ILIAS  Release_3_10_x_branch Revision 61812
 All Data Structures Namespaces Files Functions Variables Groups Pages
Public Member Functions | Static Public Member Functions | Data Fields
ilSOAPAuth Class Reference

Class SOAPAuth. More...

+ Inheritance diagram for ilSOAPAuth:
+ Collaboration diagram for ilSOAPAuth:

Public Member Functions

 ilSOAPAuth ($a_params)
 Constructor public.
 validateSOAPUser ($a_ext_uid, $a_soap_pw)
 soap validation lookup: call isValidSession service of soap server
 getValidationData ()
 Get validation data.
 login ()
 Login function.
 logout ()
 Register variable in a session telling that the user has logged in successfully.

Static Public Member Functions

static testConnection ($a_ext_uid, $a_soap_pw, $a_new_user)
 Test connection with values of soap auth administration settings.

Data Fields

 $valid = array()

Detailed Description

Class SOAPAuth.

SOAP Authentication class.

Definition at line 34 of file class.ilSOAPAuth.php.

Member Function Documentation

ilSOAPAuth::getValidationData ( )

Get validation data.

Definition at line 212 of file class.ilSOAPAuth.php.

References $valid.

{
return $this->valid;
}
ilSOAPAuth::ilSOAPAuth (   $a_params)

Constructor public.

Definition at line 42 of file class.ilSOAPAuth.php.

References nusoap_base\getError().

{
if ($a_params["sessionName"] != "")
{
parent::Auth("", array("sessionName" => $a_params["sessionName"]));
}
else
{
parent::Auth("");
}
$this->server_hostname = $a_params["server_hostname"];
$this->server_port = (int) $a_params["server_port"];
$this->server_uri = $a_params["server_uri"];
$this->namespace = $a_params["namespace"];
$this->use_dotnet = $a_params["use_dotnet"];
if ($a_params["https"])
{
$this->https = true;
$uri = "https://";
}
else
{
$this->https = false;
$uri = "http://";
}
$uri.= $this->server_hostname;
if ($this->server_port > 0)
{
$uri.= ":".$this->server_port;
}
if ($this->server_uri != "")
{
$uri.= "/".$this->server_uri;
}
$this->uri = $uri;
$this->soap_client = new soap_client($this->uri);
//echo "<br>== Get SOAP client ==";
//echo "<br>SOAP client with URI: ".$this->uri."<br>";
if ($err = $this->soap_client->getError())
{
die("SOAP Authentication Initialisation Error: ".$err);
}
}

+ Here is the call graph for this function:

ilSOAPAuth::login ( )

Login function.

private

Returns
void

Definition at line 223 of file class.ilSOAPAuth.php.

References $_GET, $ilSetting, $lng, ilObjUser\_checkPassword(), ilAuthUtils\_generateLogin(), ilObjUser\_getLocalAccountsForEmail(), ilObjUser\_lookupLogin(), ilObjUserFolder\_lookupNewAccountMail(), ilObjUser\_writeAuthMode(), ilObjUser\_writeExternalAccount(), AUTH_SOAP_NO_ILIAS_USER, AUTH_SOAP_NO_ILIAS_USER_BUT_EMAIL, AUTH_WRONG_LOGIN, ilUtil\generatePasswords(), IL_PASSWD_MD5, and logout().

