31f64edac3a1eb4167b0c4f73b43daa10d6aac8f
[TYPO3CMS/Extensions/ap_ldap_auth.git] / Classes / Utility / LDAPAuthUtility.php
1 <?php
2 namespace AP\ApLdapAuth\Utility;
3
4 use AP\ApLdapAuth\Domain\Model\Mapping\FeUsers,
5 AP\ApLdapAuth\Domain\Model\Config;
6
7 /**
8 * LDAP auth utility to fetch and create users and groups from LDAP
9 *
10 * @package TYPO3
11 * @subpackage tx_apldapauth
12 * @author Alexander Pankow <info@alexander-pankow.de>
13 */
14 class LDAPAuthUtility implements \TYPO3\CMS\Core\SingletonInterface {
15
16 /**
17 * @var \AP\ApLdapAuth\Domain\Repository\LDAPFeUserRepository|null
18 */
19 protected $ldapFeUserRepository = null;
20
21 /**
22 * LDAP configuration of found user
23 *
24 * @var Config|null
25 */
26 protected $currentConfig = null;
27
28 /**
29 * @var \TYPO3\CMS\Extbase\Object\ObjectManagerInterface
30 */
31 protected $objectManager = null;
32
33 /**
34 * @param \TYPO3\CMS\Extbase\Object\ObjectManagerInterface $objectManager
35 */
36 public function __construct(\TYPO3\CMS\Extbase\Object\ObjectManagerInterface $objectManager = null) {
37 if ($objectManager === null)
38 $this->objectManager = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Extbase\\Object\\ObjectManager');
39 else
40 $this->objectManager = $objectManager;
41 }
42
43 /**
44 * @see \AP\ApLdapAuth\Domain\Repository\LDAPFeUserRepository::checkUser()
45 * @param $username
46 * @param $password
47 * @return array|bool
48 */
49 public function checkUser($username, $password) {
50 switch (TYPO3_MODE) {
51 case 'FE':
52 $result = $this->getLdapFeUserRepository()->checkUser($username, $password);
53 if (!empty($result['config']))
54 $this->currentConfig = $result['config'];
55 return $result['ldapUser'];
56 case 'BE':
57 return false;
58 }
59
60 return false;
61 }
62
63 /**
64 * Synchronize user from LDAP directory with TYPO3 database
65 *
66 * @param array $ldapUser
67 * @return array|null
68 */
69 public function synchronizeUser(array $ldapUser) {
70 $userData = $this->getTypo3UserData($ldapUser);
71
72 // get user from database
73 $user = $this->selectUser($userData);
74
75 if (!$user) {
76 // create user
77 $user = $this->importUser($userData);
78 } else {
79 // update user
80 $user = $this->updateUser($userData);
81 }
82
83 return $user;
84 }
85
86 /**
87 * Gets user from TYPO3 database
88 *
89 * @param array $userData
90 * @return array|null
91 */
92 public function selectUser(array $userData) {
93 $user = $this->getTypo3DbConnection()->exec_SELECTgetRows(
94 '*',
95 TYPO3_MODE === 'BE' ? 'be_users' : 'fe_users',
96 'tx_apldapauth_dn = ' . $this->getTypo3DbConnection()->fullQuoteStr($userData['tx_apldapauth_dn'], TYPO3_MODE === 'BE' ? 'be_users' : 'fe_users')
97 );
98 return $user[0];
99 }
100
101 /**
102 * Import user from LDAP directory into TYPO3 database
103 *
104 * @param array $userData
105 * @return array|null
106 */
107 public function importUser(array $userData) {
108 $this->getTypo3DbConnection()->exec_INSERTquery(
109 TYPO3_MODE === 'BE' ? 'be_users' : 'fe_users',
110 $userData
111 );
112
113 return $this->selectUser($userData);
114 }
115
116 /**
117 * Updates user in TYPO3 database by data from LDAP directory
118 *
119 * @param array $userData
120 * @return array|null
121 */
122 public function updateUser(array $userData) {
123 $this->getTypo3DbConnection()->exec_UPDATEquery(
124 TYPO3_MODE === 'BE' ? 'be_users' : 'fe_users',
125 'tx_apldapauth_dn = ' . $this->getTypo3DbConnection()->fullQuoteStr($userData['tx_apldapauth_dn'], TYPO3_MODE === 'BE' ? 'be_users' : 'fe_users'),
126 $userData
127 );
128
129 return $this->selectUser($userData);
130 }
131
132 /**
133 * Get the data for TYPO3 database
134 *
135 * @param array $ldapUser
136 * @return array
137 */
138 public function getTypo3UserData(array $ldapUser) {
139 $mappings = $this->currentConfig->getFeUsersMapping();
140
141 // generate random password
142 $charSet = 'abdeghjmnpqrstuvxyzABDEGHJLMNPQRSTVWXYZ23456789@#$%';
143 $password = '';
144 for ($i = 0; $i < 16; $i++)
145 $password .= $charSet[(rand() % strlen($charSet))];
146
147 $usernameAttribute = LDAPConfigUtility::getUsernameAttribute($this->currentConfig->getFeUsersFilter());
148 $typo3UserData = array(
149 'username' => $ldapUser[$usernameAttribute][0],
150 'tx_apldapauth_dn' => $ldapUser['dn'],
151 'pid' => 0, // can be overwritten
152 'password' => $password
153 );
154 unset($mappings['pid']);
155
156 /** @var $mapping FeUsers */
157 foreach ($mappings as $mapping) {
158 $typo3FieldName = $mapping->getField();
159 $ldapAttribute = $mapping->getAttribute();
160 if (!$mapping->getIsImage()) {
161 // text fields
162 $typo3UserData[$typo3FieldName] = $mapping->getIsAttribute() ? $ldapUser[$ldapAttribute][0] : $mapping->getValue(); // use value of $ldapFieldName if field in $ldapUser doesn't exist
163 } else {
164 // image
165 $fileName = 'tx_apldapauth_' . md5($typo3UserData['tx_apldapauth_dn']) . '.jpg';
166 $imageFilePath = PATH_site . 'uploads/pics/' . $fileName;
167 $image = imagecreatefromstring($ldapUser[$ldapAttribute][0]);
168 $imageSaveSuccess = imagejpeg($image, $imageFilePath);
169 if ($imageSaveSuccess) $typo3UserData[$typo3FieldName] = $fileName;
170 }
171 }
172
173 return $typo3UserData;
174 }
175
176 /**
177 * @return \AP\ApLdapAuth\Domain\Repository\LDAPFeUserRepository|null
178 */
179 protected function getLdapFeUserRepository() {
180 if ($this->ldapFeUserRepository === null)
181 $this->ldapFeUserRepository = $this->objectManager->get('AP\\ApLdapAuth\\Domain\\Repository\\LDAPFeUserRepository');
182 return $this->ldapFeUserRepository;
183 }
184
185 /**
186 * @return \TYPO3\CMS\Dbal\Database\DatabaseConnection
187 */
188 protected function getTypo3DbConnection() {
189 return $GLOBALS['TYPO3_DB'];
190 }
191 }