ILIAS  release_5-2 Revision v5.2.25-18-g3f80b82851
ilAuthContainerSOAP Class Reference

Authentication against external SOAP server More...

+ Inheritance diagram for ilAuthContainerSOAP:
+ Collaboration diagram for ilAuthContainerSOAP:

Public Member Functions

 __construct ()
 Constructor. More...
 
 initClient ()
 Init soap client. More...
 
 fetchData ($a_username, $a_password, $isChallengeResponse=false)
 Call is isValidSession of soap server. More...
 
 loginObserver ($a_username, $a_auth)
 Called after login and successful call of fetch data. More...
 

Protected Attributes

 $server_host = null
 
 $server_port = null
 
 $server_uri = null
 
 $server_https = null
 
 $server_nms = null
 
 $use_dot_net = null
 
 $uri = null
 
 $client = null
 
 $response = null
 

Detailed Description

Authentication against external SOAP server

Todo:
This class should inherit either from Auth_Container_SOAP or Auth_Container_SOAP5
Author
Stefan Meyer smeye.nosp@m.r.il.nosp@m.ias@g.nosp@m.mx.d.nosp@m.e
Version
$id$

Definition at line 35 of file class.ilAuthContainerSOAP.php.

Constructor & Destructor Documentation

◆ __construct()

ilAuthContainerSOAP::__construct ( )

Constructor.

Definition at line 52 of file class.ilAuthContainerSOAP.php.

References $_GET, $_POST, and initClient().

53  {
54  $_POST['username'] = $_GET['ext_uid'];
55  $_POST['password'] = $_GET['soap_pw'];
56 
57  parent::__construct();
58  $this->initClient();
59  }
initClient()
Init soap client.
$_GET["client_id"]
$_POST["username"]
+ Here is the call graph for this function:

Member Function Documentation

◆ fetchData()

ilAuthContainerSOAP::fetchData (   $a_username,
  $a_password,
  $isChallengeResponse = false 
)

Call is isValidSession of soap server.

Returns
bool
Parameters
string$a_username
string$a_password
bool$isChallengeResponse,[optional]

Definition at line 97 of file class.ilAuthContainerSOAP.php.

References $GLOBALS, $new_user, $valid, ilObjUser\_checkExternalAuthAccount(), and array.

98  {
99  $GLOBALS['ilLog']->write(__METHOD__.': Soap auth fetch data');
100 
101  // check whether external user exists in ILIAS database
102  $local_user = ilObjUser::_checkExternalAuthAccount("soap", $a_username);
103 
104  if ($local_user == "")
105  {
106  $new_user = true;
107  }
108  else
109  {
110  $new_user = false;
111  }
112 
113  $soapAction = "";
114  $nspref = "";
115  if ($this->use_dotnet)
116  {
117  $soapAction = $this->server_nms."/isValidSession";
118  $nspref = "ns1:";
119  }
120  $valid = $this->client->call('isValidSession',
121  array($nspref.'ext_uid' => $a_username,
122  $nspref.'soap_pw' => $a_password,
123  $nspref.'new_user' => $new_user),
124  $this->server_nms,
125  $soapAction);
126 //echo "<br>== Request ==";
127 //echo '<br><pre>' . htmlspecialchars($this->soap_client->request, ENT_QUOTES) . '</pre><br>';
128 //echo "<br>== Response ==";
129 //echo "<br>Valid: -".$valid["valid"]."-";
130 //echo '<br><pre>' . htmlspecialchars($this->soap_client->response, ENT_QUOTES) . '</pre>';
131 
132  if (trim($valid["valid"]) == "false")
133  {
134  $valid["valid"] = false;
135  }
136 
137  // to do check SOAP error!?
138  $valid["local_user"] = $local_user;
139  $this->response = $valid;
140  return $valid['valid'] == true;
141  }
$valid
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Create styles array
The data for the language used.
$new_user
static _checkExternalAuthAccount($a_auth, $a_account)
check whether external account and authentication method matches with a user
+ Here is the call graph for this function:

◆ initClient()

ilAuthContainerSOAP::initClient ( )

Init soap client.

