ILIAS Release_3_7_x_branch .rev 46817: Services/SOAPAuth/classes/class.ilSOAPAuth.php Source File

Go to the documentation of this file.
00001 <?php
00002 /*
00003         +-----------------------------------------------------------------------------+
00004         | ILIAS open source                                                           |
00005         +-----------------------------------------------------------------------------+
00006         | Copyright (c) 1998-2006 ILIAS open source, University of Cologne            |
00007         |                                                                             |
00008         | This program is free software; you can redistribute it and/or               |
00009         | modify it under the terms of the GNU General Public License                 |
00010         | as published by the Free Software Foundation; either version 2              |
00011         | of the License, or (at your option) any later version.                      |
00012         |                                                                             |
00013         | This program is distributed in the hope that it will be useful,             |
00014         | but WITHOUT ANY WARRANTY; without even the implied warranty of              |
00015         | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               |
00016         | GNU General Public License for more details.                                |
00017         |                                                                             |
00018         | You should have received a copy of the GNU General Public License           |
00019         | along with this program; if not, write to the Free Software                 |
00020         | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA. |
00021         +-----------------------------------------------------------------------------+
00022 */
00023 
00024 
00025 include_once("Auth.php");
00026 include_once("./webservice/soap/lib/nusoap.php");
00027 
00034 class ilSOAPAuth extends Auth
00035 {
00036         var             $valid  = array();
00037         
00042         function ilSOAPAuth($a_params)
00043         {
00044                 parent::Auth("");
00045                 
00046                 $this->server_hostname = $a_params["server_hostname"];
00047                 $this->server_port = (int) $a_params["server_port"];
00048                 $this->server_uri = $a_params["server_uri"];
00049                 $this->namespace = $a_params["namespace"];
00050                 $this->use_dotnet = $a_params["use_dotnet"];
00051                 if ($a_params["https"])
00052                 {
00053                         $this->https = true;
00054                         $uri = "https://";
00055                 }
00056                 else
00057                 {
00058                         $this->https = false;
00059                         $uri = "http://";
00060                 }
00061                 
00062                 $uri.= $this->server_hostname;
00063                 
00064                 if ($this->server_port > 0)
00065                 {
00066                         $uri.= ":".$this->server_port;
00067                 }
00068 
00069                 if ($this->server_uri != "")
00070                 {
00071                         $uri.= "/".$this->server_uri;
00072                 }
00073                 
00074                 $this->uri = $uri;
00075 
00076                 $this->soap_client = new soap_client($this->uri);
00077                 
00078                 if ($err = $this->soap_client->getError()) 
00079                 {
00080                         die("SOAP Authentication Initialisation Error: ".$err);
00081                 }
00082         }
00083         
00089         function validateSOAPUser($a_ext_uid, $a_soap_pw)
00090         {
00091                 // check whether external user exists in ILIAS database
00092                 $local_user = ilObjUser::_checkExternalAuthAccount("soap", $a_ext_uid);
00093                 
00094                 if ($local_user == "")
00095                 {
00096                         $new_user = true;
00097                 }
00098                 else
00099                 {
00100                         $new_user = false;
00101                 }
00102                 
00103                 $soapAction = "";
00104                 $nspref = "";
00105                 if ($this->use_dotnet)
00106                 {
00107                         $soapAction = $this->namespace."/isValidSession";
00108                         $nspref = "ns1:";
00109                 }
00110                 
00111                 $valid = $this->soap_client->call('isValidSession',
00112                         array($nspref.'ext_uid' => $a_ext_uid,
00113                                 $nspref.'soap_pw' => $a_soap_pw,
00114                                 $nspref.'new_user' => $new_user),
00115                         $this->namespace,
00116                         $soapAction);
00117 
00118                 // to do check SOAP error!?
00119                 $valid["local_user"] = $local_user;
00120                 
00121                 $this->valid = $valid;
00122                 
00123                 return $valid;
00124         }
00125         
00129         function getValidationData()
00130         {
00131                 return $this->valid;
00132         }
00133         
00140         function login()
00141         {
00142                 global $ilias, $rbacadmin, $lng, $ilSetting;
00143 
00144                 if (empty($_GET["ext_uid"]) || empty($_GET["soap_pw"]))
00145                 {
00146                         $this->status = AUTH_WRONG_LOGIN;
00147                         return;
00148                 }
00149 
00150                 $validation_data = $this->validateSoapUser($_GET["ext_uid"], $_GET["soap_pw"]);
00151                 
00152                 if (!$validation_data["valid"])
00153                 {
00154                         $this->status = AUTH_WRONG_LOGIN;
00155                         return;
00156                 }
00157                 
00158                 $local_user = $validation_data["local_user"];
00159                 
00160                 if ($local_user != "")
00161                 {
00162                         // to do: handle update of user
00163                         $this->setAuth($local_user);
00164                 }
00165                 else
00166                 {
00167                         if (!$ilSetting->get("soap_auth_create_users"))
00168                         {
00169                                 $this->status = AUTH_SOAP_NO_ILIAS_USER;
00170                                 $this->logout();
00171                                 return;
00172                         }
00173 //echo "1";
00174                         // try to map external user via e-mail to ILIAS user
00175                         if ($validation_data["email"] != "")
00176                         {
00177 //echo "2";
00178 //var_dump ($_POST);
00179                                 $email_user = ilObjUser::_getLocalAccountsForEmail($validation_data["email"]);
00180 
00181                                 // check, if password has been provided in user mapping screen
00182                                 // (see ilStartUpGUI::showUserMappingSelection)
00183                                 if ($_POST["LoginMappedUser"] != "")
00184                                 { 
00185                                         if (count($email_user) > 0)
00186                                         {
00187                                                 if (ilObjUser::_checkPassword($_POST["usr_id"], $_POST["password"]))
00188                                                 {
00189                                                         // password is correct -> map user
00190                                                         //$this->setAuth($local_user); (use login not id)
00191                                                         ilObjUser::_writeExternalAccount($_POST["usr_id"], $_GET["ext_uid"]);
00192                                                         ilObjUser::_writeAuthMode($_POST["usr_id"], "soap");
00193                                                         $_GET["cmd"] = $_POST["cmd"] = $_GET["auth_stat"]= "";
00194                                                         $local_user = ilObjUser::_lookupLogin($_POST["usr_id"]);
00195                                                         $this->status = "";
00196                                                         $this->setAuth($local_user);
00197                                                         return;
00198                                                 }
00199                                                 else
00200                                                 {
00201 //echo "6"; exit;
00202                                                         $this->status = AUTH_SOAP_NO_ILIAS_USER_BUT_EMAIL;
00203                                                         $this->sub_status = AUTH_WRONG_LOGIN;
00204                                                         $this->logout();
00205                                                         return;
00206                                                 }
00207                                         }
00208                                 }
00209                                 
00210                                 if (count($email_user) > 0 && $_POST["CreateUser"] == "")
00211                                 {                                       
00212                                         $_GET["email"] = $validation_data["email"]; 
00213                                         $this->status = AUTH_SOAP_NO_ILIAS_USER_BUT_EMAIL;
00214                                         $this->logout();
00215                                         return;
00216                                 }
00217                         }
00218 
00219                         $userObj = new ilObjUser();
00220                         
00221                         $local_user = ilAuthUtils::_generateLogin($_GET["ext_uid"]);
00222                         
00223                         $newUser["firstname"] = $validation_data["firstname"];
00224                         $newUser["lastname"] = $validation_data["lastname"];
00225                         $newUser["email"] = $validation_data["email"];
00226                         
00227                         $newUser["login"] = $local_user;
00228                         
00229                         // to do: set valid password and send mail
00230                         $newUser["passwd"] = ""; 
00231                         $newUser["passwd_type"] = IL_PASSWD_MD5;
00232                         
00233                         // generate password, if local authentication is allowed
00234                         // and account mail is activated
00235                         $pw = "";
00236 
00237                         if ($ilSetting->get("soap_auth_allow_local") &&
00238                                 $ilSetting->get("soap_auth_account_mail"))
00239                         {
00240                                 $pw = ilUtil::generatePasswords(1);
00241                                 $pw = $pw[0];
00242                                 $newUser["passwd"] = md5($pw); 
00243                                 $newUser["passwd_type"] = IL_PASSWD_MD5;
00244                         }
00245 
00246                         //$newUser["gender"] = "m";
00247                         $newUser["auth_mode"] = "soap";
00248                         $newUser["ext_account"] = $_GET["ext_uid"];
00249                         $newUser["profile_incomplete"] = 1;
00250                         
00251                         // system data
00252                         $userObj->assignData($newUser);
00253                         $userObj->setTitle($userObj->getFullname());
00254                         $userObj->setDescription($userObj->getEmail());
00255                 