{
global $ilias, $rbacadmin, $lng, $ilSetting;
if (empty($_GET["ext_uid"]) || empty($_GET["soap_pw"]))
{
$this->status = AUTH_WRONG_LOGIN;
return;
}
$validation_data = $this->validateSoapUser($_GET["ext_uid"], $_GET["soap_pw"]);
if (!$validation_data["valid"])
{
$this->status = AUTH_WRONG_LOGIN;
return;
}
$local_user = $validation_data["local_user"];
if ($local_user != "")
{
// to do: handle update of user
$this->setAuth($local_user);
}
else
{
if (!$ilSetting->get("soap_auth_create_users"))
{
$this->status = AUTH_SOAP_NO_ILIAS_USER;
$this->logout();
return;
}
//echo "1";
// try to map external user via e-mail to ILIAS user
if ($validation_data["email"] != "")
{
//echo "2";
//var_dump ($_POST);
$email_user = ilObjUser::_getLocalAccountsForEmail($validation_data["email"]);
// check, if password has been provided in user mapping screen
// (see ilStartUpGUI::showUserMappingSelection)
if ($_POST["LoginMappedUser"] != "")
{
if (count($email_user) > 0)
{
if (ilObjUser::_checkPassword($_POST["usr_id"], $_POST["password"]))
{
// password is correct -> map user
//$this->setAuth($local_user); (use login not id)
ilObjUser::_writeExternalAccount($_POST["usr_id"], $_GET["ext_uid"]);
ilObjUser::_writeAuthMode($_POST["usr_id"], "soap");
$_GET["cmd"] = $_POST["cmd"] = $_GET["auth_stat"]= "";
$local_user = ilObjUser::_lookupLogin($_POST["usr_id"]);
$this->status = "";
$this->setAuth($local_user);
return;
}
else
{
//echo "6"; exit;
$this->status = AUTH_SOAP_NO_ILIAS_USER_BUT_EMAIL;
$this->sub_status = AUTH_WRONG_LOGIN;
$this->logout();
return;
}
}
}
if (count($email_user) > 0 && $_POST["CreateUser"] == "")
{
$_GET["email"] = $validation_data["email"];
$this->status = AUTH_SOAP_NO_ILIAS_USER_BUT_EMAIL;
$this->logout();
return;
}
}
$userObj = new ilObjUser();
$local_user = ilAuthUtils::_generateLogin($_GET["ext_uid"]);
$newUser["firstname"] = $validation_data["firstname"];
$newUser["lastname"] = $validation_data["lastname"];
$newUser["email"] = $validation_data["email"];
$newUser["login"] = $local_user;
// to do: set valid password and send mail
$newUser["passwd"] = "";
$newUser["passwd_type"] = IL_PASSWD_MD5;
// generate password, if local authentication is allowed
// and account mail is activated
$pw = "";
if ($ilSetting->get("soap_auth_allow_local") &&
$ilSetting->get("soap_auth_account_mail"))
{
$pw = ilUtil::generatePasswords(1);
$pw = $pw[0];
$newUser["passwd"] = md5($pw);
$newUser["passwd_type"] = IL_PASSWD_MD5;
}
//$newUser["gender"] = "m";
$newUser["auth_mode"] = "soap";
$newUser["ext_account"] = $_GET["ext_uid"];
$newUser["profile_incomplete"] = 1;
// system data
$userObj->assignData($newUser);
$userObj->setTitle($userObj->getFullname());
$userObj->setDescription($userObj->getEmail());
// set user language to system language
$userObj->setLanguage($lng->lang_default);
// Time limit
$userObj->setTimeLimitOwner(7);
$userObj->setTimeLimitUnlimited(1);
$userObj->setTimeLimitFrom(time());
$userObj->setTimeLimitUntil(time());
// Create user in DB
$userObj->setOwner(6);
$userObj->create();
$userObj->setActive(1, 6);
$userObj->updateOwner();
//insert user data in table user_data
$userObj->saveAsNew(false);
// setup user preferences
$userObj->writePrefs();
// to do: test this
$rbacadmin->assignUser($ilSetting->get('soap_auth_user_default_role'), $userObj->getId(),true);
// send account mail
if ($ilSetting->get("soap_auth_account_mail"))
{
include_once('./Services/User/classes/class.ilObjUserFolder.php');
$amail = ilObjUserFolder::_lookupNewAccountMail($ilSetting->get("language"));
if (trim($amail["body"]) != "" && trim($amail["subject"]) != "")
{
include_once("Services/Mail/classes/class.ilAccountMail.php");
$acc_mail = new ilAccountMail();
if ($pw != "")
{
$acc_mail->setUserPassword($pw);
}
$acc_mail->setUser($userObj);
$acc_mail->send();
}
}
unset($userObj);
$this->setAuth($local_user);
}
}

+ Here is the call graph for this function:

ilSOAPAuth::logout ( )

Register variable in a session telling that the user has logged in successfully.

public

Parameters
stringUsername
Returns
void Logout function

This function clears any auth tokens in the currently active session and executes the logout callback function, if any

public

Returns
void

Definition at line 431 of file class.ilSOAPAuth.php.

