1<?php
2
3use dokuwiki\plugin\pureldap\classes\ADClient;
4use dokuwiki\plugin\pureldap\classes\Client;
5
6/**
7 * DokuWiki Plugin pureldap (Auth Component)
8 *
9 * @license GPL 2 http://www.gnu.org/licenses/gpl-2.0.html
10 * @author  Andreas Gohr <andi@splitbrain.org>
11 */
12class auth_plugin_pureldap extends DokuWiki_Auth_Plugin
13{
14    /** @var Client */
15    protected $client;
16
17    /**
18     * Constructor.
19     */
20    public function __construct()
21    {
22        global $conf;
23        parent::__construct(); // for compatibility
24
25        // prepare the base client
26        $this->loadConfig();
27        $this->conf['admin_password'] = conf_decodeString($this->conf['admin_password']);
28        $this->conf['defaultgroup'] = $conf['defaultgroup'];
29
30        $this->client = new ADClient($this->conf); // FIXME decide class on config
31
32        // set capabilities
33        $this->cando['getUsers'] = true;
34        $this->cando['getGroups'] = true;
35        $this->cando['logout'] = !$this->client->getConf('sso');
36
37        $this->success = true;
38    }
39
40    /** @inheritDoc */
41    public function checkPass($user, $pass)
42    {
43        global $INPUT;
44
45        // when SSO is enabled, the login is autotriggered and we simply trust the environment
46        if (
47            $this->client->getConf('sso') &&
48            $INPUT->server->str('REMOTE_USER') !== '' &&
49            $INPUT->server->str('REMOTE_USER') == $user
50        ) {
51            return true;
52        }
53
54        // use a separate client from the default one, because this is not a superuser bind
55        $client = new ADClient($this->conf); // FIXME decide class on config
56        return $client->authenticate($user, $pass);
57    }
58
59    /** @inheritDoc */
60    public function getUserData($user, $requireGroups = true)
61    {
62        $info = $this->client->getCachedUser($user, $requireGroups);
63        return $info ?: false;
64    }
65
66    /**
67     * @inheritDoc
68     */
69    public function retrieveUsers($start = 0, $limit = 0, $filter = null)
70    {
71        return array_slice(
72            $this->client->getFilteredUsers(
73                $filter,
74                Client::FILTER_CONTAINS
75            ),
76            $start,
77            $limit);
78    }
79
80    /** @inheritDoc */
81    public function retrieveGroups($start = 0, $limit = 0)
82    {
83        return array_slice($this->client->getCachedGroups(), $start, $limit);
84    }
85
86    /** @inheritDoc */
87    public function isCaseSensitive()
88    {
89        return false;
90    }
91
92    /** @inheritDoc */
93    public function cleanUser($user)
94    {
95        return $this->client->cleanUser($user);
96    }
97
98    /** @inheritDoc */
99    public function cleanGroup($group)
100    {
101        return $group;
102    }
103
104    /** @inheritDoc */
105    public function useSessionCache($user)
106    {
107        return true;
108    }
109}
110