ILIAS  Release_4_4_x_branch Revision 61816
 All Data Structures Namespaces Files Functions Variables Groups Pages
Public Member Functions | Protected Member Functions | Private Attributes
ilAuthContainerOpenId Class Reference

Pear auth container for openid More...

+ Inheritance diagram for ilAuthContainerOpenId:
+ Collaboration diagram for ilAuthContainerOpenId:

Public Member Functions

 __construct ()
 Constructor.
 fetchData ($a_username, $a_password, $isChallengeResponse=false)
 forceCreation ($a_status)
 Force creation of user accounts.
 loginObserver ($a_username, $a_auth)
- Public Member Functions inherited from Auth_Container
 Auth_Container ()
 Constructor.
 verifyPassword ($password1, $password2, $cryptType="md5")
 Crypt and verfiy the entered password.
 supportsChallengeResponse ()
 Returns true if the container supports Challenge Response password authentication.
 getCryptType ()
 Returns the crypt current crypt type of the container.
 listUsers ()
 List all users that are available from the storage container.
 getUser ($username)
 Returns a user assoc array.
 addUser ($username, $password, $additional=null)
 Add a new user to the storage container.
 removeUser ($username)
 Remove user from the storage container.
 changePassword ($username, $password)
 Change password for user in the storage container.
 log ($message, $level=AUTH_LOG_DEBUG)
 Log a message to the Auth log.
- Public Member Functions inherited from ilAuthContainerBase
 failedLoginObserver ($a_username, $a_auth)
 Called after failed login.
 checkAuthObserver ($a_username, $a_auth)
 Called after check auth requests.
 logoutObserver ($a_username, $a_auth)
 Called after logout.
 supportsCaptchaVerification ()
 Returns whether or not the auth container supports the verification of captchas This should be true for those auth methods, which are available in the default login form.

Protected Member Functions

 initSettings ()
 Init open id settings.

Private Attributes

 $settings = null
 $response_data = array()
 $force_creation = false

Additional Inherited Members

- Data Fields inherited from Auth_Container
 $activeUser = ""
 User that is currently selected from the storage container.
 $_auth_obj = null
 The Auth object this container is attached to.

Detailed Description

Pear auth container for openid

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Version
$Id$

Definition at line 13 of file class.ilAuthContainerOpenId.php.

Constructor & Destructor Documentation

ilAuthContainerOpenId::__construct ( )

Constructor.

Returns

Definition at line 24 of file class.ilAuthContainerOpenId.php.

References initSettings().

{
parent::__construct();
$this->initSettings();
}

+ Here is the call graph for this function:

Member Function Documentation

ilAuthContainerOpenId::fetchData (   $a_username,
  $a_password,
  $isChallengeResponse = false 
)
Returns
bool
Parameters
string$a_username
string$a_password
bool$isChallengeResponse,[optional]

Reimplemented from Auth_Container.

Definition at line 38 of file class.ilAuthContainerOpenId.php.

References $ilLog, Auth_OpenID_CANCEL, Auth_OpenID_FAILURE, Auth_OpenID_SUCCESS, Auth_OpenID_supportsSReg(), and Auth_OpenID_SRegResponse\fromSuccessResponse().

{
global $ilLog;
$ilLog->write(__METHOD__.': Fetch Data called');
$response = $this->settings->getConsumer()->complete($this->settings->getReturnLocation());
switch($response->status)
{
case Auth_OpenID_CANCEL:
die("Auth cancelled");
case Auth_OpenID_FAILURE:
die("Auth failed with message: ".$response->message);
case Auth_OpenID_SUCCESS:
$openid = $response->getDisplayIdentifier();
$esc_identity = htmlentities($openid);
$ilLog->write(__METHOD__.': Auth success with identity '.$esc_identity);
if($response->endpoint->canonicalID)
{
$escaped_canonicalID = htmlentities($response->endpoint->canonicalID);
$ilLog->write(__METHOD__.': Auth success with canonical id: '.$esc_identity);
}
include_once 'Auth/OpenID/SReg.php';
// Check if simple registration is supported
if(Auth_OpenID_supportsSReg($response->endpoint))
{
$sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response,true);
$this->response_data = $sreg_resp->contents();
$ilLog->write(__METHOD__.' auth data: '.print_r($this->response_data,true));
return true;
}
else
{
// Try to fetch response values
foreach($response->message->args->keys as $key => $mapping)
{
if($mapping[1] == 'sreg.nickname')
{
$this->response_data['nickname'] = $response->message->args->values[$key];
}
if($mapping[1] == 'sreg.email')
{
$this->response_data['email'] = $response->message->args->values[$key];
}
}
}
return true;
}
return false;
}

