PHP Class LdapTools\Utilities\LdapUtilities

Author: Chad Sikorra ([email protected])

Show file Open project: ldaptools/ldaptools Class Usage Examples

Public Methods

Method	Description
encode ( string $value, string $toEncoding ) : string	Encode a string for LDAP with a specific encoding type.
escapeValue ( mixed $value, null \| string $ignore = null, null \| integer $flags = null ) : string	Escape any special characters for LDAP to their hexadecimal representation.
explodeDn ( string $dn, integer $withAttributes = 1 ) : array	Converts a string distinguished name into its separate pieces.
getAliasAndAttribute ( string $attribute ) : array	Given an attribute, split it between its alias and attribute. This will return an array where the first value is the alias and the second is the attribute name. If there is no alias then the first value will be null.
getLdapServersForDomain ( string $domain ) : string[]	Get an array of all the LDAP servers for a domain by querying DNS.
getLdapSslCertificates ( string $server, integer $port = 389 ) : array	Get an array containing the SSL certificates of the LDAP server. This runs over the standard LDAP port and initiates a TlsStart operation.
getRdnFromDn ( string $dn ) : string	Given a full escaped DN return the RDN in escaped form.
implodeDn ( array $dn ) : string	Given a DN as an array in ['cn=Name', 'ou=Employees', 'dc=example', 'dc=com'] form, return it as its string representation that is safe to pass back to a query or to save back to LDAP for a DN.
isBinary ( string $value ) : boolean	Check if a string contains non-printable, and likely binary, data. There is no easy way to do this, as there can really only be a best effort attempt to detect it.
isValidAttributeFormat ( string $value ) : boolean	Determine whether a value is a valid attribute name or OID. The name should meet the format described in RFC 2252.
isValidGuid ( string $value ) : boolean	Determine whether a value is in valid GUID format.
isValidLdapObjectDn ( string $dn ) : boolean	Given a string, try to determine if it is a valid distinguished name for a LDAP object. This is a somewhat unsophisticated approach. A regex might be a better solution, but would probably be rather difficult to get right.
isValidSid ( string $value ) : boolean	Determine whether a value is in SID format.
sanitizeAttributeArray ( array $attributes ) : array	Sanitizes certain values in an attribute key => value array to make them safe for logging (ie. mask passwords, replace binary data).
sanitizeBatchArray ( array $batches ) : array	Sanitizes certain values in a batch array to make them safe for logging (ie. mask passwords, replace binary data).
unescapeValue ( string $value ) : string	Un-escapes a value from its hexadecimal form back to its string representation.
uuid4 ( ) : string	Generate a UUIDv4 string.

Method Details

encode() public static method

Encode a string for LDAP with a specific encoding type.

public static encode ( string $value, string $toEncoding ) : string
$value	string	The value to encode.
$toEncoding	string	The encoding type to use (ie. UTF-8)
return	string	The encoded value.

escapeValue() public static method

Escape any special characters for LDAP to their hexadecimal representation.

public static escapeValue ( mixed $value, null \| string $ignore = null, null \| integer $flags = null ) : string
$value	mixed	The value to escape.
$ignore	null \| string	The characters to ignore.
$flags	null \| integer	The context for the escaped string. LDAP_ESCAPE_FILTER or LDAP_ESCAPE_DN.
return	string	The escaped value.

explodeDn() public static method

Converts a string distinguished name into its separate pieces.

public static explodeDn ( string $dn, integer $withAttributes = 1 ) : array
$dn	string
$withAttributes	integer	Set to 0 to get the attribute names along with the value.
return	array

getAliasAndAttribute() public static method

ie. list($alias, $attribute) = LdapUtilities::getAliasAndAttribute($attribute);

public static getAliasAndAttribute ( string $attribute ) : array
$attribute	string
return	array

getLdapServersForDomain() public static method

Get an array of all the LDAP servers for a domain by querying DNS.

public static getLdapServersForDomain ( string $domain ) : string[]
$domain	string	The domain name to query.
return	string[]

getLdapSslCertificates() public static method

Get an array containing the SSL certificates of the LDAP server. This runs over the standard LDAP port and initiates a TlsStart operation.

public static getLdapSslCertificates ( string $server, integer $port = 389 ) : array
$server	string	The server name to connect to
$port	integer	The standard LDAP port
return	array	In the form of ['peer_certificate' => '', 'peer_certificate_chain' => []]

getRdnFromDn() public static method

Given a full escaped DN return the RDN in escaped form.

public static getRdnFromDn ( string $dn ) : string
$dn	string
return	string

implodeDn() public static method

Given a DN as an array in ['cn=Name', 'ou=Employees', 'dc=example', 'dc=com'] form, return it as its string representation that is safe to pass back to a query or to save back to LDAP for a DN.

public static implodeDn ( array $dn ) : string
$dn	array
return	string

isBinary() public static method

Check if a string contains non-printable, and likely binary, data. There is no easy way to do this, as there can really only be a best effort attempt to detect it.

public static isBinary ( string $value ) : boolean
$value	string
return	boolean

isValidAttributeFormat() public static method

However, the regex is fairly forgiving for each.

public static isValidAttributeFormat ( string $value ) : boolean
$value	string
return	boolean

isValidGuid() public static method

Determine whether a value is in valid GUID format.

public static isValidGuid ( string $value ) : boolean
$value	string
return	boolean

isValidLdapObjectDn() public static method

Given a string, try to determine if it is a valid distinguished name for a LDAP object. This is a somewhat unsophisticated approach. A regex might be a better solution, but would probably be rather difficult to get right.

public static isValidLdapObjectDn ( string $dn ) : boolean
$dn	string
return	boolean

isValidSid() public static method

Determine whether a value is in SID format.

public static isValidSid ( string $value ) : boolean
$value	string
return	boolean

sanitizeAttributeArray() public static method

Sanitizes certain values in an attribute key => value array to make them safe for logging (ie. mask passwords, replace binary data).

public static sanitizeAttributeArray ( array $attributes ) : array
$attributes	array
return	array

sanitizeBatchArray() public static method

Sanitizes certain values in a batch array to make them safe for logging (ie. mask passwords, replace binary data).

public static sanitizeBatchArray ( array $batches ) : array
$batches	array
return	array

unescapeValue() public static method

Un-escapes a value from its hexadecimal form back to its string representation.

public static unescapeValue ( string $value ) : string
$value	string
return	string

uuid4() public static method

Generate a UUIDv4 string.

public static uuid4 ( ) : string
return	string