X-Git-Url: https://git.quassel-irc.org/?p=quassel.git;a=blobdiff_plain;f=src%2Fcore%2Fldapauthenticator.cpp;h=b42044042895c644674fcdf57d38bd7a3bce9544;hp=d79ebf18ec7933eda7d908f00b430d7dc59ee55a;hb=ddfb1d2574c4bffd180361a80df9b1cd584bb040;hpb=f77a0b720ed58a2b68876b9320742b81b6df871f

diff --git a/src/core/ldapauthenticator.cpp b/src/core/ldapauthenticator.cpp
index d79ebf18..b4204404 100644
--- a/src/core/ldapauthenticator.cpp
+++ b/src/core/ldapauthenticator.cpp
@@ -1,5 +1,5 @@
 /***************************************************************************
- *   Copyright (C) 2005-2016 by the Quassel Project                        *
+ *   Copyright (C) 2005-2018 by the Quassel Project                        *
  *   devel@quassel-irc.org                                                 *
  *                                                                         *
  *   This program is free software; you can redistribute it and/or modify  *
@@ -28,7 +28,7 @@
 
 #include "ldapauthenticator.h"
 
-#include "logger.h"
+#include "logmessage.h"
 #include "network.h"
 #include "quassel.h"
 
@@ -65,52 +65,62 @@ bool LdapAuthenticator::isAvailable() const
 
 QString LdapAuthenticator::backendId() const
 {
-    // We identify the backend to use for the monolithic core by its displayname.
+    // We identify the backend to use for the monolithic core by this identifier.
     // so only change this string if you _really_ have to and make sure the core
     // setup for the mono client still works ;)
     return QString("LDAP");
 }
 
 
-QString LdapAuthenticator::description() const
+QString LdapAuthenticator::displayName() const
 {
-    return tr("Authenticate users using an LDAP server.");
+    return tr("LDAP");
 }
 
-QStringList LdapAuthenticator::setupKeys() const
+
+QString LdapAuthenticator::description() const
 {
-    // The parameters needed for LDAP.
-    QStringList keys;
-    keys << "Hostname"
-         << "Port"
-         << "Bind DN"
-         << "Bind Password"
-         << "Base DN"
-         << "Filter"
-         << "UID Attribute";
-    return keys;
+    return tr("Authenticate users using an LDAP server.");
 }
 
 
-QVariantMap LdapAuthenticator::setupDefaults() const
+QVariantList LdapAuthenticator::setupData() const
 {
-    QVariantMap map;
-    map["Hostname"] = QVariant(QString("ldap://localhost"));
-    map["Port"] = QVariant(DEFAULT_LDAP_PORT);
-    map["UID Attribute"] = QVariant(QString("uid"));
-    return map;
+    // The parameters needed for LDAP.
+    QVariantList data;
+    data << "Hostname"     << tr("Hostname")      << QString{"ldap://localhost"}
+         << "Port"         << tr("Port")          << DEFAULT_LDAP_PORT
+         << "BindDN"       << tr("Bind DN")       << QString{}
+         << "BindPassword" << tr("Bind Password") << QString{}
+         << "BaseDN"       << tr("Base DN")       << QString{}
+         << "Filter"       << tr("Filter")        << QString{}
+         << "UidAttribute" << tr("UID Attribute") << QString{"uid"}
+         ;
+    return data;
 }
 
 
-void LdapAuthenticator::setConnectionProperties(const QVariantMap &properties)
+void LdapAuthenticator::setAuthProperties(const QVariantMap &properties,
+                                          const QProcessEnvironment &environment,
+                                          bool loadFromEnvironment)
 {
-    _hostName = properties["Hostname"].toString();
-    _port = properties["Port"].toInt();
-    _baseDN = properties["Base DN"].toString();
-    _filter = properties["Filter"].toString();
-    _bindDN = properties["Bind DN"].toString();
-    _bindPassword = properties["Bind Password"].toString();
-    _uidAttribute = properties["UID Attribute"].toString();
+    if (loadFromEnvironment) {
+        _hostName = environment.value("AUTH_LDAP_HOSTNAME");
+        _port = environment.value("AUTH_LDAP_PORT").toInt();
+        _bindDN = environment.value("AUTH_LDAP_BIND_DN");
+        _bindPassword = environment.value("AUTH_LDAP_BIND_PASSWORD");
+        _baseDN = environment.value("AUTH_LDAP_BASE_DN");
+        _filter = environment.value("AUTH_LDAP_FILTER");
+        _uidAttribute = environment.value("AUTH_LDAP_UID_ATTRIBUTE");
+    } else {
+        _hostName = properties["Hostname"].toString();
+        _port = properties["Port"].toInt();
+        _bindDN = properties["BindDN"].toString();
+        _bindPassword = properties["BindPassword"].toString();
+        _baseDN = properties["BaseDN"].toString();
+        _filter = properties["Filter"].toString();
+        _uidAttribute = properties["UidAttribute"].toString();
+    }
 }
 
 // TODO: this code is sufficiently general that in the future, perhaps an abstract
@@ -124,14 +134,18 @@ UserId LdapAuthenticator::validateUser(const QString &username, const QString &p
         return UserId();
     }
 
+    // LDAP is case-insensitive, thus we will lowercase the username, in spite of
+    // a better solution :(
+    const QString lUsername = username.toLower();
+
     // If auth succeeds, but the user has not logged into quassel previously, make
     // a new user for them and return that ID.
     // Users created via LDAP have empty passwords, but authenticator column = LDAP.
     // On the other hand, if auth succeeds and the user already exists, do a final
     // cross-check to confirm we're using the right auth provider.
-    UserId quasselId = Core::validateUser(username, QString());
+    UserId quasselId = Core::validateUser(lUsername, QString());
     if (!quasselId.isValid()) {
-        return Core::addUser(username, QString(), backendId());
+        return Core::addUser(lUsername, QString(), backendId());
     }
     else if (!(Core::checkAuthProvider(quasselId, backendId()))) {
         return 0;
@@ -140,25 +154,29 @@ UserId LdapAuthenticator::validateUser(const QString &username, const QString &p
 }
 
 
-bool LdapAuthenticator::setup(const QVariantMap &settings)
+bool LdapAuthenticator::setup(const QVariantMap &settings,
+                              const QProcessEnvironment &environment,
+                              bool loadFromEnvironment)
 {
-    setConnectionProperties(settings);
+    setAuthProperties(settings, environment, loadFromEnvironment);
     bool status = ldapConnect();
     return status;
 }
 
 
-Authenticator::State LdapAuthenticator::init(const QVariantMap &settings)
+Authenticator::State LdapAuthenticator::init(const QVariantMap &settings,
+                                             const QProcessEnvironment &environment,
+                                             bool loadFromEnvironment)
 {
-    setConnectionProperties(settings);
+    setAuthProperties(settings, environment, loadFromEnvironment);
 
     bool status = ldapConnect();
     if (!status) {
-        quInfo() << qPrintable(backendId()) << "Authenticator cannot connect.";
+        quInfo() << qPrintable(backendId()) << "authenticator cannot connect.";
         return NotAvailable;
     }
 
-    quInfo() << qPrintable(backendId()) << "Authenticator is ready.";
+    quInfo() << qPrintable(backendId()) << "authenticator is ready.";
     return IsReady;
 }
 
@@ -179,6 +197,8 @@ bool LdapAuthenticator::ldapConnect()
     serverURIArray = serverURI.toLocal8Bit();
     res = ldap_initialize(&_connection, serverURIArray);
 
+    quInfo() << "LDAP: Connecting to" << serverURI;
+
     if (res != LDAP_SUCCESS) {
         qWarning() << "Could not connect to LDAP server:" << ldap_err2string(res);
         return false;