2018-09-11 07:51:35 -05:00
< ? php
/**
* LegacyUserProvider . php
*
* - Description -
*
* This program is free software : you can redistribute it and / or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation , either version 3 of the License , or
* ( at your option ) any later version .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
*
* You should have received a copy of the GNU General Public License
2021-02-09 00:29:04 +01:00
* along with this program . If not , see < https :// www . gnu . org / licenses />.
2018-09-11 07:51:35 -05:00
*
2021-02-09 00:29:04 +01:00
* @ link https :// www . librenms . org
2018-09-11 07:51:35 -05:00
* @ copyright 2018 Tony Murray
* @ author Tony Murray < murraytony @ gmail . com >
*/
namespace App\Providers ;
use App\Models\User ;
use DB ;
use Illuminate\Contracts\Auth\Authenticatable ;
use Illuminate\Contracts\Auth\UserProvider ;
use LibreNMS\Authentication\LegacyAuth ;
use LibreNMS\Exceptions\AuthenticationException ;
2021-04-29 22:42:18 -05:00
use LibreNMS\Util\Debug ;
2018-09-18 07:57:23 -05:00
use Log ;
2018-09-11 07:51:35 -05:00
use Request ;
use Session ;
2018-09-11 22:36:52 -05:00
use Toastr ;
2018-09-11 07:51:35 -05:00
class LegacyUserProvider implements UserProvider
{
/**
* Retrieve a user by their unique identifier .
*
2021-09-08 23:35:56 +02:00
* @ param mixed $identifier
2018-09-11 07:51:35 -05:00
* @ return \Illuminate\Contracts\Auth\Authenticatable | null
*/
public function retrieveById ( $identifier )
{
2018-09-12 12:51:52 -05:00
return User :: find ( $identifier );
2018-09-11 07:51:35 -05:00
}
2018-09-11 22:36:52 -05:00
/**
* Retrieve a user by their legacy auth specific identifier .
*
2021-09-08 23:35:56 +02:00
* @ param int $identifier
2018-09-11 22:36:52 -05:00
* @ return \Illuminate\Contracts\Auth\Authenticatable | null
*/
public function retrieveByLegacyId ( $identifier )
{
error_reporting ( 0 );
$legacy_user = LegacyAuth :: get () -> getUser ( $identifier );
error_reporting ( - 1 );
2019-03-27 07:18:28 -05:00
return $this -> retrieveByCredentials ([ 'username' => $legacy_user [ 'username' ] ? ? null ]);
2018-09-11 22:36:52 -05:00
}
2018-09-11 07:51:35 -05:00
/**
* Retrieve a user by their unique identifier and " remember me " token .
*
2021-09-08 23:35:56 +02:00
* @ param mixed $identifier
* @ param string $token
2018-09-11 07:51:35 -05:00
* @ return \Illuminate\Contracts\Auth\Authenticatable | null
*/
public function retrieveByToken ( $identifier , $token )
{
$user = new User ();
$user = $user -> where ( $user -> getAuthIdentifierName (), $identifier ) -> first ();
2020-09-21 14:54:51 +02:00
if ( ! $user ) {
2018-09-11 07:51:35 -05:00
return null ;
}
$rememberToken = $user -> getRememberToken ();
if ( $rememberToken && hash_equals ( $rememberToken , $token )) {
if ( LegacyAuth :: get () -> userExists ( $user -> username )) {
return $user ;
}
}
return null ;
}
/**
* Update the " remember me " token for the given user in storage .
*
2021-09-08 23:35:56 +02:00
* @ param \Illuminate\Contracts\Auth\Authenticatable $user
* @ param string $token
2018-09-11 07:51:35 -05:00
* @ return void
*/
public function updateRememberToken ( Authenticatable $user , $token )
{
2021-03-30 11:16:44 +02:00
/** @var User $user */
2018-09-11 07:51:35 -05:00
$user -> setRememberToken ( $token );
$timestamps = $user -> timestamps ;
$user -> timestamps = false ;
$user -> save ();
$user -> timestamps = $timestamps ;
}
/**
* Validate a user against the given credentials .
*
2021-09-08 23:35:56 +02:00
* @ param \Illuminate\Contracts\Auth\Authenticatable $user
* @ param array $credentials
2018-09-11 07:51:35 -05:00
* @ return bool
*/
public function validateCredentials ( Authenticatable $user , array $credentials )
{
error_reporting ( 0 );
$authorizer = LegacyAuth :: get ();
try {
// try authentication methods
2019-03-05 00:24:14 -06:00
if ( $authorizer -> authIsExternal ()) {
$credentials [ 'username' ] = $authorizer -> getExternalUsername ();
2018-09-11 07:51:35 -05:00
}
2020-09-21 14:54:51 +02:00
if ( empty ( $credentials [ 'username' ]) || ! $authorizer -> authenticate ( $credentials )) {
2018-09-11 07:51:35 -05:00
throw new AuthenticationException ( 'Invalid Credentials' );
}
return true ;
} catch ( AuthenticationException $ae ) {
$auth_message = $ae -> getMessage ();
2021-04-29 22:42:18 -05:00
if ( Debug :: isEnabled ()) {
2018-09-11 07:51:35 -05:00
$auth_message .= '<br /> ' . $ae -> getFile () . ': ' . $ae -> getLine ();
}
\Toastr :: error ( $auth_message );
2021-03-24 15:13:43 +01:00
$username = $username ? ? Session :: get ( 'username' , $credentials [ 'username' ]);
2018-09-11 07:51:35 -05:00
DB :: table ( 'authlog' ) -> insert ([ 'user' => $username , 'address' => Request :: ip (), 'result' => $auth_message ]);
} finally {
error_reporting ( - 1 );
}
return false ;
}
/**
2019-03-05 00:24:14 -06:00
* Retrieve a user by the given credentials .
2018-09-11 07:51:35 -05:00
*
2021-09-08 23:35:56 +02:00
* @ param array $credentials
2019-03-05 00:24:14 -06:00
* @ return \Illuminate\Contracts\Auth\Authenticatable | null
2018-09-11 07:51:35 -05:00
*/
2019-03-05 00:24:14 -06:00
public function retrieveByCredentials ( array $credentials )
2018-09-11 07:51:35 -05:00
{
error_reporting ( 0 );
$auth = LegacyAuth :: get ();
$type = LegacyAuth :: getType ();
2018-10-11 14:29:57 -05:00
// ldap based auth we should bind before using, otherwise searches may fail due to anonymous bind
if ( method_exists ( $auth , 'bind' )) {
2019-03-05 00:24:14 -06:00
$auth -> bind ( $credentials );
2018-10-11 14:29:57 -05:00
}
2019-03-05 00:24:14 -06:00
$username = $credentials [ 'username' ] ? ? null ;
2018-09-11 07:51:35 -05:00
$auth_id = $auth -> getUserid ( $username );
$new_user = $auth -> getUser ( $auth_id );
error_reporting ( - 1 );
if ( empty ( $new_user )) {
// some legacy auth create users in the authenticate method, if it doesn't exist yet, lets try authenticate (Laravel calls retrieveByCredentials first)
try {
error_reporting ( 0 );
2019-03-05 00:24:14 -06:00
$auth -> authenticate ( $credentials );
2018-09-11 07:51:35 -05:00
$auth_id = $auth -> getUserid ( $username );
$new_user = $auth -> getUser ( $auth_id );
error_reporting ( - 1 );
} catch ( AuthenticationException $ae ) {
2018-09-11 22:36:52 -05:00
Toastr :: error ( $ae -> getMessage ());
2018-09-11 07:51:35 -05:00
}
if ( empty ( $new_user )) {
2020-12-01 14:00:58 -06:00
Log :: error ( " Auth Error ( $type ): No user ( $auth_id ) [ $username ] from " . Request :: ip ());
2020-09-21 14:54:51 +02:00
2018-09-11 07:51:35 -05:00
return null ;
}
}
unset ( $new_user [ 'user_id' ]);
// remove null fields
$new_user = array_filter ( $new_user , function ( $var ) {
2020-09-21 14:54:51 +02:00
return ! is_null ( $var );
2018-09-11 07:51:35 -05:00
});
// always create an entry in the users table, but separate by type
$user = User :: thisAuth () -> firstOrNew ([ 'username' => $username ], $new_user );
/** @var User $user */
2018-09-12 08:49:54 -05:00
$user -> fill ( $new_user ); // fill all attributes
$user -> auth_type = $type ; // doing this here in case it was null (legacy)
2018-09-11 07:51:35 -05:00
$user -> auth_id = $auth_id ;
$user -> save ();
return $user ;
}
}
