vendor/symfony/ldap/Adapter/ExtLdap/Connection.php line 75

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of the Symfony package.
  5.  *
  6.  * (c) Fabien Potencier <fabien@symfony.com>
  7.  *
  8.  * For the full copyright and license information, please view the LICENSE
  9.  * file that was distributed with this source code.
  10.  */
  12. namespace Symfony\Component\Ldap\Adapter\ExtLdap;
  14. use LDAP\Connection as LDAPConnection;
  15. use Symfony\Component\Ldap\Adapter\AbstractConnection;
  16. use Symfony\Component\Ldap\Exception\AlreadyExistsException;
  17. use Symfony\Component\Ldap\Exception\ConnectionException;
  18. use Symfony\Component\Ldap\Exception\ConnectionTimeoutException;
  19. use Symfony\Component\Ldap\Exception\InvalidCredentialsException;
  20. use Symfony\Component\Ldap\Exception\LdapException;
  21. use Symfony\Component\OptionsResolver\Options;
  22. use Symfony\Component\OptionsResolver\OptionsResolver;
  24. /**
  25.  * @author Charles Sarrazin <charles@sarraz.in>
  26.  */
  27. class Connection extends AbstractConnection
  28. {
  29.     private const LDAP_INVALID_CREDENTIALS 0x31;
  30.     private const LDAP_TIMEOUT 0x55;
  31.     private const LDAP_ALREADY_EXISTS 0x44;
  32.     private const PRECONNECT_OPTIONS = [
  33.         ConnectionOptions::DEBUG_LEVEL,
  34.         ConnectionOptions::X_TLS_CACERTDIR,
  35.         ConnectionOptions::X_TLS_CACERTFILE,
  36.         ConnectionOptions::X_TLS_REQUIRE_CERT,
  37.     ];
  39.     private bool $bound false;
  41.     /** @var resource|LDAPConnection */
  42.     private $connection;
  44.     public function __sleep(): array
  45.     {
  46.         throw new \BadMethodCallException('Cannot serialize '.__CLASS__);
  47.     }
  49.     public function __wakeup()
  50.     {
  51.         throw new \BadMethodCallException('Cannot unserialize '.__CLASS__);
  52.     }
  54.     public function __destruct()
  55.     {
  56.         $this->disconnect();
  57.     }
  59.     public function isBound(): bool
  60.     {
  61.         return $this->bound;
  62.     }
  64.     /**
  65.      * @param string $password WARNING: When the LDAP server allows unauthenticated binds, a blank $password will always be valid
  66.      *
  67.      * @return void
  68.      */
  69.     public function bind(string $dn null, #[\SensitiveParameterstring $password null)
  70.     {
  71.         if (!$this->connection) {
  72.             $this->connect();
  73.         }
  75.         if (false === @ldap_bind($this->connection$dn$password)) {
  76.             $error ldap_error($this->connection);
  77.             switch (ldap_errno($this->connection)) {
  78.                 case self::LDAP_INVALID_CREDENTIALS:
  79.                     throw new InvalidCredentialsException($error);
  80.                 case self::LDAP_TIMEOUT:
  81.                     throw new ConnectionTimeoutException($error);
  82.                 case self::LDAP_ALREADY_EXISTS:
  83.                     throw new AlreadyExistsException($error);
  84.             }
  85.             throw new ConnectionException($error);
  86.         }
  88.         $this->bound true;
  89.     }
  91.     /**
  92.      * @return resource|LDAPConnection
  93.      *
  94.      * @internal
  95.      */
  96.     public function getResource()
  97.     {
  98.         return $this->connection;
  99.     }
  101.     /**
  102.      * @return void
  103.      */
  104.     public function setOption(string $name, array|string|int|bool $value)
  105.     {
  106.         if (!@ldap_set_option($this->connectionConnectionOptions::getOption($name), $value)) {
  107.             throw new LdapException(sprintf('Could not set value "%s" for option "%s".'$value$name));
  108.         }
  109.     }
  111.     /**
  112.      * @return array|string|int|null
  113.      */
  114.     public function getOption(string $name)
  115.     {
  116.         if (!@ldap_get_option($this->connectionConnectionOptions::getOption($name), $ret)) {
  117.             throw new LdapException(sprintf('Could not retrieve value for option "%s".'$name));
  118.         }
  120.         return $ret;
  121.     }
  123.     /**
  124.      * @return void
  125.      */
  126.     protected function configureOptions(OptionsResolver $resolver)
  127.     {
  128.         parent::configureOptions($resolver);
  130.         $resolver->setDefault('debug'false);
  131.         $resolver->setAllowedTypes('debug''bool');
  132.         $resolver->setDefault('referrals'false);
  133.         $resolver->setAllowedTypes('referrals''bool');
  134.         $resolver->setDefault('options', function (OptionsResolver $optionsOptions $parent) {
  135.             $options->setDefined(array_map('strtolower'array_keys((new \ReflectionClass(ConnectionOptions::class))->getConstants())));
  137.             if (true === $parent['debug']) {
  138.                 $options->setDefault('debug_level'7);
  139.             }
  141.             if (!isset($parent['network_timeout'])) {
  142.                 $options->setDefault('network_timeout'\ini_get('default_socket_timeout'));
  143.             }
  145.             $options->setDefaults([
  146.                 'protocol_version' => $parent['version'],
  147.                 'referrals' => $parent['referrals'],
  148.             ]);
  149.         });
  150.     }
  152.     private function connect(): void
  153.     {
  154.         if ($this->connection) {
  155.             return;
  156.         }
  158.         foreach ($this->config['options'] as $name => $value) {
  159.             if (\in_array(ConnectionOptions::getOption($name), self::PRECONNECT_OPTIONStrue)) {
  160.                 $this->setOption($name$value);
  161.             }
  162.         }
  164.         if (false === $connection ldap_connect($this->config['connection_string'])) {
  165.             throw new LdapException('Invalid connection string: '.$this->config['connection_string']);
  166.         } else {
  167.             $this->connection $connection;
  168.         }
  170.         foreach ($this->config['options'] as $name => $value) {
  171.             if (!\in_array(ConnectionOptions::getOption($name), self::PRECONNECT_OPTIONStrue)) {
  172.                 $this->setOption($name$value);
  173.             }
  174.         }
  176.         if ('tls' === $this->config['encryption'] && false === @ldap_start_tls($this->connection)) {
  177.             throw new LdapException('Could not initiate TLS connection: '.ldap_error($this->connection));
  178.         }
  179.     }
  181.     private function disconnect(): void
  182.     {
  183.         if ($this->connection) {
  184.             ldap_unbind($this->connection);
  185.         }
  187.         $this->connection null;
  188.         $this->bound false;
  189.     }
  190. }