100 lines
3.3 KiB
PHP
100 lines
3.3 KiB
PHP
<?php
|
|
/**
|
|
* Copyright 1999-2017 Horde LLC (http://www.horde.org/)
|
|
*
|
|
* See the enclosed file COPYING for license information (LGPL). If you did
|
|
* not receive this file, see http://www.horde.org/licenses/lgpl21.
|
|
*
|
|
* @author Jon Parise <jon@horde.org>
|
|
* @author Marcus I. Ryan <marcus@riboflavin.net>
|
|
* @category Horde
|
|
* @license http://www.horde.org/licenses/lgpl21 LGPL-2.1
|
|
* @package Auth
|
|
* @todo Add driver for other smbclient extensions https://github.com/eduardok/libsmbclient-php http://pecl.php.net/package/smbclient
|
|
*/
|
|
|
|
/**
|
|
* The Horde_Auth_Smb class provides a SMB implementation of the Horde
|
|
* authentication system.
|
|
*
|
|
* This module requires the smbauth extension for PHP:
|
|
* http://tekrat.com/wp/smbauth/
|
|
*
|
|
* At the time of this writing, the extension, and thus this module, only
|
|
* supported authentication against a domain, and pdc and bdc must be non-null
|
|
* and not equal to each other. In other words, to use this module you must
|
|
* have a domain with at least one PDC and one BDC.
|
|
*
|
|
* @author Jon Parise <jon@horde.org>
|
|
* @author Marcus I. Ryan <marcus@riboflavin.net>
|
|
* @category Horde
|
|
* @copyright 1999-2017 Horde LLC
|
|
* @license http://www.horde.org/licenses/lgpl21 LGPL-2.1
|
|
* @package Auth
|
|
*/
|
|
class Horde_Auth_Smb extends Horde_Auth_Base
|
|
{
|
|
/**
|
|
* Constructor.
|
|
*
|
|
* @param array $params Parameters:
|
|
* <pre>
|
|
* 'domain' - (string) [REQUIRED] The domain name to authenticate with.
|
|
* 'group' - Group name that the user must be a member of.
|
|
* DEFAULT: none
|
|
* 'hostspec' - (string) [REQUIRED] IP, DNS Name, or NetBios name of the
|
|
* SMB server to authenticate with.
|
|
* </pre>
|
|
*
|
|
* @throws Horde_Auth_Exception
|
|
* @throws InvalidArgumentException
|
|
*/
|
|
public function __construct(array $params = array())
|
|
{
|
|
if (!Horde_Util::extensionExists('smbauth')) {
|
|
throw new Horde_Auth_Exception(__CLASS__ . ': Required smbauth extension not found.');
|
|
}
|
|
|
|
foreach (array('domain', 'hostspec') as $val) {
|
|
if (empty($params[$val])) {
|
|
throw new InvalidArgumentException('Missing ' . $val . ' parameter.');
|
|
}
|
|
}
|
|
|
|
$params = array_merge(array(
|
|
'group' => null
|
|
), $params);
|
|
|
|
parent::__construct($params);
|
|
}
|
|
|
|
/**
|
|
* Find out if the given set of login credentials are valid.
|
|
*
|
|
* @param string $userId The userId to check.
|
|
* @param array $credentials An array of login credentials.
|
|
*
|
|
* @throws Horde_Auth_Exception
|
|
*/
|
|
public function _authenticate($userId, $credentials)
|
|
{
|
|
if (empty($credentials['password'])) {
|
|
throw new Horde_Auth_Exception('', Horde_Auth::REASON_BADLOGIN);
|
|
}
|
|
|
|
/* Authenticate. */
|
|
$rval = validate($this->_params['hostspec'],
|
|
$this->_params['domain'],
|
|
empty($this->_params['group']) ? '' : $this->_params['group'],
|
|
$userId,
|
|
$credentials['password']);
|
|
|
|
if ($rval === 1) {
|
|
throw new Horde_Auth_Exception('Failed to connect to SMB server.');
|
|
} elseif ($rval !== 0) {
|
|
throw new Horde_Auth_Exception(err2str());
|
|
}
|
|
}
|
|
|
|
}
|