ILIAS  Release_4_0_x_branch Revision 61816
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilAuthContainerSOAP.php
Go to the documentation of this file.
1 <?php
2 /*
3  +-----------------------------------------------------------------------------+
4  | ILIAS open source |
5  +-----------------------------------------------------------------------------+
6  | Copyright (c) 1998-2001 ILIAS open source, University of Cologne |
7  | |
8  | This program is free software; you can redistribute it and/or |
9  | modify it under the terms of the GNU General Public License |
10  | as published by the Free Software Foundation; either version 2 |
11  | of the License, or (at your option) any later version. |
12  | |
13  | This program is distributed in the hope that it will be useful, |
14  | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16  | GNU General Public License for more details. |
17  | |
18  | You should have received a copy of the GNU General Public License |
19  | along with this program; if not, write to the Free Software |
20  | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21  +-----------------------------------------------------------------------------+
22 */
23 
24 include_once 'Auth/Container/LDAP.php';
25 if (version_compare(PHP_VERSION, '5.3.0', '>=') or 1)
26 {
27  include_once './webservice/soap/lib2/nusoap.php';
28 }
29 else
30 {
31  include_once './webservice/soap/lib/nusoap.php';
32 }
33 
42 class ilAuthContainerSOAP extends Auth_Container
43 {
44  protected $server_host = null;
45  protected $server_port = null;
46  protected $server_uri = null;
47  protected $server_https = null;
48  protected $server_nms = null;
49  protected $use_dot_net = null;
50 
51  protected $uri = null;
52 
53  protected $client = null;
54  protected $response = null;
55 
59  public function __construct()
60  {
61  $_POST['username'] = $_GET['ext_uid'];
62  $_POST['password'] = $_GET['soap_pw'];
63 
64  parent::__construct();
65  $this->initClient();
66  }
67 
72  public function initClient()
73  {
74  global $ilSetting;
75 
76  $this->server_host = $ilSetting->get('soap_auth_server');
77  $this->server_port = $ilSetting->get('soap_auth_port');
78  $this->server_uri = $ilSetting->get('soap_auth_uri');
79  $this->server_https = $ilSetting->get('soap_auth_use_https');
80  $this->server_nms = $ilSetting->get('soap_auth_namespace');
81  $this->use_dot_net = $ilSetting->get('use_dotnet');
82 
83  $this->uri = $this->server_https ? 'https://' : 'http://';
84  $this->uri .= $this->server_host;
85 
86  if($this->server_port > 0)
87  {
88  $this->uri .= (':'.$this->server_port);
89  }
90  if($this->server_uri)
91  {
92  $this->uri .= ('/'.$this->server_uri);
93  }
94  $this->client = new soap_client($this->uri);
95  }
96 
104  public function fetchData($a_username,$a_password,$isChallengeResponse = false)
105  {
106  $GLOBALS['ilLog']->write(__METHOD__.': Soap auth fetch data');
107 
108  // check whether external user exists in ILIAS database
109  $local_user = ilObjUser::_checkExternalAuthAccount("soap", $a_username);
110 
111  if ($local_user == "")
112  {
113  $new_user = true;
114  }
115  else
116  {
117  $new_user = false;
118  }
119 
120  $soapAction = "";
121  $nspref = "";
122  if ($this->use_dotnet)
123  {
124  $soapAction = $this->server_nms."/isValidSession";
125  $nspref = "ns1:";
126  }
127  $valid = $this->client->call('isValidSession',
128  array($nspref.'ext_uid' => $a_username,
129  $nspref.'soap_pw' => $a_password,
130  $nspref.'new_user' => $new_user),
131  $this->server_nms,
132  $soapAction);
133 //echo "<br>== Request ==";
134 //echo '<br><pre>' . htmlspecialchars($this->soap_client->request, ENT_QUOTES) . '</pre><br>';
135 //echo "<br>== Response ==";
136 //echo "<br>Valid: -".$valid["valid"]."-";
137 //echo '<br><pre>' . htmlspecialchars($this->soap_client->response, ENT_QUOTES) . '</pre>';
138 
139  if (trim($valid["valid"]) == "false")
140  {
141  $valid["valid"] = false;
142  }
143 
144  // to do check SOAP error!?
