X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/919660678bec2b94eaa84ac60d0313f5ef07dfb7..refs/pull/3918/head:/app/Auth/Access/Ldap.php

diff --git a/app/Auth/Access/Ldap.php b/app/Auth/Access/Ldap.php
index 468c37626..4bf6db474 100644
--- a/app/Auth/Access/Ldap.php
+++ b/app/Auth/Access/Ldap.php
@@ -1,54 +1,61 @@
-<?php namespace BookStack\Auth\Access;
+<?php
+
+namespace BookStack\Auth\Access;
 
 /**
  * Class Ldap
  * An object-orientated thin abstraction wrapper for common PHP LDAP functions.
  * Allows the standard LDAP functions to be mocked for testing.
- * @package BookStack\Services
  */
 class Ldap
 {
-
     /**
-     * Connect to a LDAP server.
-     * @param string $hostName
-     * @param int    $port
+     * Connect to an LDAP server.
+     *
      * @return resource
      */
-    public function connect($hostName, $port)
+    public function connect(string $hostName, int $port)
     {
         return ldap_connect($hostName, $port);
     }
 
     /**
      * Set the value of a LDAP option for the given connection.
+     *
      * @param resource $ldapConnection
-     * @param int $option
-     * @param mixed $value
-     * @return bool
+     * @param mixed    $value
      */
-    public function setOption($ldapConnection, $option, $value)
+    public function setOption($ldapConnection, int $option, $value): bool
     {
         return ldap_set_option($ldapConnection, $option, $value);
     }
 
+    /**
+     * Start TLS on the given LDAP connection.
+     */
+    public function startTls($ldapConnection): bool
+    {
+        return ldap_start_tls($ldapConnection);
+    }
+
     /**
      * Set the version number for the given ldap connection.
-     * @param $ldapConnection
-     * @param $version
-     * @return bool
+     *
+     * @param resource $ldapConnection
      */
-    public function setVersion($ldapConnection, $version)
+    public function setVersion($ldapConnection, int $version): bool
     {
         return $this->setOption($ldapConnection, LDAP_OPT_PROTOCOL_VERSION, $version);
     }
 
     /**
      * Search LDAP tree using the provided filter.
+     *
      * @param resource   $ldapConnection
      * @param string     $baseDn
      * @param string     $filter
      * @param array|null $attributes
+     *
      * @return resource
      */
     public function search($ldapConnection, $baseDn, $filter, array $attributes = null)
@@ -58,8 +65,10 @@ class Ldap
 
     /**
      * Get entries from an ldap search result.
+     *
      * @param resource $ldapConnection
      * @param resource $ldapSearchResult
+     *
      * @return array
      */
     public function getEntries($ldapConnection, $ldapSearchResult)
@@ -69,27 +78,59 @@ class Ldap
 
     /**
      * Search and get entries immediately.
+     *
      * @param resource   $ldapConnection
      * @param string     $baseDn
      * @param string     $filter
      * @param array|null $attributes
+     *
      * @return resource
      */
     public function searchAndGetEntries($ldapConnection, $baseDn, $filter, array $attributes = null)
     {
         $search = $this->search($ldapConnection, $baseDn, $filter, $attributes);
+
         return $this->getEntries($ldapConnection, $search);
     }
 
     /**
      * Bind to LDAP directory.
+     *
      * @param resource $ldapConnection
      * @param string   $bindRdn
      * @param string   $bindPassword
+     *
      * @return bool
      */
     public function bind($ldapConnection, $bindRdn = null, $bindPassword = null)
     {
         return ldap_bind($ldapConnection, $bindRdn, $bindPassword);
     }
+
+    /**
+     * Explode a LDAP dn string into an array of components.
+     *
+     * @param string $dn
+     * @param int    $withAttrib
+     *
+     * @return array
+     */
+    public function explodeDn(string $dn, int $withAttrib)
+    {
+        return ldap_explode_dn($dn, $withAttrib);
+    }
+
+    /**
+     * Escape a string for use in an LDAP filter.
+     *
+     * @param string $value
+     * @param string $ignore
+     * @param int    $flags
+     *
+     * @return string
+     */
+    public function escape(string $value, string $ignore = '', int $flags = 0)
+    {
+        return ldap_escape($value, $ignore, $flags);
+    }
 }