ILIAS  Release_5_0_x_branch Revision 61816
 All Data Structures Namespaces Files Functions Variables Groups Pages
class.ilAuthContainerSOAP.php
Go to the documentation of this file.
1 <?php
2 /*
3  +-----------------------------------------------------------------------------+
4  | ILIAS open source |
5  +-----------------------------------------------------------------------------+
6  | Copyright (c) 1998-2001 ILIAS open source, University of Cologne |
7  | |
8  | This program is free software; you can redistribute it and/or |
9  | modify it under the terms of the GNU General Public License |
10  | as published by the Free Software Foundation; either version 2 |
11  | of the License, or (at your option) any later version. |
12  | |
13  | This program is distributed in the hope that it will be useful, |
14  | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15  | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16  | GNU General Public License for more details. |
17  | |
18  | You should have received a copy of the GNU General Public License |
19  | along with this program; if not, write to the Free Software |
20  | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21  +-----------------------------------------------------------------------------+
22 */
23 
24 include_once 'Auth/Container/LDAP.php';
25 include_once("./webservice/soap/lib/nusoap.php");
26 
35 class ilAuthContainerSOAP extends Auth_Container
36 {
37  protected $server_host = null;
38  protected $server_port = null;
39  protected $server_uri = null;
40  protected $server_https = null;
41  protected $server_nms = null;
42  protected $use_dot_net = null;
43 
44  protected $uri = null;
45 
46  protected $client = null;
47  protected $response = null;
48 
52  public function __construct()
53  {
54  $_POST['username'] = $_GET['ext_uid'];
55  $_POST['password'] = $_GET['soap_pw'];
56 
57  parent::__construct();
58  $this->initClient();
59  }
60 
65  public function initClient()
66  {
67  global $ilSetting;
68 
69  $this->server_host = $ilSetting->get('soap_auth_server');
70  $this->server_port = $ilSetting->get('soap_auth_port');
71  $this->server_uri = $ilSetting->get('soap_auth_uri');
72  $this->server_https = $ilSetting->get('soap_auth_use_https');
73  $this->server_nms = $ilSetting->get('soap_auth_namespace');
74  $this->use_dot_net = $ilSetting->get('use_dotnet');
75 
76  $this->uri = $this->server_https ? 'https://' : 'http://';
77  $this->uri .= $this->server_host;
78 
79  if($this->server_port > 0)
80  {
81  $this->uri .= (':'.$this->server_port);
82  }
83  if($this->server_uri)
84  {
85  $this->uri .= ('/'.$this->server_uri);
86  }
87  $this->client = new nusoap_client($this->uri);
88  }
89 
97  public function fetchData($a_username,$a_password,$isChallengeResponse = false)
98  {
99  $GLOBALS['ilLog']->write(__METHOD__.': Soap auth fetch data');
100 
101  // check whether external user exists in ILIAS database
102  $local_user = ilObjUser::_checkExternalAuthAccount("soap", $a_username);
103 
104  if ($local_user == "")
105  {
106  $new_user = true;
107  }
108  else
109  {
110  $new_user = false;
111  }
112 
113  $soapAction = "";
114  $nspref = "";
115  if ($this->use_dotnet)
116  {
117  $soapAction = $this->server_nms."/isValidSession";
118  $nspref = "ns1:";
119  }
120  $valid = $this->client->call('isValidSession',
121  array($nspref.'ext_uid' => $a_username,
122  $nspref.'soap_pw' => $a_password,
123  $nspref.'new_user' => $new_user),
124  $this->server_nms,
125  $soapAction);
126 //echo "<br>== Request ==";
127 //echo '<br><pre>' . htmlspecialchars($this->soap_client->request, ENT_QUOTES) . '</pre><br>';
128 //echo "<br>== Response ==";
129 //echo "<br>Valid: -".$valid["valid"]."-";
130 //echo '<br><pre>' . htmlspecialchars($this->soap_client->response, ENT_QUOTES) . '</pre>';
131 
132  if (trim($valid["valid"]) == "false")
133  {
134  $valid["valid"] = false;
135  }
136 
137  // to do check SOAP error!?