Returns

Definition at line 65 of file class.ilAuthContainerSOAP.php.

References $ilSetting, and $server_host.

Referenced by __construct().

66  {
67  global $ilSetting;
68 
69  $this->server_host = $ilSetting->get('soap_auth_server');
70  $this->server_port = $ilSetting->get('soap_auth_port');
71  $this->server_uri = $ilSetting->get('soap_auth_uri');
72  $this->server_https = $ilSetting->get('soap_auth_use_https');
73  $this->server_nms = $ilSetting->get('soap_auth_namespace');
74  $this->use_dot_net = $ilSetting->get('use_dotnet');
75 
76  $this->uri = $this->server_https ? 'https://' : 'http://';
77  $this->uri .= $this->server_host;
78 
79  if($this->server_port > 0)
80  {
81  $this->uri .= (':'.$this->server_port);
82  }
83  if($this->server_uri)
84  {
85  $this->uri .= ('/'.$this->server_uri);
86  }
87  $this->client = new nusoap_client($this->uri);
88  }
[nu]soapclient higher level class for easy usage.
Definition: nusoap.php:7059
global $ilSetting
Definition: privfeed.php:17
+ Here is the caller graph for this function:

◆ loginObserver()

ilAuthContainerSOAP::loginObserver (   $a_username,
  $a_auth 
)

Called after login and successful call of fetch data.

Returns
Parameters
object$a_username
object$a_auth

Definition at line 149 of file class.ilAuthContainerSOAP.php.

References $GLOBALS, $ilSetting, $lng, ilAuthUtils\_generateLogin(), ilObjUserFolder\_lookupNewAccountMail(), AUTH_SOAP_NO_ILIAS_USER, ilUtil\generatePasswords(), IL_PASSWD_CRYPTED, IL_PASSWD_PLAIN, and time.

