Symfony 3 Update

.gitignore

@@ -1 +1,2 @@
 *~
+/.DS_Store

Controller/DefaultController.php

@@ -12,6 +12,7 @@
 
 use Symfony\Bundle\FrameworkBundle\Controller\Controller;
 
+use Symfony\Component\Security\Core\Security;
 use Symfony\Component\Security\Core\SecurityContext;
 
 class DefaultController extends Controller
@@ -21,25 +22,25 @@ public function loginAction()
         $error = $this->getAuthenticationError();
 
         return $this->render('IMAGLdapBundle:Default:login.html.twig', array(
-            'last_username' => $this->get('request')->getSession()->get(SecurityContext::LAST_USERNAME),
+            'last_username' => $this->get('request_stack')->getCurrentRequest()->getSession()->get(Security::LAST_USERNAME),
             'error'         => $error,
             'token'         => $this->generateToken(),
         ));
     }
 
     protected function getAuthenticationError()
     {
-        if ($this->get('request')->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
-            return $this->get('request')->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
+        if ($this->get('request_stack')->getCurrentRequest()->attributes->has(Security::AUTHENTICATION_ERROR)) {
+            return $this->get('request_stack')->getCurrentRequest()->attributes->get(Security::AUTHENTICATION_ERROR);
         }
 
-        return $this->get('request')->getSession()->get(SecurityContext::AUTHENTICATION_ERROR);
+        return $this->get('request_stack')->getCurrentRequest()->getSession()->get(Security::AUTHENTICATION_ERROR);
     }
 
     protected function generateToken()
     {
-        $token = $this->get('form.csrf_provider')
-                      ->generateCsrfToken('authenticate');
+        $token = $this->get('security.csrf.token_manager')
+                      ->getToken('authenticate');
 
         return $token;
     }

DependencyInjection/Configuration.php

@@ -42,6 +42,7 @@ private function addClientNode()
               ->scalarNode('referrals_enabled')->end()
               ->scalarNode('network_timeout')->end()
               ->booleanNode('skip_roles')->defaultFalse()->end()
+              ->booleanNode('active_directory')->defaultFalse()->end()
            ->end()
           ;
 

EventListener/LdapListener.php

@@ -3,23 +3,25 @@
 namespace IMAG\LdapBundle\EventListener;
 
 use Symfony\Component\EventDispatcher\EventDispatcherInterface,
-    Symfony\Component\Form\Extension\Csrf\CsrfProvider\CsrfProviderInterface,
     Symfony\Component\HttpFoundation\Request,
     Psr\Log\LoggerInterface,
     Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface,
     Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken,
     Symfony\Component\Security\Core\Exception\InvalidCsrfTokenException,
-    Symfony\Component\Security\Core\SecurityContextInterface,
     Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface,
     Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface,
     Symfony\Component\Security\Http\Firewall\AbstractAuthenticationListener,
     Symfony\Component\Security\Http\HttpUtils,
     Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface
 ;
+use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
+use Symfony\Component\Security\Core\Security;
+use Symfony\Component\Security\Csrf\CsrfToken;
+use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
 
 class LdapListener extends AbstractAuthenticationListener
 {
-    public function __construct(SecurityContextInterface $securityContext,
+    public function __construct(TokenStorageInterface $securityContext,
                                 AuthenticationManagerInterface $authenticationManager,
                                 SessionAuthenticationStrategyInterface $sessionStrategy,
                                 HttpUtils $httpUtils,
@@ -29,7 +31,7 @@ public function __construct(SecurityContextInterface $securityContext,
                                 array $options = array(),
                                 LoggerInterface $logger = null,
                                 EventDispatcherInterface $dispatcher = null,
-                                CsrfProviderInterface $csrfProvider = null)
+                                CsrfTokenManagerInterface $csrfProvider = null)
     {
         parent::__construct(
             $securityContext,
@@ -76,17 +78,16 @@ public function attemptAuthentication(Request $request)
         }
 
         if (null !== $this->csrfProvider) {
-            $csrfToken = $request->get($this->options['csrf_parameter'], null, true);
-
-            if (false === $this->csrfProvider->isCsrfTokenValid($this->options['intention'], $csrfToken)) {
+            $csrfToken = $request->get($this->options['csrf_parameter']);
+            if (false === $this->csrfProvider->isTokenValid($csrfToken)) {
                 throw new InvalidCsrfTokenException('Invalid CSRF token.');
             }
         }
 
-        $username = trim($request->get($this->options['username_parameter'], null, true));
-        $password = $request->get($this->options['password_parameter'], null, true);
+        $username = trim($request->get($this->options['username_parameter']));
+        $password = $request->get($this->options['password_parameter']);
 
-        $request->getSession()->set(SecurityContextInterface::LAST_USERNAME, $username);
+        $request->getSession()->set(Security::LAST_USERNAME, $username);
 
         return $this->authenticationManager->authenticate(new UsernamePasswordToken($username, $password, $this->providerKey));
     }