+ Here is the call graph for this function:

ilAuthContainerOpenId::forceCreation (   $a_status)

Force creation of user accounts.

public

Parameters
boolforce_creation

Definition at line 105 of file class.ilAuthContainerOpenId.php.

{
$this->force_creation = true;
}
ilAuthContainerOpenId::initSettings ( )
protected

Init open id settings.

Returns

Definition at line 174 of file class.ilAuthContainerOpenId.php.

References ilOpenIdSettings\getInstance().

Referenced by __construct(), and loginObserver().

{
include_once './Services/OpenId/classes/class.ilOpenIdSettings.php';
//$this->settings = ilOpenIdSettings::getInstance();
$this->settings = ilOpenIdSettings::getInstance();
$this->settings->initConsumer();
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

ilAuthContainerOpenId::loginObserver (   $a_username,
  $a_auth 
)
See Also
ilAuthContainerBase::loginObserver()

Reimplemented from ilAuthContainerBase.

Definition at line 114 of file class.ilAuthContainerOpenId.php.

References $_GET, $_POST, $_SESSION, $GLOBALS, $ilLog, $new_user, ilObjUser\_checkExternalAuthAccount(), AUTH_OPENID_NO_ILIAS_USER, initSettings(), and ilUtil\redirect().

{
global $ilLog;
$GLOBALS['ilLog']->write(__METHOD__.': Login observer called for openid');
$this->initSettings();
$this->response_data['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount(
"openid",
$this->response_data['nickname']
);
if(!$this->response_data['ilInternalAccount'])
{
if($this->settings->isCreationEnabled())
{
if($this->settings->isAccountMigrationEnabled() and !$this->force_creation and !$_SESSION['force_creation'])
{
$a_auth->logout();
$_SESSION['tmp_auth_mode'] = 'openid';
$_SESSION['tmp_oid_username'] = urldecode($_GET['openid_identity']);
$_SESSION['tmp_oid_provider'] = $_POST['oid_provider'];
$_SESSION['tmp_external_account'] = $this->response_data['nickname'];
$_SESSION['tmp_pass'] = $_POST['password'];
$_SESSION['tmp_roles'] = array(0 => $this->settings->getDefaultRole());
$GLOBALS['ilLog']->write(__METHOD__.': Redirect migration');
ilUtil::redirect('ilias.php?baseClass=ilStartUpGUI&cmd=showAccountMigration&cmdClass=ilstartupgui');
}
include_once './Services/OpenId/classes/class.ilOpenIdAttributeToUser.php';
$new_user = new ilOpenIdAttributeToUser();
$new_name = $new_user->create($this->response_data['nickname'],$this->response_data);
$GLOBALS['ilLog']->write(__METHOD__.': Create user with name:'. $new_name);
$a_auth->setAuth($new_name);
return true;
}
else
{
// No syncronisation allowed => create Error
$a_auth->status = AUTH_OPENID_NO_ILIAS_USER;
$a_auth->logout();
$GLOBALS['ilLog']->write(__METHOD__.': No creation');
return false;
}
}
else
{
$GLOBALS['ilLog']->write(__METHOD__.': Using old name: ' . $this->response_data['ilInternalAccount']);
$a_auth->setAuth($this->response_data['ilInternalAccount']);
return true;
}
return false;
}

+ Here is the call graph for this function:

Field Documentation

ilAuthContainerOpenId::$force_creation = false
private

Definition at line 18 of file class.ilAuthContainerOpenId.php.

ilAuthContainerOpenId::$response_data = array()
private

Definition at line 17 of file class.ilAuthContainerOpenId.php.

ilAuthContainerOpenId::$settings = null
private

Definition at line 15 of file class.ilAuthContainerOpenId.php.

The documentation for this class was generated from the following file: