1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-29 02:02:41 +01:00

Provide bin/auth ldap for LDAP diagnostics

Summary: Ref T1536.

Test Plan: Ran `bin/auth ldap`.

Reviewers: mbishopim3, chad

Reviewed By: mbishopim3

CC: aran

Maniphest Tasks: T1536

Differential Revision: https://secure.phabricator.com/D6218
This commit is contained in:
epriestley 2013-06-17 13:26:25 -07:00
parent fded36cc21
commit c0cc7bbfdf
4 changed files with 100 additions and 21 deletions

View file

@ -15,7 +15,8 @@ EOSYNOPSIS
$args->parseStandardArguments(); $args->parseStandardArguments();
$workflows = array( $workflows = array(
new PhabricatorAuthManagementListWorkflow(), new PhabricatorAuthManagementRecoverWorkflow(),
new PhabricatorAuthManagementLDAPWorkflow(),
new PhutilHelpArgumentWorkflow(), new PhutilHelpArgumentWorkflow(),
); );

View file

@ -823,6 +823,7 @@ phutil_register_library_map(array(
'PhabricatorAuthLinkController' => 'applications/auth/controller/PhabricatorAuthLinkController.php', 'PhabricatorAuthLinkController' => 'applications/auth/controller/PhabricatorAuthLinkController.php',
'PhabricatorAuthListController' => 'applications/auth/controller/config/PhabricatorAuthListController.php', 'PhabricatorAuthListController' => 'applications/auth/controller/config/PhabricatorAuthListController.php',
'PhabricatorAuthLoginController' => 'applications/auth/controller/PhabricatorAuthLoginController.php', 'PhabricatorAuthLoginController' => 'applications/auth/controller/PhabricatorAuthLoginController.php',
'PhabricatorAuthManagementLDAPWorkflow' => 'applications/auth/management/PhabricatorAuthManagementLDAPWorkflow.php',
'PhabricatorAuthManagementRecoverWorkflow' => 'applications/auth/management/PhabricatorAuthManagementRecoverWorkflow.php', 'PhabricatorAuthManagementRecoverWorkflow' => 'applications/auth/management/PhabricatorAuthManagementRecoverWorkflow.php',
'PhabricatorAuthManagementWorkflow' => 'applications/auth/management/PhabricatorAuthManagementWorkflow.php', 'PhabricatorAuthManagementWorkflow' => 'applications/auth/management/PhabricatorAuthManagementWorkflow.php',
'PhabricatorAuthNewController' => 'applications/auth/controller/config/PhabricatorAuthNewController.php', 'PhabricatorAuthNewController' => 'applications/auth/controller/config/PhabricatorAuthNewController.php',
@ -2707,6 +2708,7 @@ phutil_register_library_map(array(
1 => 'PhabricatorApplicationSearchResultsControllerInterface', 1 => 'PhabricatorApplicationSearchResultsControllerInterface',
), ),
'PhabricatorAuthLoginController' => 'PhabricatorAuthController', 'PhabricatorAuthLoginController' => 'PhabricatorAuthController',
'PhabricatorAuthManagementLDAPWorkflow' => 'PhabricatorAuthManagementWorkflow',
'PhabricatorAuthManagementRecoverWorkflow' => 'PhabricatorAuthManagementWorkflow', 'PhabricatorAuthManagementRecoverWorkflow' => 'PhabricatorAuthManagementWorkflow',
'PhabricatorAuthManagementWorkflow' => 'PhutilArgumentWorkflow', 'PhabricatorAuthManagementWorkflow' => 'PhutilArgumentWorkflow',
'PhabricatorAuthNewController' => 'PhabricatorAuthProviderConfigController', 'PhabricatorAuthNewController' => 'PhabricatorAuthProviderConfigController',

View file

@ -0,0 +1,71 @@
<?php
final class PhabricatorAuthManagementLDAPWorkflow
extends PhabricatorAuthManagementWorkflow {
protected function didConstruct() {
$this
->setName('ldap')
->setExamples('**ldap**')
->setSynopsis(
pht('Analyze and diagnose issues with LDAP configuration.'));
}
public function execute(PhutilArgumentParser $args) {
$console = PhutilConsole::getConsole();
$console->getServer()->setEnableLog(true);
$provider = new PhabricatorAuthProviderLDAP();
if (!$provider->isEnabled()) {
$console->writeOut(
"%s\n",
"The LDAP authentication provider is not enabled.");
exit(1);
}
if (!function_exists('ldap_connect')) {
$console->writeOut(
"%s\n",
"The LDAP extension is not enabled.");
exit(1);
}
$adapter = $provider->getAdapter();
$adapter->setConsole($console);
$console->writeOut("%s\n", pht('LDAP CONFIGURATION'));
$adapter->printConfiguration();
$console->writeOut("%s\n", pht('Enter LDAP Credentials'));
$username = phutil_console_prompt("LDAP Username: ");
if (!strlen($username)) {
throw new PhutilArgumentUsageException(
pht("You must enter an LDAP username."));
}
phutil_passthru('stty -echo');
$password = phutil_console_prompt("LDAP Password: ");
phutil_passthru('stty echo');
if (!strlen($password)) {
throw new PhutilArgumentUsageException(
pht("You must enter an LDAP password."));
}
$adapter->setLoginUsername($username);
$adapter->setLoginPassword(new PhutilOpaqueEnvelope($password));
$console->writeOut("\n");
$console->writeOut("%s\n", pht('Connecting to LDAP...'));
$account_id = $adapter->getAccountID();
if ($account_id) {
$console->writeOut("%s\n", pht('Found LDAP Account: %s', $account_id));
} else {
$console->writeOut("%s\n", pht('Unable to find LDAP account!'));
}
return 0;
}
}

View file

@ -180,6 +180,9 @@ abstract class PhabricatorAuthProvider {
$account->setEmail($adapter->getAccountEmail()); $account->setEmail($adapter->getAccountEmail());
$account->setAccountURI($adapter->getAccountURI()); $account->setAccountURI($adapter->getAccountURI());
$account->setProfileImagePHID(null);
$image_uri = $adapter->getAccountImageURI();
if ($image_uri) {
try { try {
$name = PhabricatorSlug::normalize($this->getProviderName()); $name = PhabricatorSlug::normalize($this->getProviderName());
$name = $name.'-profile.jpg'; $name = $name.'-profile.jpg';
@ -188,9 +191,6 @@ abstract class PhabricatorAuthProvider {
// file entry for it, but there's no convenient way to do this with // file entry for it, but there's no convenient way to do this with
// PhabricatorFile right now. The storage will get shared, so the impact // PhabricatorFile right now. The storage will get shared, so the impact
// here is negligible. // here is negligible.
$image_uri = $adapter->getAccountImageURI();
$unguarded = AphrontWriteGuard::beginScopedUnguardedWrites(); $unguarded = AphrontWriteGuard::beginScopedUnguardedWrites();
$image_file = PhabricatorFile::newFromFileDownload( $image_file = PhabricatorFile::newFromFileDownload(
$image_uri, $image_uri,
@ -199,9 +199,14 @@ abstract class PhabricatorAuthProvider {
)); ));
unset($unguarded); unset($unguarded);
if ($image_file) {
$account->setProfileImagePHID($image_file->getPHID()); $account->setProfileImagePHID($image_file->getPHID());
}
} catch (Exception $ex) { } catch (Exception $ex) {
$account->setProfileImagePHID(null); // Log this but proceed, it's not especially important that we
// be able to pull profile images.
phlog($ex);
}
} }
$this->willSaveAccount($account); $this->willSaveAccount($account);