Capture LDAP authentication failure when querying baseDNs
This commit is contained in:
parent
6751c9dd81
commit
482d9670e3
@ -44,7 +44,7 @@ class Entry extends Model
|
|||||||
* @throws ObjectNotFoundException
|
* @throws ObjectNotFoundException
|
||||||
* @testedin GetBaseDNTest::testBaseDNExists();
|
* @testedin GetBaseDNTest::testBaseDNExists();
|
||||||
*/
|
*/
|
||||||
public static function baseDNs($connection = NULL): ?Collection
|
public static function baseDNs($connection = NULL): Collection
|
||||||
{
|
{
|
||||||
$cachetime = Carbon::now()->addSeconds(Config::get('ldap.cache.time'));
|
$cachetime = Carbon::now()->addSeconds(Config::get('ldap.cache.time'));
|
||||||
|
|
||||||
@ -57,9 +57,107 @@ class Entry extends Model
|
|||||||
->whereHas('objectclass')
|
->whereHas('objectclass')
|
||||||
->firstOrFail();
|
->firstOrFail();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* LDAP Error Codes:
|
||||||
|
* https://ldap.com/ldap-result-code-reference/
|
||||||
|
* + success 0
|
||||||
|
* + operationsError 1
|
||||||
|
* + protocolError 2
|
||||||
|
* + timeLimitExceeded 3
|
||||||
|
* + sizeLimitExceeded 4
|
||||||
|
* + compareFalse 5
|
||||||
|
* + compareTrue 6
|
||||||
|
* + authMethodNotSupported 7
|
||||||
|
* + strongerAuthRequired 8
|
||||||
|
* + referral 10
|
||||||
|
* + adminLimitExceeded 11
|
||||||
|
* + unavailableCriticalExtension 12
|
||||||
|
* + confidentialityRequired 13
|
||||||
|
* + saslBindInProgress 14
|
||||||
|
* + noSuchAttribute 16
|
||||||
|
* + undefinedAttributeType 17
|
||||||
|
* + inappropriateMatching 18
|
||||||
|
* + constraintViolation 19
|
||||||
|
* + attributeOrValueExists 20
|
||||||
|
* + invalidAttributeSyntax 21
|
||||||
|
* + noSuchObject 32
|
||||||
|
* + aliasProblem 33
|
||||||
|
* + invalidDNSyntax 34
|
||||||
|
* + isLeaf 35
|
||||||
|
* + aliasDereferencingProblem 36
|
||||||
|
* + inappropriateAuthentication 48
|
||||||
|
* + invalidCredentials 49
|
||||||
|
* + insufficientAccessRights 50
|
||||||
|
* + busy 51
|
||||||
|
* + unavailable 52
|
||||||
|
* + unwillingToPerform 53
|
||||||
|
* + loopDetect 54
|
||||||
|
* + sortControlMissing 60
|
||||||
|
* + offsetRangeError 61
|
||||||
|
* + namingViolation 64
|
||||||
|
* + objectClassViolation 65
|
||||||
|
* + notAllowedOnNonLeaf 66
|
||||||
|
* + notAllowedOnRDN 67
|
||||||
|
* + entryAlreadyExists 68
|
||||||
|
* + objectClassModsProhibited 69
|
||||||
|
* + resultsTooLarge 70
|
||||||
|
* + affectsMultipleDSAs 71
|
||||||
|
* + virtualListViewError or controlError 76
|
||||||
|
* + other 80
|
||||||
|
* + serverDown 81
|
||||||
|
* + localError 82
|
||||||
|
* + encodingError 83
|
||||||
|
* + decodingError 84
|
||||||
|
* + timeout 85
|
||||||
|
* + authUnknown 86
|
||||||
|
* + filterError 87
|
||||||
|
* + userCanceled 88
|
||||||
|
* + paramError 89
|
||||||
|
* + noMemory 90
|
||||||
|
* + connectError 91
|
||||||
|
* + notSupported 92
|
||||||
|
* + controlNotFound 93
|
||||||
|
* + noResultsReturned 94
|
||||||
|
* + moreResultsToReturn 95
|
||||||
|
* + clientLoop 96
|
||||||
|
* + referralLimitExceeded 97
|
||||||
|
* + invalidResponse 100
|
||||||
|
* + ambiguousResponse 101
|
||||||
|
* + tlsNotSupported 112
|
||||||
|
* + intermediateResponse 113
|
||||||
|
* + unknownType 114
|
||||||
|
* + canceled 118
|
||||||
|
* + noSuchOperation 119
|
||||||
|
* + tooLate 120
|
||||||
|
* + cannotCancel 121
|
||||||
|
* + assertionFailed 122
|
||||||
|
* + authorizationDenied 123
|
||||||
|
* + e-syncRefreshRequired 4096
|
||||||
|
* + noOperation 16654
|
||||||
|
*
|
||||||
|
* LDAP Tag Codes:
|
||||||
|
* + A client bind operation 97
|
||||||
|
* + The entry for which you were searching 100
|
||||||
|
* + The result from a search operation 101
|
||||||
|
* + The result from a modify operation 103
|
||||||
|
* + The result from an add operation 105
|
||||||
|
* + The result from a delete operation 107
|
||||||
|
* + The result from a modify DN operation 109
|
||||||
|
* + The result from a compare operation 111
|
||||||
|
* + A search reference when the entry you perform your search on holds a referral to the entry you require.
|
||||||
|
* + Search references are expressed in terms of a referral.
|
||||||
|
* 115
|
||||||
|
* + A result from an extended operation 120
|
||||||
|
*/
|
||||||
// If we cannot get to our LDAP server we'll head straight to the error page
|
// If we cannot get to our LDAP server we'll head straight to the error page
|
||||||
} catch (LdapRecordException $e) {
|
} catch (LdapRecordException $e) {
|
||||||
abort(597,$e->getMessage());
|
switch ($e->getDetailedError()->getErrorCode()) {
|
||||||
|
case 49:
|
||||||
|
abort(401,$e->getDetailedError()->getErrorMessage());
|
||||||
|
|
||||||
|
default:
|
||||||
|
abort(597,$e->getDetailedError()->getErrorMessage());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
Loading…
Reference in New Issue
Block a user