Skip to content

Commit

Permalink
Merge pull request #3 from surfrock66/master
Browse files Browse the repository at this point in the history 
Update code to generalize the LDAP/AD connector away from code specific to the starting organization.
  • Loading branch information
@surfrock66
surfrock66 authored Feb 19, 2022
2 parents 523de7b + cb6d8b6 commit d32e2e7
Show file tree
Hide file tree
Showing 5 changed files with 121 additions and 35 deletions.
17 changes: 17 additions & 0 deletions web/config.php.sample
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,9 @@
// Page Title
//define("TITLE","Sample Web Phone");

// Page Footer Text
//define("Footer","© Sample Footer Line");


// SIP Realm
//define("REALM","sample realm");
Expand Down Expand Up @@ -89,8 +92,19 @@
// SimpleSAMLPhp Logout Return URL
//define("SAMLRETURNURL","https://domain.tld");

// SimpleSAMLPhp Attribute Map - givenName
//define("SAMLATTRGIVENNAME","givenName");

// SimpleSAMLPhp Attribute Map - surame
//define("SAMLATTRSURNAME","sn");

// SimpleSAMLPhp Attribute Map - extension
//define("SAMLATTREXT","extension");


// LDAP Credentials
// For LDAP lookup to work, you must copy includes/getContacts.php.sample to includes/getContacts.php
// Any further LDAP filtering or configuration will happen there

// LDAP/AD URI
//define("LDAPURI","ldaps://sampleserver.sampledomain.tld:636");
Expand All @@ -104,6 +118,9 @@
// LDAP Base DN
//define("LDAPBASEDN","dc=SAMPLEDOMAIN,dc=TLD");

// LDAP Search Filter
//define("LDAPSEARCHFILTER","(&(objectCategory=person)(objectClass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))");


// MySQL Credentials

Expand Down
10 changes: 9 additions & 1 deletion web/includes/footer.php
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,15 @@

<footer class="footer fixed-bottom">
<div class="container">
<p class="text-muted text-center"><small>&copy; SEIU Local 1000 - <?php echo date("Y"); ?>. All Rights Reserved.</small></p>
<?php
$footerText = "";
if ( defined ( 'FOOTER' ) ) {
if ( !empty ( FOOTER ) ) {
$footerText = FOOTER . " - ";
}
}
?>
<p class="text-muted text-center"><small><?php echo $footerText.date("Y"); ?>. All Rights Reserved.</small></p>
</div>
<!-- Creates all ATL/COM objects right now
Will open confirmation dialogs if not already done
Expand Down
101 changes: 72 additions & 29 deletions web/includes/getContacts.php → web/includes/getContacts.php.sample
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@
$ldapbindpass = LDAPBINDPASS;
$ldapbasedn = LDAPBASEDN;
$ldap_connection = ldap_connect( $ldapuri );

if (FALSE === $ldap_connection) {
// Uh-oh, something is wrong...
echo 'Unable to connect to the ldap server';
Expand All @@ -30,26 +29,31 @@
if ( TRUE === ldap_bind ( $ldap_connection, $ldapbinduser, $ldapbindpass ) ) {
//Get standard users and contacts
$search_filter = '(&(objectCategory=person)(objectClass=user)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))';
if ( defined ( 'LDAPSEARCHFILTER' ) ) {
if ( !empty ( LDAPSEARCHFILTER ) ) {
$search_filter = LDAPSEARCHFILTER;
}
}

$attr = array("dn","samaccountname","givenname","sn","title","department","telephonenumber","mobile");
//
// If the attribute list for directory information is different than what is pulled here, modify it
//
$attr = array("dn","samaccountname","cn","givenname","sn","title","department","telephonenumber","homePhone","mobile");

//Connect to LDAP
$result = ldap_search($ldap_connection, $ldapbasedn, $search_filter, $attr);

if (FALSE !== $result) {
$entries = ldap_get_entries($ldap_connection, $result);

// Uncomment the below if you want to write all entries to debug somethingthing
//echo "<pre>";
//var_dump($entries);
//echo "</pre>";

$ADUsers = array();
$DirUsers = array();

//For each account returned by the search
for ($x = 0; $x < $entries['count']; $x++) {
//
//Retrieve values from Active Directory
//Retrieve values from Active Directory or LDAP
//