Factory/LdapFactory.php

@@ -48,19 +48,26 @@ protected function getListenerId()
     protected function createAuthProvider(ContainerBuilder $container, $id, $config, $userProviderId)
     {
         $dao = 'security.authentication.provider.dao.'.$id;
-        $container
+        //$container
+        $definition=$container
             ->setDefinition($dao, new DefinitionDecorator('security.authentication.provider.dao'))
             ->replaceArgument(0, new Reference($userProviderId))
             ->replaceArgument(2, $id)
         ;
-
+        if(floatval(\Symfony\Component\HttpKernel\Kernel::VERSION) > 2.7){
+	/* symfony 2.8 security fix */
+        if ($container->hasDefinition('security.user_checker')) {
+            $definition->replaceArgument(1, new Reference('security.user_checker.'.$id));
+        }
+        /* end of security fix */
+	}
         $provider = 'imag_ldap.security.authentication.provider.'.$id;
         $container
             ->setDefinition($provider, new DefinitionDecorator('imag_ldap.security.authentication.provider'))
             ->replaceArgument(0, new Reference($userProviderId))
             ->replaceArgument(1, new Reference($dao))
             ->replaceArgument(4, $id)
-            ;
+        ;
 
         return $provider;
     }

IMAGLdapBundle.php

@@ -26,9 +26,10 @@ class IMAGLdapBundle extends Bundle
 {
     public function boot()
     {
-        if (!function_exists('ldap_connect')) {
-            throw new \Exception("module php-ldap isn't install");
-        }
+        // Commented by svajiraya to prevent app crashing in IIS environments like Azure.
+        // if (!function_exists('ldap_connect')) {
+        //     throw new \Exception("module php-ldap isn't install");
+        // }
     }
 
     /**

Manager/LdapManagerUser.php

@@ -130,7 +130,12 @@ public function getUsername()
 
     public function getRoles()
     {
-        return $this->ldapUser['roles'];
+        if(true === $this->params['client']['active_directory']){
+            return $this->ldapUser['memberof'];
+        }
+        else{
+            return $this->ldapUser['roles'];
+        }
     }
 
     public function setUsername($username)

README.md

@@ -1,11 +1,15 @@
+# Support
+
+Dropping support for symfony versions < 3.0. Recent patches might not be compatible with versions lower than 3.0 since some of the core methods were deprecated and removed from this package. 
+
 # LdapBundle
 
 LdapBundle provides LDAP authentication without using Apache's `mod_ldap`. The bundle instead relies on PHP's [LDAP extension](http://php.net/manual/en/book.ldap.php) along with a form to authenticate users. LdapBundle can also be used for authorization by retrieving the user's roles defined in LDAP.
 
-## Contact
-
-Nick: aways
-IRC: irc.freenode.net - #symfony-fr
+## Credits 
+This Bundle was originally created by BorisMorel. Since this bundle is used frequently in almost all our projects, and since the original bundle was not being maintained by anyone we have tried to add 
+our own mods to the project. Anyone is free to use this bundle and modify it as they please. I will try to keep this bundle upto date, but with my busy schedule that may not the case all the time.
+if you do manage to update the project, please submit a pull request and I would be happy to examine and merge it. 
 
 ## Install
 
@@ -26,11 +30,19 @@ Add LdapBundle in your project's `composer.json`
 ```json
 {
     "require": {
-        "imag/ldap-bundle": "dev-master"
+        "svajiraya/ldap-bundle": "dev-master"
     }
 }
 ```
 
+or
+
+``` shell
+
+composer require svajiraya/ldap-bundle
+
+```
+
 ### Enable the Bundle
 
 ``` php

Resources/config/routing.yml

@@ -1,11 +1,10 @@
 login:
-  pattern:              /login
+  path:              /login
   defaults:             { _controller: IMAGLdapBundle:Default:login }
-  requirements:
-    _method:            GET
+  methods:            [GET]
 
 login_check:
-  pattern:              /login_check
+  path:              /login_check
 
 logout:
-  pattern:              /logout
+  path:              /logout

Resources/config/security_ldap.xml

@@ -45,7 +45,7 @@
 
     <service id="imag_ldap.security.authentication.listener" class="%imag_ldap.security.authentication.listener.class%" public="false">
       <tag name="monolog.logger" channel="security" />
-      <argument type="service" id="security.context" />
+      <argument type="service" id="security.token_storage" />
       <argument type="service" id="security.authentication.manager" />
       <argument type="service" id="security.authentication.session_strategy" />
       <argument type="service" id="security.http_utils" />

composer.json

@@ -1,40 +1,19 @@
 {
-    "name": "imag/ldap-bundle",
-    "description": "LDAP Bundle for Symfony 2",
-    "homepage": "http://github.com/BorisMorel/LdapBundle",
-    "license": "CeCILL",
+    "name": "svajiraya/ldap-bundle",
+    "description": "LDAP Bundle for Symfony 3.0+",
+    "homepage": "http://github.com/svajiraya/LdapBundle",
+    "license": "MIT",
     "authors": [
         {
-            "name": "Boris Morel",
-            "email": "[email protected]",
+            "name": "Subramanya Vajiraya",
             "role": "Developer",
-            "homepage" : "https://github.com/BorisMorel"
-        },
-        {
-            "name": "Juti Noppornpitak",
-            "email": "[email protected]",
-            "role": "Fork Maintainer",
-            "homepage": "https://github.com/instaclick"
-        },
-        {
-            "name": "John Kary",
-            "email": "[email protected]",
-            "role": "Fork Maintainer",
-            "homepage": "https://github.com/johnkary"
-        },
-        {
-            "name": "Shiroyuki",
-            "role": "Fork Maintainer",
-            "homepage": "https://github.com/shiroyuki"
+            "homepage": "https://github.com/svajiraya"
         }
     ],
-    "support": {
-        "irc": "irc://irc.freenode.org/sf-grenoble"
-    },
     "require": {
         "php": ">=5.3.3",
         "ext-ldap": "*",
-        "symfony/symfony": ">2.0"
+        "symfony/symfony": ">3.0"
     },
     "autoload": {
         "psr-0": { "IMAG\\LdapBundle": "" }