 92
|
||||
* + controlNotFound 93
|
||||
* + noResultsReturned 94
|
||||
* + moreResultsToReturn 95
|
||||
* + clientLoop 96
|
||||
* + referralLimitExceeded 97
|
||||
* + invalidResponse 100
|
||||
* + ambiguousResponse 101
|
||||
* + tlsNotSupported 112
|
||||
* + intermediateResponse 113
|
||||
* + unknownType 114
|
||||
* + canceled 118
|
||||
* + noSuchOperation 119
|
||||
* + tooLate 120
|
||||
* + cannotCancel 121
|
||||
* + assertionFailed 122
|
||||
* + authorizationDenied 123
|
||||
* + e-syncRefreshRequired 4096
|
||||
* + noOperation 16654
|
||||
*
|
||||
* LDAP Tag Codes:
|
||||
* + A client bind operation 97
|
||||
* + The entry for which you were searching 100
|
||||
* + The result from a search operation 101
|
||||
* + The result from a modify operation 103
|
||||
* + The result from an add operation 105
|
||||
* + The result from a delete operation 107
|
||||
* + The result from a modify DN operation 109
|
||||
* + The result from a compare operation 111
|
||||
* + A search reference when the entry you perform your search on holds a referral to the entry you require.
|
||||
* + Search references are expressed in terms of a referral.
|
||||
* 115
|
||||
* + A result from an extended operation 120
|
||||
*/
|
||||
// If we cannot get to our LDAP server we'll head straight to the error page
|
||||
} catch (LdapRecordException $e) {
|
||||
abort(597,$e->getMessage());
|
||||
switch ($e->getDetailedError()->getErrorCode()) {
|
||||
case 49:
|
||||
abort(401,$e->getDetailedError()->getErrorMessage());
|
||||
|
||||
default:
|
||||
abort(597,$e->getDetailedError()->getErrorMessage());
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
Loading…
Reference in New Issue
Block a user