]> BookStack Code Mirror - bookstack/blob - app/Providers/LdapUserProvider.php
Merge branch 'master' of https://github.com/BookStackApp/BookStack
[bookstack] / app / Providers / LdapUserProvider.php
1 <?php
2
3 namespace BookStack\Providers;
4
5
6 use BookStack\Role;
7 use BookStack\Services\LdapService;
8 use BookStack\User;
9 use Illuminate\Contracts\Auth\Authenticatable;
10 use Illuminate\Contracts\Auth\UserProvider;
11
12 class LdapUserProvider implements UserProvider
13 {
14
15     /**
16      * The user model.
17      *
18      * @var string
19      */
20     protected $model;
21
22     /**
23      * @var LdapService
24      */
25     protected $ldapService;
26
27
28     /**
29      * LdapUserProvider constructor.
30      * @param             $model
31      * @param LdapService $ldapService
32      */
33     public function __construct($model, LdapService $ldapService)
34     {
35         $this->model = $model;
36         $this->ldapService = $ldapService;
37     }
38
39     /**
40      * Create a new instance of the model.
41      *
42      * @return \Illuminate\Database\Eloquent\Model
43      */
44     public function createModel()
45     {
46         $class = '\\' . ltrim($this->model, '\\');
47         return new $class;
48     }
49
50
51     /**
52      * Retrieve a user by their unique identifier.
53      *
54      * @param  mixed $identifier
55      * @return \Illuminate\Contracts\Auth\Authenticatable|null
56      */
57     public function retrieveById($identifier)
58     {
59         return $this->createModel()->newQuery()->find($identifier);
60     }
61
62     /**
63      * Retrieve a user by their unique identifier and "remember me" token.
64      *
65      * @param  mixed  $identifier
66      * @param  string $token
67      * @return \Illuminate\Contracts\Auth\Authenticatable|null
68      */
69     public function retrieveByToken($identifier, $token)
70     {
71         $model = $this->createModel();
72
73         return $model->newQuery()
74             ->where($model->getAuthIdentifierName(), $identifier)
75             ->where($model->getRememberTokenName(), $token)
76             ->first();
77     }
78
79
80     /**
81      * Update the "remember me" token for the given user in storage.
82      *
83      * @param  \Illuminate\Contracts\Auth\Authenticatable $user
84      * @param  string                                     $token
85      * @return void
86      */
87     public function updateRememberToken(Authenticatable $user, $token)
88     {
89         if ($user->exists) {
90             $user->setRememberToken($token);
91             $user->save();
92         }
93     }
94
95     /**
96      * Retrieve a user by the given credentials.
97      *
98      * @param  array $credentials
99      * @return \Illuminate\Contracts\Auth\Authenticatable|null
100      */
101     public function retrieveByCredentials(array $credentials)
102     {
103         // Get user via LDAP
104         $userDetails = $this->ldapService->getUserDetails($credentials['username']);
105         if ($userDetails === null) return null;
106
107         // Search current user base by looking up a uid
108         $model = $this->createModel();
109         $currentUser = $model->newQuery()
110             ->where('external_auth_id', $userDetails['uid'])
111             ->first();
112
113         if ($currentUser !== null) return $currentUser;
114
115         $model->name = $userDetails['name'];
116         $model->external_auth_id = $userDetails['uid'];
117         $model->email = $userDetails['email'];
118         $model->email_confirmed = false;
119         return $model;
120     }
121
122     /**
123      * Validate a user against the given credentials.
124      *
125      * @param  \Illuminate\Contracts\Auth\Authenticatable $user
126      * @param  array                                      $credentials
127      * @return bool
128      */
129     public function validateCredentials(Authenticatable $user, array $credentials)
130     {
131         return $this->ldapService->validateUserCredentials($user, $credentials['username'], $credentials['password']);
132     }
133 }