145  $valid["local_user"] = $local_user;
146  $this->response = $valid;
147  return $valid['valid'] == true;
148  }
149 
156  public function loginObserver($a_username,$a_auth)
157  {
158  global $ilias, $rbacadmin, $lng, $ilSetting;
159 
160  $GLOBALS['ilLog']->write(__METHOD__.': SOAP login observer called');
161 
162 
163  // TODO: handle passed credentials via GET
164  /*
165  if (empty($_GET["ext_uid"]) || empty($_GET["soap_pw"]))
166  {
167  $this->status = AUTH_WRONG_LOGIN;
168  return;
169  }
170  */
171 
172  // Not required anymore
173  /*
174  $validation_data = $this->validateSoapUser($_GET["ext_uid"], $_GET["soap_pw"]);
175 
176  if (!$validation_data["valid"])
177  {
178  $this->status = AUTH_WRONG_LOGIN;
179  return;
180  }
181  */
182 
183  $local_user = $this->response["local_user"];
184  if ($local_user != "")
185  {
186  // to do: handle update of user
187  $a_auth->setAuth($local_user);
188  return true;
189  }
190  if(!$ilSetting->get("soap_auth_create_users"))
191  {
192  $a_auth->status = AUTH_SOAP_NO_ILIAS_USER;
193  $a_auth->logout();
194  return false;
195  }
196 //echo "1";
197  // try to map external user via e-mail to ILIAS user
198  if ($this->response["email"] != "")
199  {
200 //echo "2";
201 //var_dump ($_POST);
202  $email_user = ilObjUser::_getLocalAccountsForEmail($this->response["email"]);
203 
204  // check, if password has been provided in user mapping screen
205  // (see ilStartUpGUI::showUserMappingSelection)
206  // FIXME
207  if ($_POST["LoginMappedUser"] != "")
208  {
209  if (count($email_user) > 0)
210  {
211  if (ilObjUser::_checkPassword($_POST["usr_id"], $_POST["password"]))
212  {
213  // password is correct -> map user
214  //$this->setAuth($local_user); (use login not id)
215  ilObjUser::_writeExternalAccount($_POST["usr_id"], $_GET["ext_uid"]);
216  ilObjUser::_writeAuthMode($_POST["usr_id"], "soap");
217  $_GET["cmd"] = $_POST["cmd"] = $_GET["auth_stat"]= "";
218  $local_user = ilObjUser::_lookupLogin($_POST["usr_id"]);
219  $a_auth->status = '';
220  $a_auth->setAuth($local_user);
221  return true;
222  }
223  else
224  {
225 //echo "6"; exit;
226 
227  $a_auth->status = AUTH_SOAP_NO_ILIAS_USER_BUT_EMAIL;
228  $a_auth->sub_status = AUTH_WRONG_LOGIN;
229  $a_auth->logout();
230  return false;
231  }
232  }
233  }
234 
235  if (count($email_user) > 0 && $_POST["CreateUser"] == "")
236  {
237  $_GET["email"] = $this->response["email"];
238  $a_auth->status = AUTH_SOAP_NO_ILIAS_USER_BUT_EMAIL;
239  $a_auth->logout();
240  return false;
241  }
242  }
243 
244  $userObj = new ilObjUser();
245  $local_user = ilAuthUtils::_generateLogin($a_username);
246 
247  $newUser["firstname"] = $this->response["firstname"];
248  $newUser["lastname"] = $this->response["lastname"];
249  $newUser["email"] = $this->response["email"];
250 
251  $newUser["login"] = $local_user;
252 
253  // to do: set valid password and send mail
254  $newUser["passwd"] = "";
255  $newUser["passwd_type"] = IL_PASSWD_MD5;
256 
257  // generate password, if local authentication is allowed
258  // and account mail is activated
259  $pw = "";
260 
261  if ($ilSetting->get("soap_auth_allow_local") &&
262  $ilSetting->get("soap_auth_account_mail"))
263  {
264  $pw = ilUtil::generatePasswords(1);
265  $pw = $pw[0];
266  $newUser["passwd"] = md5($pw);
267  $newUser["passwd_type"] = IL_PASSWD_MD5;
268  }
269 
270  //$newUser["gender"] = "m";
271  $newUser["auth_mode"] = "soap";
272  $newUser["ext_account"] = $a_username;
273  $newUser["profile_incomplete"] = 1;
274 
275  // system data
276  $userObj->assignData($newUser);
277  $userObj->setTitle($userObj->getFullname());
278  $userObj->setDescription($userObj->getEmail());
279 
280  // set user language to system language
281  $userObj->setLanguage($lng->lang_default);
282 
283  // Time limit
284  $userObj->setTimeLimitOwner(7);
285  $userObj->setTimeLimitUnlimited(1);
286  $userObj->setTimeLimitFrom(time());
287  $userObj->setTimeLimitUntil(time());
288 
289  // Create user in DB
290  $userObj->setOwner(6);
291  $userObj->create();
292  $userObj->setActive(1, 6);
293 
294  $userObj->updateOwner();
295 
296  //insert user data in table user_data
297  $userObj->saveAsNew(false);
298 
299  // setup user preferences
300  $userObj->writePrefs();
301 
302  // to do: test this
303  $rbacadmin->assignUser($ilSetting->get('soap_auth_user_default_role'), $userObj->getId(),true);
304 
305  // send account mail
306  if ($ilSetting->get("soap_auth_account_mail"))
307  {
308  include_once('./Services/User/classes/class.ilObjUserFolder.php');
309  $amail = ilObjUserFolder::_lookupNewAccountMail($ilSetting->get("language"));
310  if (trim($amail["body"]) != "" && trim($amail["subject"]) != "")
311  {
312  include_once("Services/Mail/classes/class.ilAccountMail.php");
313  $acc_mail = new ilAccountMail();
314 
315  if ($pw != "")
316  {
317  $acc_mail->setUserPassword($pw);
318  }
319  $acc_mail->setUser($userObj);
320  $acc_mail->send();
321  }
322  }
323 
324  unset($userObj);
325  $a_auth->setAuth($local_user);
326  return true;
327  }
328 }