* Note when using with Windows Active Directory: you may need to set TLS_CACERT in your site
* ldap.conf file to the signing cert for your LDAP server.
*
- * The configuration options for this module may be set in the config/local.ini.php file
+ * The configuration options for this module may be set in the config/addon.config.php file
* e.g.:
*
* [ldapauth]
*
* ...etc.
*/
-use Friendica\Core\Addon;
-use Friendica\Core\Config;
+
+use Friendica\Core\Hook;
+use Friendica\Core\Logger;
+use Friendica\DI;
use Friendica\Model\User;
+use Friendica\Util\ConfigFileLoader;
function ldapauth_install()
{
- Addon::registerHook('load_config', 'addon/ldapauth/ldapauth.php', 'ldapauth_load_config');
- Addon::registerHook('authenticate', 'addon/ldapauth/ldapauth.php', 'ldapauth_hook_authenticate');
+ Hook::register('load_config', 'addon/ldapauth/ldapauth.php', 'ldapauth_load_config');
+ Hook::register('authenticate', 'addon/ldapauth/ldapauth.php', 'ldapauth_hook_authenticate');
}
function ldapauth_uninstall()
{
- Addon::unregisterHook('load_config', 'addon/ldapauth/ldapauth.php', 'ldapauth_load_config');
- Addon::unregisterHook('authenticate', 'addon/ldapauth/ldapauth.php', 'ldapauth_hook_authenticate');
+ Hook::unregister('load_config', 'addon/ldapauth/ldapauth.php', 'ldapauth_load_config');
+ Hook::unregister('authenticate', 'addon/ldapauth/ldapauth.php', 'ldapauth_hook_authenticate');
}
-function ldapauth_load_config(\Friendica\App $a)
+function ldapauth_load_config(\Friendica\App $a, ConfigFileLoader $loader)
{
- $a->loadConfigFile(__DIR__. '/config/ldapauth.ini.php');
+ $a->getConfigCache()->load($loader->loadAddonConfig('ldapauth'));
}
function ldapauth_hook_authenticate($a, &$b)
function ldapauth_authenticate($username, $password)
{
- $ldap_server = Config::get('ldapauth', 'ldap_server');
- $ldap_binddn = Config::get('ldapauth', 'ldap_binddn');
- $ldap_bindpw = Config::get('ldapauth', 'ldap_bindpw');
- $ldap_searchdn = Config::get('ldapauth', 'ldap_searchdn');
- $ldap_userattr = Config::get('ldapauth', 'ldap_userattr');
- $ldap_group = Config::get('ldapauth', 'ldap_group');
- $ldap_autocreateaccount = Config::get('ldapauth', 'ldap_autocreateaccount');
- $ldap_autocreateaccount_emailattribute = Config::get('ldapauth', 'ldap_autocreateaccount_emailattribute');
- $ldap_autocreateaccount_nameattribute = Config::get('ldapauth', 'ldap_autocreateaccount_nameattribute');
+ $ldap_server = DI::config()->get('ldapauth', 'ldap_server');
+ $ldap_binddn = DI::config()->get('ldapauth', 'ldap_binddn');
+ $ldap_bindpw = DI::config()->get('ldapauth', 'ldap_bindpw');
+ $ldap_searchdn = DI::config()->get('ldapauth', 'ldap_searchdn');
+ $ldap_userattr = DI::config()->get('ldapauth', 'ldap_userattr');
+ $ldap_group = DI::config()->get('ldapauth', 'ldap_group');
+ $ldap_autocreateaccount = DI::config()->get('ldapauth', 'ldap_autocreateaccount');
+ $ldap_autocreateaccount_emailattribute = DI::config()->get('ldapauth', 'ldap_autocreateaccount_emailattribute');
+ $ldap_autocreateaccount_nameattribute = DI::config()->get('ldapauth', 'ldap_autocreateaccount_nameattribute');
if (!(strlen($password) && function_exists('ldap_connect') && strlen($ldap_server))) {
- logger("ldapauth: not configured or missing php-ldap module");
+ Logger::log("ldapauth: not configured or missing php-ldap module");
return false;
}
$connect = @ldap_connect($ldap_server);
if ($connect === false) {
- logger("ldapauth: could not connect to $ldap_server");
+ Logger::log("ldapauth: could not connect to $ldap_server");
return false;
}
@ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION, 3);
@ldap_set_option($connect, LDAP_OPT_REFERRALS, 0);
if ((@ldap_bind($connect, $ldap_binddn, $ldap_bindpw)) === false) {
- logger("ldapauth: could not bind $ldap_server as $ldap_binddn");
+ Logger::log("ldapauth: could not bind $ldap_server as $ldap_binddn");
return false;
}
$res = @ldap_search($connect, $ldap_searchdn, $ldap_userattr . '=' . $username);
if (!$res) {
- logger("ldapauth: $ldap_userattr=$username,$ldap_searchdn not found");
+ Logger::log("ldapauth: $ldap_userattr=$username,$ldap_searchdn not found");
return false;
}
@ldap_close($connect);
if ($eno === 32) {
- logger("ldapauth: access control group Does Not Exist");
+ Logger::log("ldapauth: access control group Does Not Exist");
return false;
} elseif ($eno === 16) {
- logger('ldapauth: membership attribute does not exist in access control group');
+ Logger::log('ldapauth: membership attribute does not exist in access control group');
return false;
} else {
- logger('ldapauth: error: ' . $err);
+ Logger::log('ldapauth: error: ' . $err);
return false;
}
} elseif ($r === false) {
try {
User::create($arr);
- logger("ldapauth: account " . $username . " created");
+ Logger::log("ldapauth: account " . $username . " created");
} catch (Exception $ex) {
- logger("ldapauth: account " . $username . " was not created ! : " . $ex->getMessage());
+ Logger::log("ldapauth: account " . $username . " was not created ! : " . $ex->getMessage());
}
} else {
- logger("ldapauth: unable to create account, no email or nickname found");
+ Logger::log("ldapauth: unable to create account, no email or nickname found");
}
}
}