//Distinguished Name
Expand All @@ -61,7 +65,10 @@
}
}

if ( ( strpos ( $LDAP_dn, 'Users' ) !== false ) && ( strpos ( $LDAP_dn, 'Inactive' ) == false ) ) {
//
// Uncomment this and the corresponding closing bracket if you need to do further AD filtering based on the structure of your org
//
//if ( ( strpos ( $LDAP_dn, 'Users' ) !== false ) && ( strpos ( $LDAP_dn, 'Inactive' ) == false ) ) {

// Phone Number
$LDAP_PhoneNumber = "";
Expand All @@ -81,19 +88,46 @@
}
}

if ( ( $LDAP_PhoneNumber !== "" ) || ( $LDAP_MobilePhone !== "" ) ) {
//
// In this example, "homePhone" is an attribute which can have multiple values, hence it comes in as an array and must be handled differently
//
//Home phone
$LDAP_HomePhone = "";
if (!empty($entries[$x]['homephone'][0])) {
if ( is_array( $entries[$x]['homephone'][0] ) ) {
$LDAP_HomePhone = $entries[$x]['homephone'][0][1];
} else {
$LDAP_HomePhone = $entries[$x]['homephone'][0];
}
if ($LDAP_HomePhone == "NULL") {
$LDAP_HomePhone = "";
}
}


if ( ( $LDAP_PhoneNumber !== "" ) || ( $LDAP_MobilePhone !== "" ) || ( $LDAP_HomePhone !== "" ) ) {

//Windows Usernaame
$LDAP_samaccountname = "";
//
// The following code blocks will construct the strings available in the directory search dropdown.
// While this should be a sane starting point, you can modify or adapt this as needed for your organization.
//

//Usernaame
$LDAP_accountname = "";
if (!empty($entries[$x]['samaccountname'][0])) {
$LDAP_samaccountname = $entries[$x]['samaccountname'][0];
if ($LDAP_samaccountname == "NULL") {
$LDAP_samaccountname = "";
$LDAP_accountname = $entries[$x]['samaccountname'][0];
if ($LDAP_accountname == "NULL") {
$LDAP_accountname = "";
}
} elseif (!empty($entries[$x]['cn'][0])) {
$LDAP_accountname = $entries[$x]['cn'][0];
if ($LDAP_accountname == "NULL") {
$LDAP_accountname = "";
}
} else {
//#There is no samaccountname s0 assume this is an AD contact record so generate a unique username
//#There is no samaccountname or cn so assume this is an AD contact record so generate a unique username
$LDAP_uSNCreated = $entries[$x]['usncreated'][0];
$LDAP_samaccountname = "CONTACT_" . $LDAP_uSNCreated;
$LDAP_accountname = "CONTACT_" . $LDAP_uSNCreated;
}

//Last Name
Expand All @@ -103,6 +137,11 @@
if ($LDAP_LastName == "NULL") {
$LDAP_LastName = "";
}
} elseif (!empty($entries[$x]['surname'][0])) {
$LDAP_LastName = $entries[$x]['surname'][0];
if ($LDAP_LastName == "NULL") {
$LDAP_LastName = "";
}
}

//First Name
Expand All @@ -117,7 +156,7 @@
//Department
$LDAP_Department = "";
if (!empty($entries[$x]['department'][0])) {
$LDAP_Department = $entries[$x]['department'][0];
$LDAP_Department = ", ".$entries[$x]['department'][0];
if ($LDAP_Department == "NULL") {
$LDAP_Department = "";
}
Expand All @@ -126,35 +165,39 @@
//Job Title
$LDAP_JobTitle = "";
if (!empty($entries[$x]['title'][0])) {
$LDAP_JobTitle = $entries[$x]['title'][0];
$LDAP_JobTitle = " - ".$entries[$x]['title'][0];
if ($LDAP_JobTitle == "NULL") {
$LDAP_JobTitle = "";
}
}
if ( $LDAP_PhoneNumber !== "" ) {
$userData = array($LDAP_LastName, $LDAP_FirstName, $LDAP_JobTitle, $LDAP_Department, $LDAP_PhoneNumber, "Phone #");
array_push ( $ADUsers, $userData );
$userData = array($LDAP_LastName, $LDAP_FirstName, $LDAP_JobTitle, $LDAP_Department, $LDAP_PhoneNumber, " - Phone #");
array_push ( $DirUsers, $userData );
}
if ( $LDAP_MobilePhone !== "" ) {
$userData = array($LDAP_LastName, $LDAP_FirstName, $LDAP_JobTitle, $LDAP_Department, $LDAP_MobilePhone, "Mobile #");
array_push ( $ADUsers, $userData );
$userData = array($LDAP_LastName, $LDAP_FirstName, $LDAP_JobTitle, $LDAP_Department, $LDAP_MobilePhone, " - Mobile #");
array_push ( $DirUsers, $userData );
}
}
if ( $LDAP_HomePhone !== "" ) {
$userData = array($LDAP_LastName, $LDAP_FirstName, $LDAP_JobTitle, $LDAP_Department, $LDAP_HomePhone, " - Home #");
array_push ( $DirUsers, $userData );
}
//}
}
}

