view release on metacpan or  search on metacpan

lib/Auth/ActiveDirectory.pm  view on Meta::CPAN

package Auth::ActiveDirectory;

=head1 NAME

Auth::ActiveDirectory - Authentication module for MS ActiveDirectory

=head1 VERSION

Version 0.02

=cut

our $VERSION = '0.02';

use strict;
use warnings FATAL => 'all';
use Net::LDAP qw[];
use Net::LDAP::Constant qw[LDAP_INVALID_CREDENTIALS];
my $ErrorCodes = {
    '525' => { error => 'user not found' },
    '52e' => { error => 'invalid credentials' },
    '530' => { error => 'not permitted to logon at this time' },
    '531' => { error => 'not permitted to logon at this workstation' },
    '532' => { error => 'password expired' },
    '533' => { error => 'data 533' },
    '701' => { error => 'account expired' },
    '773' => { error => 'user must reset password' },
    '775' => { error => 'user account locked' },
    '534' => {
        error       => 'account disabled',
        description => 'The user has not been granted the requested logon type at this machine'
    },
};

=head1 SUBROUTINES/METHODS

=cut

{

=head2 _ad2unixtimestamp

This value represents the number of 100-nanosecond intervals since January 1, 1601 (UTC).
https://msdn.microsoft.com

ad_timestamp / nanoseconds - offset to 1601

=cut

    sub _ad2unixtimestamp { $_[0] / 10000000 - 11644473600 }

=head2 _create_connection

=cut

    sub _create_connection {
        my ( $host, $port, $timeout ) = @_;
        return Net::LDAP->new( $host, port => $port || 389, timeout => $timeout || 60 ) || sub {
            die qq/Failed to connect to '$host'. Reason: '$@'/;
            return;
        };
    }

=head2 _v_is_error

=cut

    sub _v_is_error {
        my ( $message, $s_user ) = @_;
        return 0 if ( !$message->is_error );
        my $error = $message->error;
        my $level = $message->code == LDAP_INVALID_CREDENTIALS ? 'debug' : 'error';
        die qq/Failed to authenticate user '$s_user'. Reason: '$error'/;
        return 1;
    }

=head2 _parse_error_message

=cut

    sub _parse_error_message {