Referenced by login().

{
parent::logout();
}

+ Here is the caller graph for this function:

static ilSOAPAuth::testConnection (   $a_ext_uid,
  $a_soap_pw,
  $a_new_user 
)
static

Test connection with values of soap auth administration settings.

Definition at line 95 of file class.ilSOAPAuth.php.

References $ilSetting, $namespace, and $valid.

{
global $ilSetting;
$settings = $ilSetting->getAll();
$server_hostname = $settings["soap_auth_server"];
$server_port = (int) $settings["soap_auth_port"];
$server_uri = $settings["soap_auth_uri"];
$namespace = $settings["soap_auth_namespace"];
$use_dotnet = $settings["soap_auth_use_dotnet"];
if ($settings["soap_auth_use_https"])
{
$uri = "https://";
}
else
{
$uri = "http://";
}
$uri.= $server_hostname;
if ($server_port > 0)
{
$uri.= ":".$server_port;
}
if ($server_uri != "")
{
$uri.= "/".$server_uri;
}
$soap_client = new soap_client($uri);
if ($err = $soap_client->getError())
{
return "SOAP Authentication Initialisation Error: ".$err;
}
$soapAction = "";
$nspref = "";
if ($use_dotnet)
{
$soapAction = $namespace."/isValidSession";
$nspref = "ns1:";
}
$valid = $soap_client->call('isValidSession',
array($nspref.'ext_uid' => $a_ext_uid,
$nspref.'soap_pw' => $a_soap_pw,
$nspref.'new_user' => $a_new_user),
$namespace,
$soapAction);
return
"<br>== Request ==".
'<br><pre>' . htmlspecialchars(str_replace("\" ", "\"\n ", str_replace(">", ">\n", $soap_client->request)), ENT_QUOTES) . '</pre><br>'.
"<br>== Response ==".
"<br>Valid: -".$valid["valid"]."-".
'<br><pre>' . htmlspecialchars(str_replace("\" ", "\"\n ", str_replace(">", ">\n", $soap_client->response)), ENT_QUOTES) . '</pre>';
}
ilSOAPAuth::validateSOAPUser (   $a_ext_uid,
  $a_soap_pw 
)

soap validation lookup: call isValidSession service of soap server

Definition at line 161 of file class.ilSOAPAuth.php.

References $new_user, $valid, ilObjUser\_checkExternalAuthAccount(), and soap_client\call().

{
// check whether external user exists in ILIAS database
$local_user = ilObjUser::_checkExternalAuthAccount("soap", $a_ext_uid);
if ($local_user == "")
{
$new_user = true;
}
else
{
$new_user = false;
}
$soapAction = "";
$nspref = "";
if ($this->use_dotnet)
{
$soapAction = $this->namespace."/isValidSession";
$nspref = "ns1:";
}
$valid = $this->soap_client->call('isValidSession',
array($nspref.'ext_uid' => $a_ext_uid,
$nspref.'soap_pw' => $a_soap_pw,
$nspref.'new_user' => $new_user),
$this->namespace,
$soapAction);
//echo "<br>== Request ==";
//echo '<br><pre>' . htmlspecialchars($this->soap_client->request, ENT_QUOTES) . '</pre><br>';
//echo "<br>== Response ==";
//echo "<br>Valid: -".$valid["valid"]."-";
//echo '<br><pre>' . htmlspecialchars($this->soap_client->response, ENT_QUOTES) . '</pre>';
if (trim($valid["valid"]) == "false")
{
$valid["valid"] = false;
}
// to do check SOAP error!?
$valid["local_user"] = $local_user;
$this->valid = $valid;
return $valid;
}

+ Here is the call graph for this function:

Field Documentation

ilSOAPAuth::$valid = array()

Definition at line 36 of file class.ilSOAPAuth.php.

Referenced by getValidationData(), testConnection(), and validateSOAPUser().

The documentation for this class was generated from the following file: