revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-21 22:32:41 +01:00
Code Issues Releases Wiki Activity

Provide bin/auth ldap for LDAP diagnostics

Browse source 
Summary: Ref T1536.

Test Plan: Ran `bin/auth ldap`.

Reviewers: mbishopim3, chad

Reviewed By: mbishopim3

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6218
This commit is contained in:
epriestley 2013-06-17 13:26:25 -07:00
parent fded36cc21
commit c0cc7bbfdf
4 changed files with 100 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
scripts/setup/manage_auth.php
View file

@ -15,7 +15,8 @@ EOSYNOPSIS
$args->parseStandardArguments();
$workflows = array(
new PhabricatorAuthManagementListWorkflow(),
new PhabricatorAuthManagementRecoverWorkflow(),
new PhabricatorAuthManagementLDAPWorkflow(),
new PhutilHelpArgumentWorkflow(),
);

2
src/__phutil_library_map__.php
View file

@ -823,6 +823,7 @@ phutil_register_library_map(array(
'PhabricatorAuthLinkController' => 'applications/auth/controller/PhabricatorAuthLinkController.php',
'PhabricatorAuthListController' => 'applications/auth/controller/config/PhabricatorAuthListController.php',
'PhabricatorAuthLoginController' => 'applications/auth/controller/PhabricatorAuthLoginController.php',
'PhabricatorAuthManagementLDAPWorkflow' => 'applications/auth/management/PhabricatorAuthManagementLDAPWorkflow.php',
'PhabricatorAuthManagementRecoverWorkflow' => 'applications/auth/management/PhabricatorAuthManagementRecoverWorkflow.php',
'PhabricatorAuthManagementWorkflow' => 'applications/auth/management/PhabricatorAuthManagementWorkflow.php',
'PhabricatorAuthNewController' => 'applications/auth/controller/config/PhabricatorAuthNewController.php',
@ -2707,6 +2708,7 @@ phutil_register_library_map(array(
1 => 'PhabricatorApplicationSearchResultsControllerInterface',
),
'PhabricatorAuthLoginController' => 'PhabricatorAuthController',
'PhabricatorAuthManagementLDAPWorkflow' => 'PhabricatorAuthManagementWorkflow',
'PhabricatorAuthManagementRecoverWorkflow' => 'PhabricatorAuthManagementWorkflow',
'PhabricatorAuthManagementWorkflow' => 'PhutilArgumentWorkflow',
'PhabricatorAuthNewController' => 'PhabricatorAuthProviderConfigController',

71
src/applications/auth/management/PhabricatorAuthManagementLDAPWorkflow.php Normal file
View file

@ -0,0 +1,71 @@
<?php
final class PhabricatorAuthManagementLDAPWorkflow
extends PhabricatorAuthManagementWorkflow {
protected function didConstruct() {
$this
->setName('ldap')
->setExamples('**ldap**')
->setSynopsis(
pht('Analyze and diagnose issues with LDAP configuration.'));
}
public function execute(PhutilArgumentParser $args) {
$console = PhutilConsole::getConsole();
$console->getServer()->setEnableLog(true);
$provider = new PhabricatorAuthProviderLDAP();
if (!$provider->isEnabled()) {
$console->writeOut(
"%s\n",
"The LDAP authentication provider is not enabled.");
exit(1);
}
if (!function_exists('ldap_connect')) {
$console->writeOut(
"%s\n",
"The LDAP extension is not enabled.");
exit(1);
}
$adapter = $provider->getAdapter();
$adapter->setConsole($console);
$console->writeOut("%s\n", pht('LDAP CONFIGURATION'));
$adapter->printConfiguration();
$console->writeOut("%s\n", pht('Enter LDAP Credentials'));
$username = phutil_console_prompt("LDAP Username: ");
if (!strlen($username)) {
throw new PhutilArgumentUsageException(
pht("You must enter an LDAP username."));
}
phutil_passthru('stty -echo');
$password = phutil_console_prompt("LDAP Password: ");
phutil_passthru('stty echo');
if (!strlen($password)) {
throw new PhutilArgumentUsageException(
pht("You must enter an LDAP password."));
}
$adapter->setLoginUsername($username);
$adapter->setLoginPassword(new PhutilOpaqueEnvelope($password));
$console->writeOut("\n");
$console->writeOut("%s\n", pht('Connecting to LDAP...'));
$account_id = $adapter->getAccountID();
if ($account_id) {
$console->writeOut("%s\n", pht('Found LDAP Account: %s', $account_id));
} else {
$console->writeOut("%s\n", pht('Unable to find LDAP account!'));
}
return 0;
}
}

45
src/applications/auth/provider/PhabricatorAuthProvider.php
View file

@ -180,28 +180,33 @@ abstract class PhabricatorAuthProvider {
$account->setEmail($adapter->getAccountEmail());
$account->setAccountURI($adapter->getAccountURI());
try {
$name = PhabricatorSlug::normalize($this->getProviderName());
$name = $name.'-profile.jpg';
$account->setProfileImagePHID(null);
$image_uri = $adapter->getAccountImageURI();
if ($image_uri) {
try {
$name = PhabricatorSlug::normalize($this->getProviderName());
$name = $name.'-profile.jpg';
// TODO: If the image has not changed, we do not need to make a new
// file entry for it, but there's no convenient way to do this with
// PhabricatorFile right now. The storage will get shared, so the impact
// here is negligible.
// TODO: If the image has not changed, we do not need to make a new
// file entry for it, but there's no convenient way to do this with
// PhabricatorFile right now. The storage will get shared, so the impact
// here is negligible.
$unguarded = AphrontWriteGuard::beginScopedUnguardedWrites();
$image_file = PhabricatorFile::newFromFileDownload(
$image_uri,
array(
'name' => $name,
));
unset($unguarded);
$image_uri = $adapter->getAccountImageURI();
$unguarded = AphrontWriteGuard::beginScopedUnguardedWrites();
$image_file = PhabricatorFile::newFromFileDownload(
$image_uri,
array(
'name' => $name,
));
unset($unguarded);
$account->setProfileImagePHID($image_file->getPHID());
} catch (Exception $ex) {
$account->setProfileImagePHID(null);
if ($image_file) {
$account->setProfileImagePHID($image_file->getPHID());
}
} catch (Exception $ex) {
// Log this but proceed, it's not especially important that we
// be able to pull profile images.
phlog($ex);
}
}
$this->willSaveAccount($account);