1<?php 2/** 3 * Copyright 1999-2017 Horde LLC (http://www.horde.org/) 4 * 5 * See the enclosed file COPYING for license information (LGPL). If you did 6 * not receive this file, see http://www.horde.org/licenses/lgpl21. 7 * 8 * @author Jon Parise <jon@horde.org> 9 * @author Marcus I. Ryan <marcus@riboflavin.net> 10 * @category Horde 11 * @license http://www.horde.org/licenses/lgpl21 LGPL-2.1 12 * @package Auth 13 * @todo Add driver for other smbclient extensions https://github.com/eduardok/libsmbclient-php http://pecl.php.net/package/smbclient 14 */ 15 16/** 17 * The Horde_Auth_Smb class provides a SMB implementation of the Horde 18 * authentication system. 19 * 20 * This module requires the smbauth extension for PHP: 21 * http://tekrat.com/wp/smbauth/ 22 * 23 * At the time of this writing, the extension, and thus this module, only 24 * supported authentication against a domain, and pdc and bdc must be non-null 25 * and not equal to each other. In other words, to use this module you must 26 * have a domain with at least one PDC and one BDC. 27 * 28 * @author Jon Parise <jon@horde.org> 29 * @author Marcus I. Ryan <marcus@riboflavin.net> 30 * @category Horde 31 * @copyright 1999-2017 Horde LLC 32 * @license http://www.horde.org/licenses/lgpl21 LGPL-2.1 33 * @package Auth 34 */ 35class Horde_Auth_Smb extends Horde_Auth_Base 36{ 37 /** 38 * Constructor. 39 * 40 * @param array $params Parameters: 41 * <pre> 42 * 'domain' - (string) [REQUIRED] The domain name to authenticate with. 43 * 'group' - Group name that the user must be a member of. 44 * DEFAULT: none 45 * 'hostspec' - (string) [REQUIRED] IP, DNS Name, or NetBios name of the 46 * SMB server to authenticate with. 47 * </pre> 48 * 49 * @throws Horde_Auth_Exception 50 * @throws InvalidArgumentException 51 */ 52 public function __construct(array $params = array()) 53 { 54 if (!Horde_Util::extensionExists('smbauth')) { 55 throw new Horde_Auth_Exception(__CLASS__ . ': Required smbauth extension not found.'); 56 } 57 58 foreach (array('domain', 'hostspec') as $val) { 59 if (empty($params[$val])) { 60 throw new InvalidArgumentException('Missing ' . $val . ' parameter.'); 61 } 62 } 63 64 $params = array_merge(array( 65 'group' => null 66 ), $params); 67 68 parent::__construct($params); 69 } 70 71 /** 72 * Find out if the given set of login credentials are valid. 73 * 74 * @param string $userId The userId to check. 75 * @param array $credentials An array of login credentials. 76 * 77 * @throws Horde_Auth_Exception 78 */ 79 public function _authenticate($userId, $credentials) 80 { 81 if (empty($credentials['password'])) { 82 throw new Horde_Auth_Exception('', Horde_Auth::REASON_BADLOGIN); 83 } 84 85 /* Authenticate. */ 86 $rval = validate($this->_params['hostspec'], 87 $this->_params['domain'], 88 empty($this->_params['group']) ? '' : $this->_params['group'], 89 $userId, 90 $credentials['password']); 91 92 if ($rval === 1) { 93 throw new Horde_Auth_Exception('Failed to connect to SMB server.'); 94 } elseif ($rval !== 0) { 95 throw new Horde_Auth_Exception(err2str()); 96 } 97 } 98 99} 100