150  {
151  global $ilias, $rbacadmin, $lng, $ilSetting;
152 
153  $GLOBALS['ilLog']->write(__METHOD__.': SOAP login observer called');
154 
155 
156  // TODO: handle passed credentials via GET
157  /*
158  if (empty($_GET["ext_uid"]) || empty($_GET["soap_pw"]))
159  {
160  $this->status = AUTH_WRONG_LOGIN;
161  return;
162  }
163  */
164 
165  // Not required anymore
166  /*
167  $validation_data = $this->validateSoapUser($_GET["ext_uid"], $_GET["soap_pw"]);
168 
169  if (!$validation_data["valid"])
170  {
171  $this->status = AUTH_WRONG_LOGIN;
172  return;
173  }
174  */
175 
176  $local_user = $this->response["local_user"];
177  if ($local_user != "")
178  {
179  // to do: handle update of user
180  $a_auth->setAuth($local_user);
181  return true;
182  }
183  if(!$ilSetting->get("soap_auth_create_users"))
184  {
185  $a_auth->status = AUTH_SOAP_NO_ILIAS_USER;
186  $a_auth->logout();
187  return false;
188  }
189 
190  $userObj = new ilObjUser();
191  $local_user = ilAuthUtils::_generateLogin($a_username);
192 
193  $newUser["firstname"] = $this->response["firstname"];
194  $newUser["lastname"] = $this->response["lastname"];
195  $newUser["email"] = $this->response["email"];
196 
197  $newUser["login"] = $local_user;
198 
199  // to do: set valid password and send mail
200  $newUser["passwd"] = "";
201  $newUser["passwd_type"] = IL_PASSWD_CRYPTED;
202 
203  // generate password, if local authentication is allowed
204  // and account mail is activated
205  $pw = "";
206 
207  if ($ilSetting->get("soap_auth_allow_local") &&
208  $ilSetting->get("soap_auth_account_mail"))
209  {
210  $pw = ilUtil::generatePasswords(1);
211  $pw = $pw[0];
212  $newUser["passwd"] = $pw;
213  $newUser["passwd_type"] = IL_PASSWD_PLAIN;
214  }
215 
216  //$newUser["gender"] = "m";
217  $newUser["auth_mode"] = "soap";
218  $newUser["ext_account"] = $a_username;
219  $newUser["profile_incomplete"] = 1;
220 
221  // system data
222  $userObj->assignData($newUser);
223  $userObj->setTitle($userObj->getFullname());
224  $userObj->setDescription($userObj->getEmail());
225 
226  // set user language to system language
227  $userObj->setLanguage($lng->lang_default);
228 
229  // Time limit
230  $userObj->setTimeLimitOwner(7);
231  $userObj->setTimeLimitUnlimited(1);
232  $userObj->setTimeLimitFrom(time());
233  $userObj->setTimeLimitUntil(time());
234 
235  // Create user in DB
236  $userObj->setOwner(0);
237  $userObj->create();
238  $userObj->setActive(1);
239 
240  $userObj->updateOwner();
241 
242  //insert user data in table user_data
243  $userObj->saveAsNew(false);
244 
245  // setup user preferences
246  $userObj->writePrefs();
247 
248  // to do: test this
249  $rbacadmin->assignUser($ilSetting->get('soap_auth_user_default_role'), $userObj->getId(),true);
250 
251  // send account mail
252  if ($ilSetting->get("soap_auth_account_mail"))
253  {
254  include_once('./Services/User/classes/class.ilObjUserFolder.php');
255  $amail = ilObjUserFolder::_lookupNewAccountMail($ilSetting->get("language"));
256  if (trim($amail["body"]) != "" && trim($amail["subject"]) != "")
257  {
258  include_once("Services/Mail/classes/class.ilAccountMail.php");
259  $acc_mail = new ilAccountMail();
260 
261  if ($pw != "")
262  {
263  $acc_mail->setUserPassword($pw);
264  }
265  $acc_mail->setUser($userObj);
266  $acc_mail->send();
267  }
268  }
269 
270  unset($userObj);
271  $a_auth->setAuth($local_user);
272  return true;
273  }
const IL_PASSWD_PLAIN
const IL_PASSWD_CRYPTED
static _generateLogin($a_login)
generate free login by starting with a default string and adding postfix numbers
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
static generatePasswords($a_number)
Generate a number of passwords.
const AUTH_SOAP_NO_ILIAS_USER
static _lookupNewAccountMail($a_lang)
global $ilSetting
Definition: privfeed.php:17
global $lng
Definition: privfeed.php:17
Class ilAccountMail.
Add data(end) time
Method that wraps PHPs time in order to allow simulations with the workflow.
+ Here is the call graph for this function:

Field Documentation

◆ $client

ilAuthContainerSOAP::$client = null
protected

Definition at line 46 of file class.ilAuthContainerSOAP.php.

◆ $response

ilAuthContainerSOAP::$response = null
protected

Definition at line 47 of file class.ilAuthContainerSOAP.php.

◆ $server_host

ilAuthContainerSOAP::$server_host = null
protected

Definition at line 37 of file class.ilAuthContainerSOAP.php.

Referenced by initClient().

◆ $server_https

ilAuthContainerSOAP::$server_https = null
protected

Definition at line 40 of file class.ilAuthContainerSOAP.php.

◆ $server_nms

ilAuthContainerSOAP::$server_nms = null
protected

Definition at line 41 of file class.ilAuthContainerSOAP.php.

◆ $server_port

ilAuthContainerSOAP::$server_port = null
protected

Definition at line 38 of file class.ilAuthContainerSOAP.php.

◆ $server_uri

ilAuthContainerSOAP::$server_uri = null
protected

Definition at line 39 of file class.ilAuthContainerSOAP.php.

◆ $uri

ilAuthContainerSOAP::$uri = null
protected

Definition at line 44 of file class.ilAuthContainerSOAP.php.

◆ $use_dot_net

ilAuthContainerSOAP::$use_dot_net = null
protected

Definition at line 42 of file class.ilAuthContainerSOAP.php.


The documentation for this class was generated from the following file: