lemonldap-ng/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Password/AD.pm

package Lemonldap::NG::Portal::Password::AD;

use strict;
use Mouse;
use Lemonldap::NG::Portal::Main::Constants qw(
  PE_PASSWORD_OK
  PE_LDAPERROR
  PE_LDAPCONNECTFAILED
  PE_ERROR
);

extends 'Lemonldap::NG::Portal::Lib::LDAP',
  'Lemonldap::NG::Portal::Password::Base';

our $VERSION = '2.1.0';

sub init {
    my ($self) = @_;
    $self->ldap
      and $self->filter
      and $self->Lemonldap::NG::Portal::Password::Base::init;
}

# Confirmation is done by Lib::Net::LDAP::userModifyPassword
sub confirm {
    return 1;
}

sub modifyPassword {
    my ( $self, $req, $pwd ) = @_;
    my $dn = $req->userData->{_dn} || $req->sessionInfo->{_dn};
    unless ($dn) {
        $self->logger->error('"dn" is not set, aborting password modification');
        return PE_ERROR;
    }

    # Ensure connection is valid
    $self->bind;
    return PE_LDAPCONNECTFAILED unless $self->ldap;

    # Call the modify password method
    my $code =
      $self->ldap->userModifyPassword( $dn, $pwd, $req->data->{oldpassword},
        1 );

    unless ( $code == PE_PASSWORD_OK ) {
        return $code;
    }

    # If force reset, set reset flag
    if ( $req->data->{forceReset} ) {
        my $result = $self->ldap->modify(
            $dn,
            replace => {
                'pwdLastSet' => '0'
            }
        );

        unless ( $result->code == 0 ) {
            $self->logger->error( "LDAP modify pwdLastSet error "
                  . $result->code . ": "
                  . $result->error );
            return PE_LDAPERROR;
        }

        $self->logger->debug("pwdLastSet set to 0");
    }

    return $code;
}

1;
Add AD password module (#1530) 2018-10-29 18:35:25 +01:00			`package Lemonldap::NG::Portal::Password::AD;`

			`use strict;`
			`use Mouse;`
Make Password::LDAP/AD check connection before use (#1909) Also remove a mostly redundant wrapper method in Auth::LDAP 2019-10-01 19:17:31 +02:00			`use Lemonldap::NG::Portal::Main::Constants qw(`
			`PE_PASSWORD_OK`
			`PE_LDAPERROR`
			`PE_LDAPCONNECTFAILED`
			`PE_ERROR`
			`);`
Add AD password module (#1530) 2018-10-29 18:35:25 +01:00
			`extends 'Lemonldap::NG::Portal::Lib::LDAP',`
			`'Lemonldap::NG::Portal::Password::Base';`

Set master version to 2.1.0 2019-02-12 18:21:38 +01:00			`our $VERSION = '2.1.0';`
Add AD password module (#1530) 2018-10-29 18:35:25 +01:00
			`sub init {`
			`my ($self) = @_;`
			`$self->ldap`
			`and $self->filter`
			`and $self->Lemonldap::NG::Portal::Password::Base::init;`
			`}`

			`# Confirmation is done by Lib::Net::LDAP::userModifyPassword`
			`sub confirm {`
			`return 1;`
			`}`

			`sub modifyPassword {`
			`my ( $self, $req, $pwd ) = @_;`
			`my $dn = $req->userData->{_dn} \|\| $req->sessionInfo->{_dn};`
			`unless ($dn) {`
			`$self->logger->error('"dn" is not set, aborting password modification');`
			`return PE_ERROR;`
			`}`

Make Password::LDAP/AD check connection before use (#1909) Also remove a mostly redundant wrapper method in Auth::LDAP 2019-10-01 19:17:31 +02:00			`# Ensure connection is valid`
			`$self->bind;`
			`return PE_LDAPCONNECTFAILED unless $self->ldap;`

Add AD password module (#1530) 2018-10-29 18:35:25 +01:00			`# Call the modify password method`
			`my $code =`
			`$self->ldap->userModifyPassword( $dn, $pwd, $req->data->{oldpassword},`
			`1 );`

			`unless ( $code == PE_PASSWORD_OK ) {`
			`return $code;`
			`}`

			`# If force reset, set reset flag`
			`if ( $req->data->{forceReset} ) {`
			`my $result = $self->ldap->modify(`
			`$dn,`
			`replace => {`
			`'pwdLastSet' => '0'`
			`}`
			`);`

			`unless ( $result->code == 0 ) {`
Better logs in case of a LDAP error 2019-09-30 17:19:57 +02:00			`$self->logger->error( "LDAP modify pwdLastSet error "`
			`. $result->code . ": "`
			`. $result->error );`
Add AD password module (#1530) 2018-10-29 18:35:25 +01:00			`return PE_LDAPERROR;`
			`}`

			`$self->logger->debug("pwdLastSet set to 0");`
			`}`

			`return $code;`
			`}`

			`1;`