From 7335287b29a0d80f73bf628c9a2b877843149967 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20=C3=85kre=20Solberg?= <andreas.solberg@uninett.no>
Date: Mon, 19 Jan 2009 13:50:37 +0000
Subject: [PATCH] LDAP status module that checks multiple LDAPs for
 connectivity

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1158 44740490-163a-0410-bde0-09ae8108e29a
---
 modules/ldapstatus/default-disable            |   0
 .../templates/default/ldapstatus.php          |  63 ++++++++++
 modules/ldapstatus/www/index.php              | 117 ++++++++++++++++++
 3 files changed, 180 insertions(+)
 create mode 100644 modules/ldapstatus/default-disable
 create mode 100644 modules/ldapstatus/templates/default/ldapstatus.php
 create mode 100644 modules/ldapstatus/www/index.php

diff --git a/modules/ldapstatus/default-disable b/modules/ldapstatus/default-disable
new file mode 100644
index 000000000..e69de29bb
diff --git a/modules/ldapstatus/templates/default/ldapstatus.php b/modules/ldapstatus/templates/default/ldapstatus.php
new file mode 100644
index 000000000..19043223f
--- /dev/null
+++ b/modules/ldapstatus/templates/default/ldapstatus.php
@@ -0,0 +1,63 @@
+<?php
+$this->data['header'] = 'LDAP status page';
+$this->includeAtTemplateBase('includes/header.php');
+
+
+?>
+<div id="content">
+
+<h2>LDAP test</h2>
+
+<table style="width: 100%">
+	<tr>
+	<th>Name of institusion</th>
+	<th>Conf</th>
+	<th>Meta</th>
+	<th>Ping</th>
+	<th>Admin bind()</th>
+	<th>Search bogus</th>
+	<th>Search test</th>
+	<th>Bind test</th>
+	<th>GetAttr test</th>
+	</tr>
+
+<?php
+
+function showRes($key, $res, $template) {
+	echo('<td>');
+	if (array_key_exists($key, $res)) {
+		if ($res[$key][0]) {
+			echo '<img src="/' . $template->data['baseurlpath'] . 'resources/icons/accept.png" ' .
+				'alt="' . htmlspecialchars($res[$key][1]) .  '" 
+				title="' . htmlspecialchars($res[$key][1]) .  '" 
+				/>';
+		} else {
+			echo '<img src="/' . $template->data['baseurlpath'] . 'resources/icons/delete.png" ' .
+				'alt="' . htmlspecialchars($res[$key][1]) .  '" 
+				title="' . htmlspecialchars($res[$key][1]) .  '" 
+				/>';
+		}
+	} else {
+		echo('<span style="color: #eee;">NA</span>');
+	}
+	echo('</td>');
+}
+
+
+foreach($this->data['results'] as $orgkey => $res) {
+	echo('<tr>');
+#	print_r($this->data['orgconfig']); exit;
+	echo('<td>' . htmlspecialchars($this->getTranslation($this->data['orgconfig'][$orgkey]['description'])) . '</td>');
+	showRes('config',  $res, $this);
+	showRes('configMeta',  $res, $this);
+	showRes('ping',  $res, $this);
+	showRes('adminUser',  $res, $this);
+	showRes('ldapSearchBogus',  $res, $this);
+	showRes('ldapSearchTestUser',  $res, $this);
+	showRes('ldapBindTestUser',  $res, $this);
+	showRes('ldapGetAttributesTestUser',  $res, $this);
+	echo('</tr>');
+}
+?>
+</table>
+<?php $this->includeAtTemplateBase('includes/footer.php'); ?>
\ No newline at end of file
diff --git a/modules/ldapstatus/www/index.php b/modules/ldapstatus/www/index.php
new file mode 100644
index 000000000..196d99507
--- /dev/null
+++ b/modules/ldapstatus/www/index.php
@@ -0,0 +1,117 @@
+<?php
+
+
+$config = SimpleSAML_Configuration::getInstance();
+$ldapconfig = $config->copyFromBase('loginfeide', 'config-login-feide.php');
+
+
+$orgs = $ldapconfig->getValue('orgldapconfig');
+
+#echo '<pre>'; print_r($orgs); exit;
+
+function checkConfig($conf, $req) {
+	$err = array();
+	foreach($req AS $r) {
+		if (!array_key_exists($r, $conf)) $err[] = $r;
+	}
+	if (count($err) > 0) {
+		return array(FALSE, 'Missing: ' . join(', ', $err));
+	}
+	return array(TRUE, NULL);	
+}
+
+$results = array();
+
+foreach ($orgs AS $orgkey => $orgconfig) {
+
+	$results[$orgkey] = array();
+	
+
+	$results[$orgkey]['config'] = checkConfig($orgconfig, array('description', 'searchbase', 'hostname', 'attributes'));
+	$results[$orgkey]['configMeta'] = checkConfig($orgconfig, array('enable_tls', 'testUser', 'testPassword', 'contactMail', 'contactURL'));
+	
+	$url = parse_url($orgconfig['hostname']);
+// print_r($orgconfig['hostname']);
+// print_r($url); exit;
+	$pingreturn = NULL;
+	$pingoutput = NULL;
+	exec('ping -o -t 1 -c 1 ' . escapeshellcmd($url['host']), $pingoutput, $pingreturn);
+#	echo $pingreturn; exit;
+	if ($pingreturn == '0') {
+		$results[$orgkey]['ping'] = array(TRUE,join("\r\n", $pingoutput));
+	} else {
+		$results[$orgkey]['ping'] = array(FALSE,join("\r\n", $pingoutput));
+		continue;
+	}
+	
+	#continue;
+	
+	// LDAP Connect
+	try {
+		$ldap = new SimpleSAML_Auth_LDAP($orgconfig['hostname'], $orgconfig['enable_tls']);
+		$results[$orgkey]['connect'] = array(TRUE,NULL);
+	} catch (Exception $e) {
+		$results[$orgkey]['connect'] = array(FALSE,$e->getMessage());
+		continue;
+	}
+
+	// Bind as admin user
+	if (isset($orgconfig['adminUser'])) {
+		try {
+			$ldap->bind($orgconfig['adminUser'], $orgconfig['adminPassword']);
+			$results[$orgkey]['adminBind'] = array(TRUE,NULL);
+		} catch (Exception $e) {
+			$results[$orgkey]['adminBind'] = array(FALSE,$e->getMessage());
+			continue;
+		}
+	}
+	
+	
+	$eppn = 'test@feide.no';
+	// Search for bogus user
+	try {
+		$dn = $ldap->searchfordn($orgconfig['searchbase'], 'eduPersonPrincipalName', $eppn, TRUE);
+		$results[$orgkey]['ldapSearchBogus'] = array(TRUE,NULL);
+	} catch (Exception $e) {
+		$results[$orgkey]['ldapSearchBogus'] = array(FALSE,$e->getMessage());
+		continue;
+	}
+
+
+	// If test user is available
+	if (array_key_exists('testUser', $orgconfig)) {
+
+		// Try to search for DN of test account
+		try {
+			$dn = $ldap->searchfordn($orgconfig['searchbase'], 'eduPersonPrincipalName', $eppn);
+			$results[$orgkey]['ldapSearchTestUser'] = array(TRUE,NULL);
+		} catch (Exception $e) {
+			$results[$orgkey]['ldapSearchTestUser'] = array(FALSE,$e->getMessage());
+			continue;
+		}
+		
+		if ($ldap->bind($orgconfig['testUser'], $orgconfig['testPassword'])) {
+			$results[$orgkey]['ldapBindTestUser'] = array(TRUE,NULL);
+			
+		} else {
+			$results[$orgkey]['ldapBindTestUser'] = array(FALSE,NULL);
+			continue;
+		}
+
+		try {
+			$attributes = $ldap->getAttributes($dn, $orgconfig['attributes'], $ldapconfig->getValue('attributesize.max', NULL));
+			$results[$orgkey]['ldapGetAttributesTestUser'] = array(TRUE,NULL);
+		} catch(Exception $e) {
+			$results[$orgkey]['ldapGetAttributesTestUser'] = array(FALSE,$e->getMessage());
+		}
+	}
+}
+#echo '<pre>'; print_r($results); exit;
+
+$t = new SimpleSAML_XHTML_Template($config, 'ldapstatus:ldapstatus.php');
+$t->data['results'] = $results;
+$t->data['orgconfig'] = $orgs;
+$t->show();
+exit;
+
+?>
-- 
GitLab