// Sort the results by last name, first name, and number type
$column_lastname = array_column ( $ADUsers, 1 );
$column_firstname = array_column ( $ADUsers, 0 );
$column_type = array_column ( $ADUsers, 5 );
array_multisort ( $column_lastname, SORT_ASC, $column_firstname, SORT_ASC, $column_type, SORT_DESC, $ADUsers );
$column_lastname = array_column ( $DirUsers, 1 );
$column_firstname = array_column ( $DirUsers, 0 );
$column_type = array_column ( $DirUsers, 5 );
array_multisort ( $column_lastname, SORT_ASC, $column_firstname, SORT_ASC, $column_type, SORT_DESC, $DirUsers );

$contactLookup = array();

foreach( $ADUsers as $user ) {
foreach( $DirUsers as $user ) {
$userData = array (
"lookupName" => $user[1] . " " . $user[0],
"displayText" => $user[0] . ", " . $user[1] . " - " . $user[2] . ", " . $user[3] . " - " . $user[5] . ": " . $user[4],
"displayText" => $user[0] . ", " . $user[1] . $user[2] . $user[3] . $user[5] . ": " . $user[4],
"number" => $user[4]
);

Expand Down
4 changes: 2 additions & 2 deletions web/includes/header.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@
$pageTitle = TITLE;
}
}
echo "<title>$pageTitle</title>";
echo "\n <title>$pageTitle</title>\n";
?>
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Keywords" content="doubango, sipML5, VoIP, HTML5, WebRTC, RTCWeb, SIP, IMS, Video chat, VP8" />
Expand Down Expand Up @@ -404,7 +404,7 @@ function selectContact(event) {
</div>
<div class="col-10 branding mt-1">
<div class="logo">
<img src="/images/logo.svg" alt="SEIU Local 1000" />
<img src="./images/logo.svg" alt="Logo Image" />
</div>
</div>
</div>
Expand Down
24 changes: 21 additions & 3 deletions web/index.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,9 +35,27 @@
$_SESSION['as'] = new SimpleSAML_Auth_Simple( SAMLSPNAME );
$_SESSION['as']->requireAuth();
$attributes = $_SESSION['as']->getAttributes();
$_SESSION['givenname'] = $attributes['givenname'][0];
$_SESSION['surname'] = $attributes['surname'][0];
$_SESSION['extension'] = $attributes['extension'][0];
$attrGivenName = "givenname";
if ( defined ( 'SAMLATTRGIVENNAME' ) ) {
if ( !empty ( SAMLATTRGIVENNAME ) ) {
$attrGivenName = SAMLATTRGIVENNAME;
}
}
$_SESSION['givenname'] = $attributes[$attrGivenName][0];
$attrSurname = "surname";
if ( defined ( 'SAMLATTRSURNAME' ) ) {
if ( !empty ( SAMLATTRSURNAME ) ) {
$attrSurname = SAMLATTRSURNAME;
}
}
$_SESSION['surname'] = $attributes[$attrSurname][0];
$attrExtension = "extension";
if ( defined ( 'SAMLATTREXT' ) ) {
if ( !empty ( SAMLATTREXT ) ) {
$attrExtension = SAMLATTREXT;
}
}
$_SESSION['extension'] = $attributes[$attrExtension][0];
// 2020.12.16 - Edit by jgullo - Populate variables from saml to input later
if ( !empty ( $_SESSION['givenname'] ) || !empty ( $_SESSION['surname'] ) ) {
$fullName = $_SESSION['givenname']." ".$_SESSION['surname'];
Expand Down

0 comments on commit d32e2e7

Please sign in to comment.