refactor(ldap)!: migrate to symfony/ldap#1324
Draft
JohnVillalovos wants to merge 1 commit intodevelopfrom
Draft
Conversation
JohnVillalovos
force-pushed
the
jlvillal/symfony_ldap
branch
from
a465a88 to
9f5a5ce
Compare
Contributor
There was a problem hiding this comment.
Pull request overview
Migrates the LDAP authentication plugin from the deprecated pear/net_ldap2 implementation to symfony/ldap, updating configuration handling, LDAP entry usage, and documentation accordingly.
Changes:
- Replace
Ldap2Wrapperwith a newSymfonyLdapWrapperbuilt on Symfony’s ext-ldap adapter. - Refactor LDAP connection configuration to use a required
uriconnection string (reject legacyhost/port) and add user-id attribute validation. - Update LDAP user mapping to use
Symfony\Component\Ldap\Entry, and adjust docs/composer dependency.
Reviewed changes
Copilot reviewed 9 out of 10 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| tests/Plugins/Authentication/Ldap/LdapTest.php | Updates tests to Symfony LDAP Entry and new options API; adds new validation test. |
| plugins/Authentication/Ldap/SymfonyLdapWrapper.php | Introduces the new Symfony-based LDAP wrapper for connect/auth/search/group handling. |
| plugins/Authentication/Ldap/namespace.php | Switches plugin includes from Ldap2Wrapper to SymfonyLdapWrapper. |
| plugins/Authentication/Ldap/LdapUser.php | Migrates LDAP entry handling from Net_LDAP2 entries to Symfony Entry. |
| plugins/Authentication/Ldap/LdapOptions.php | Replaces Ldap2Config() with GetConnectionConfig() and enforces uri-based configuration. |
| plugins/Authentication/Ldap/Ldap2Wrapper.php | Removes the deprecated Net_LDAP2-based wrapper. |
| plugins/Authentication/Ldap/Ldap.php | Wires the plugin to use SymfonyLdapWrapper by default. |
| docs/source/LDAP-Authentication.rst | Updates installation and configuration docs to reference symfony/ldap. |
| composer.json | Replaces pear/net_ldap2 dependency with symfony/ldap. |
Comment on lines
5
to
7
| require_once(ROOT_DIR . 'plugins/Authentication/Ldap/namespace.php'); | ||
| use Symfony\Component\Ldap\Entry; | ||
|
|
There was a problem hiding this comment.
use Symfony\Component\Ldap\Entry; is placed after a require_once statement. In PHP, use imports must appear before any non-declare code at the top level, otherwise this will cause a parse error. Move the use statement above the require_once, or instantiate via the fully-qualified class name instead.
Suggested change
| require_once(ROOT_DIR . 'plugins/Authentication/Ldap/namespace.php'); | |
| use Symfony\Component\Ldap\Entry; | |
| use Symfony\Component\Ldap\Entry; | |
| require_once(ROOT_DIR . 'plugins/Authentication/Ldap/namespace.php'); |
| $options = new LdapOptions(); | ||
|
|
||
| $this->expectException(RuntimeException::class); | ||
| $this->expectExceptionMessage('Invalid LDAP attribute name for user.id.attribute'); |
There was a problem hiding this comment.
This test expects the exception message to equal Invalid LDAP attribute name for user.id.attribute, but LdapOptions::GetUserIdAttribute() throws Invalid LDAP attribute name for user.id.attribute: '<value>' (includes the invalid attribute). Update the expectation to match the full message, or use a regex-based matcher.
Suggested change
| $this->expectExceptionMessage('Invalid LDAP attribute name for user.id.attribute'); | |
| $this->expectExceptionMessage("Invalid LDAP attribute name for user.id.attribute: 'uid)(|(cn=*))'"); |
JohnVillalovos
force-pushed
the
jlvillal/symfony_ldap
branch
3 times, most recently
from
798eec4 to
b73e329
Compare
Switch the LDAP authentication plugin from the pear/net_ldap2 library to symfony/ldap. This removes the deprecated Net_LDAP2-based implementation and replaces it with a new SymfonyLdapWrapper. Key changes: - Add symfony/ldap to composer.json requirements - Replace Ldap2Wrapper with SymfonyLdapWrapper using the Symfony LDAP client - Replace LdapOptions::Ldap2Config() with GetConnectionConfig() returning a structured array with a connectionString instead of a host array - Update LdapUser to use Symfony\Component\Ldap\Entry instead of Net_LDAP2_Entry - Add type declarations throughout LdapOptions, LdapUser, and LdapTest - Add GetUserIdAttribute() validation to prevent LDAP injection via attribute name BREAKING CHANGE: pear/net_ldap2 is no longer used; remove it from your installation. The 'uri' config key is required (host/port are rejected).
JohnVillalovos
force-pushed
the
jlvillal/symfony_ldap
branch
from
b73e329 to
d919870
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Switch the LDAP authentication plugin from the pear/net_ldap2 library to symfony/ldap. This removes the deprecated Net_LDAP2-based implementation and replaces it with a new SymfonyLdapWrapper.
Key changes:
BREAKING CHANGE: pear/net_ldap2 is no longer used; remove it from your installation. The 'uri' config key is required (host/port are rejected).