00256                         // set user language to system language
00257                         $userObj->setLanguage($lng->lang_default);
00258                         
00259                         // Time limit
00260                         $userObj->setTimeLimitOwner(7);
00261                         $userObj->setTimeLimitUnlimited(1);
00262                         $userObj->setTimeLimitFrom(time());
00263                         $userObj->setTimeLimitUntil(time());
00264                                                         
00265                         // Create user in DB
00266                         $userObj->setOwner(6);
00267                         $userObj->create();
00268                         $userObj->setActive(1, 6);
00269                         
00270                         $userObj->updateOwner();
00271                         
00272                         //insert user data in table user_data
00273                         $userObj->saveAsNew(false);
00274                         
00275                         // setup user preferences
00276                         $userObj->writePrefs();
00277                         
00278                         // to do: test this
00279                         $rbacadmin->assignUser($ilSetting->get('soap_auth_user_default_role'), $userObj->getId(),true);
00280 
00281                         // send account mail
00282                         if ($ilSetting->get("soap_auth_account_mail"))
00283                         {
00284                                 include_once("classes/class.ilObjUserFolder.php");
00285                                 $amail = ilObjUserFolder::_lookupNewAccountMail($ilSetting->get("language"));
00286                                 if (trim($amail["body"]) != "" && trim($amail["subject"]) != "")
00287                                 {
00288                                         include_once("classes/class.ilAccountMail.php");
00289                                         $acc_mail = new ilAccountMail();
00290 
00291                                         if ($pw != "")
00292                                         {
00293                                                 $acc_mail->setUserPassword($pw);
00294                                         }
00295                                         $acc_mail->setUser($userObj);
00296                                         $acc_mail->send();
00297                                 }
00298                         }
00299 
00300                         unset($userObj);
00301 
00302                         $this->setAuth($local_user);
00303 
00304                 }
00305         }
00306         
00315 /*
00316         function setAuth($username)
00317         {
00318                 $session = &Auth::_importGlobalVariable('session');
00319                 
00320                 if (!isset($session[$this->_sessionName]) && !isset($_SESSION)) {
00321                         session_register($this->_sessionName);
00322                 }
00323                 
00324                 if (!isset($session[$this->_sessionName]) || !is_array($session[$this->_sessionName])) {
00325                         $session[$this->_sessionName] = array();
00326                 }
00327                 
00328                 if(!isset($session[$this->_sessionName]['data'])){
00329                         $session[$this->_sessionName]['data']       = array();
00330                 }
00331                         $session[$this->_sessionName]['registered'] = true;
00332                         $session[$this->_sessionName]['username']   = $username;
00333                         $session[$this->_sessionName]['timestamp']  = time();
00334                         $session[$this->_sessionName]['idle']       = time();
00335         }
00336 */
00337         
00348         function logout()
00349         {
00350                 parent::logout();
00351         }
00352         
00359 /*
00360         function getUsername()
00361         {
00362                 $session = &$this->_importGlobalVariable('session');
00363                 if (!isset($session[$this->_sessionName]['username'])) {
00364                         return '';
00365                 }
00366                 return $session[$this->_sessionName]['username'];
00367         }
00368 */
00369         
00376 /*
00377         function getStatus()
00378         {
00379                 
00380                 return $status;
00381         }
00382 */
00383         
00391 /*
00392         function &_importGlobalVariable($variable)
00393         {
00394                 $var = null;
00395                 
00396                 switch (strtolower($variable)) {
00397                 
00398                         case 'server' :
00399                                 if (isset($_SERVER)) {
00400                                         $var = &$_SERVER;
00401                                 } else {
00402                                         $var = &$GLOBALS['HTTP_SERVER_VARS'];
00403                                 }
00404                                 break;
00405                         
00406                         case 'session' :
00407                                 if (isset($_SESSION)) {
00408                                         $var = &$_SESSION;
00409                                 } else {
00410                                         $var = &$GLOBALS['HTTP_SESSION_VARS'];
00411                                 }
00412                                 break;
00413                         
00414                         case 'post' :
00415                                 if (isset($_POST)) {
00416                                         $var = &$_POST;
00417                                 } else {
00418                                         $var = &$GLOBALS['HTTP_POST_VARS'];
00419                                 }
00420                                 break;
00421                         
00422                         case 'cookie' :
00423                                 if (isset($_COOKIE)) {
00424                                         $var = &$_COOKIE;
00425                                 } else {
00426                                         $var = &$GLOBALS['HTTP_COOKIE_VARS'];
00427                                 }
00428                                 break;
00429                         
00430                         case 'get' :
00431                                 if (isset($_GET)) {
00432                                         $var = &$_GET;
00433                                 } else {
00434                                         $var = &$GLOBALS['HTTP_GET_VARS'];
00435                                 }
00436                                 break;
00437                         
00438                         default:
00439                                 break;
00440                 
00441                 }
00442 
00443                 return $var;
00444         }
00445 */      
00446 } // END class.ilCASAuth
00447 ?>