2 if (!isset($_SERVER["REMOTE_USER"])) {
5 $ldap_user = $_SERVER["REMOTE_USER"];
6 $ldap_host = getenv("TASKD_LDAP_HOST");
7 $ldap_dn = getenv('TASKD_LDAP_DN');
8 $ldap_password = getenv('TASKD_LDAP_PASSWORD');
9 $ldap_base = getenv('TASKD_LDAP_BASE');
10 $ldap_filter = getenv('TASKD_LDAP_FILTER');
11 $host = getenv('TASKD_HOST');
12 $vardir = getenv('TASKD_VARDIR');
14 $connect = ldap_connect($ldap_host);
15 ldap_set_option($connect, LDAP_OPT_PROTOCOL_VERSION
, 3);
16 if (!$connect || !ldap_bind($connect, $ldap_dn, $ldap_password)) {
17 die("impossible to connect to LDAP");
20 $search_query = str_replace('%login%', ldap_escape($ldap_user), $ldap_filter);
22 $search = ldap_search($connect, $ldap_base, $search_query);
23 $info = ldap_get_entries($connect, $search);
25 if (ldap_count_entries($connect, $search) != 1) {
26 die("Impossible to find user in LDAP");
30 foreach($info[0]["immaetaskid"] as $key => $value) {
31 if ($key !== "count") {
32 $entries[] = explode(":", $value);
36 if (isset($_GET["file"])) {
37 $basecert = $vardir . "/userkeys/" . $ldap_user;
38 if (!file_exists($basecert . ".cert.pem")) {
39 exec("taskserver-user-certs $ldap_user");
41 $certificate = file_get_contents($basecert . ".cert
.pem
");
42 $cert_key = file_get_contents($basecert . ".key
.pem
");
44 // IdenTrust DST Root CA X3
45 // obtained here: https://letsencrypt.org/fr/certificates/
46 $server_cert = "-----BEGIN CERTIFICATE
-----
47 MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA
/
48 MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
49 DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow
50 PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD
51 Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
52 AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM
/IUmTrE4O
53 rz5Iy2Xu
/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq
54 OLl5CjH9UL2AZd+
3UWODyOKIYepLYYHsUmu
5ouJLGiifSKOeDNoJjj
4XLh
7dIN
9b
55 xiqKqy69cK3FCxolkHRyxXtqqzTWMIn
/5WgTe1QLyNau7Fqckh49ZLOMxt+
/yUFw
56 7BZy1SbsOFU5Q9D8
/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD
57 aeQQmxkqtilX4+U9m5
/wAl0CAwEAAaNCMEAwDwYDVR0TAQH
/BAUwAwEB
/zAOBgNV
58 HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX
/xBVghYkQMA0GCSqG
59 SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69
60 ikugdB
/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+
5v3gTt23ADq1cEmv8uXr
61 AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz
62 R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir
/md2cXjbDaJWFBM5
63 JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo
64 Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ
65 -----END CERTIFICATE
-----";
67 $file = $_GET["file
"];
70 $content = $server_cert;
71 $name = "ca
.cert
.pem
";
72 $type = "application
/x
-x509
-ca
-cert
";
75 $content = $certificate;
76 $name = $ldap_user . ".cert
.pem
";
77 $type = "application
/x
-x509
-ca
-cert
";
81 $name = $ldap_user . ".key
.pem
";
82 $type = "application
/x
-x509
-ca
-cert
";
85 foreach ($entries as $entry) {
86 list($org, $user, $key) = $entry;
87 if ($key == $_GET["key
"]) { break; }
89 $name = $user . ".mirakel
";
91 $content = "username
: $user
104 die("invalid file name
");
108 header("Content
-Type
: $type");
109 header('Content-Disposition: attachment; filename="' . $name . '"');
110 header('Content-Transfer-Encoding: binary');
111 header('Accept-Ranges: bytes');
112 header('Cache-Control: private');
113 header('Pragma: private');
120 <title
>Taskwarrior configuration
</title
>
124 <li
><a href
="?file=ca.cert.pem">ca
.cert
.pem
</a
></li
>
125 <li
><a href
="?file=cert.pem"><?php
echo $ldap_user; ?>.cert
.pem
</a
></li
>
126 <li
><a href
="?file=key.pem"><?php
echo $ldap_user; ?>.key
.pem
</a
></li
>
128 For command line
interface, download the files
, put them near your Taskwarrior
129 configuration files
, and add that to your Taskwarrior configuration
:
131 taskd
.certificate
=/path
/to
/<?php
echo $ldap_user; ?>.cert
.pem
132 taskd
.key
=/path
/to
/<?php
echo $ldap_user; ?>.key
.pem
133 taskd
.server
=<?php
echo $host ."\n"; ?>
134 <?php
if (count($entries) > 1) {
135 echo "# Chose one of them\n";
136 foreach($entries as $entry) {
137 list($org, $user, $key) = $entry;
138 echo "# taskd.credentials=$org/$user/$key\n";
141 taskd
.credentials
=<?php
echo $entries[0][0]; ?>/<?php
echo $entries[0][1]; ?>/<?php
echo $entries[0][2]; ?>
143 taskd
.ca
=/path
/to
/ca
.cert
.pem
145 For Mirakel
, download
and import the file
:
148 foreach ($entries as $entry) {
149 list($org, $user, $key) = $entry;
150 echo '<li><a href="?file=mirakel&key='.$key.'">' . $user . '.mirakel</a></li>';
154 For Android Taskwarrior app
, see instructions
<a href
="https://bitbucket.org/kvorobyev/taskwarriorandroid/wiki/Configuration">here
</a
>.