138  $valid["local_user"] = $local_user;
139  $this->response = $valid;
140  return $valid['valid'] == true;
141  }
142 
149  public function loginObserver($a_username,$a_auth)
150  {
151  global $ilias, $rbacadmin, $lng, $ilSetting;
152 
153  $GLOBALS['ilLog']->write(__METHOD__.': SOAP login observer called');
154 
155 
156  // TODO: handle passed credentials via GET
157  /*
158  if (empty($_GET["ext_uid"]) || empty($_GET["soap_pw"]))
159  {
160  $this->status = AUTH_WRONG_LOGIN;
161  return;
162  }
163  */
164 
165  // Not required anymore
166  /*
167  $validation_data = $this->validateSoapUser($_GET["ext_uid"], $_GET["soap_pw"]);
168 
169  if (!$validation_data["valid"])
170  {
171  $this->status = AUTH_WRONG_LOGIN;
172  return;
173  }
174  */
175 
176  $local_user = $this->response["local_user"];
177  if ($local_user != "")
178  {
179  // to do: handle update of user
180  $a_auth->setAuth($local_user);
181  return true;
182  }
183  if(!$ilSetting->get("soap_auth_create_users"))
184  {
185  $a_auth->status = AUTH_SOAP_NO_ILIAS_USER;
186  $a_auth->logout();
187  return false;
188  }
189 //echo "1";
190  // try to map external user via e-mail to ILIAS user
191  if ($this->response["email"] != "")
192  {
193 //echo "2";
194 //var_dump ($_POST);
195  $email_user = ilObjUser::_getLocalAccountsForEmail($this->response["email"]);
196 
197  // check, if password has been provided in user mapping screen
198  // (see ilStartUpGUI::showUserMappingSelection)
199  // FIXME
200  if ($_POST["LoginMappedUser"] != "")
201  {
202  if (count($email_user) > 0)
203  {
204  $user = ilObjectFactory::getInstanceByObjId($_POST["usr_id"]);
205  require_once 'Services/User/classes/class.ilUserPasswordManager.php';
206  if(ilUserPasswordManager::getInstance()->verifyPassword($user, ilUtil::stripSlashes($_POST["password"])))
207  {
208  // password is correct -> map user
209  //$this->setAuth($local_user); (use login not id)
210  ilObjUser::_writeExternalAccount($_POST["usr_id"], $_GET["ext_uid"]);
211  ilObjUser::_writeAuthMode($_POST["usr_id"], "soap");
212  $_GET["cmd"] = $_POST["cmd"] = $_GET["auth_stat"]= "";
213  $local_user = ilObjUser::_lookupLogin($_POST["usr_id"]);
214  $a_auth->status = '';
215  $a_auth->setAuth($local_user);
216  return true;
217  }
218  else
219  {
220 //echo "6"; exit;
221 
222  $a_auth->status = AUTH_SOAP_NO_ILIAS_USER_BUT_EMAIL;
223  $a_auth->setSubStatus(AUTH_WRONG_LOGIN);
224  $a_auth->logout();
225  return false;
226  }
227  }
228  }
229 
230  if (count($email_user) > 0 && $_POST["CreateUser"] == "")
231  {
232  $_GET["email"] = $this->response["email"];
233  $a_auth->status = AUTH_SOAP_NO_ILIAS_USER_BUT_EMAIL;
234  $a_auth->logout();
235  return false;
236  }
237  }
238 
239  $userObj = new ilObjUser();
240  $local_user = ilAuthUtils::_generateLogin($a_username);
241 
242  $newUser["firstname"] = $this->response["firstname"];
243  $newUser["lastname"] = $this->response["lastname"];
244  $newUser["email"] = $this->response["email"];
245 
246  $newUser["login"] = $local_user;
247 
248  // to do: set valid password and send mail
249  $newUser["passwd"] = "";
250  $newUser["passwd_type"] = IL_PASSWD_CRYPTED;
251 
252  // generate password, if local authentication is allowed
253  // and account mail is activated
254  $pw = "";
255 
256  if ($ilSetting->get("soap_auth_allow_local") &&
257  $ilSetting->get("soap_auth_account_mail"))
258  {
259  $pw = ilUtil::generatePasswords(1);
260  $pw = $pw[0];
261  $newUser["passwd"] = $pw;
262  $newUser["passwd_type"] = IL_PASSWD_PLAIN;
263  }
264 
265  //$newUser["gender"] = "m";
266  $newUser["auth_mode"] = "soap";
267  $newUser["ext_account"] = $a_username;
268  $newUser["profile_incomplete"] = 1;
269 
270  // system data
271  $userObj->assignData($newUser);
272  $userObj->setTitle($userObj->getFullname());
273  $userObj->setDescription($userObj->getEmail());
274 
275  // set user language to system language
276  $userObj->setLanguage($lng->lang_default);
277 
278  // Time limit
279  $userObj->setTimeLimitOwner(7);
280  $userObj->setTimeLimitUnlimited(1);
281  $userObj->setTimeLimitFrom(time());
282  $userObj->setTimeLimitUntil(time());
283 
284  // Create user in DB
285  $userObj->setOwner(0);
286  $userObj->create();
287  $userObj->setActive(1);
288 
289  $userObj->updateOwner();
290 
291  //insert user data in table user_data
292  $userObj->saveAsNew(false);
293 
294  // setup user preferences
295  $userObj->writePrefs();
296 
297  // to do: test this
298  $rbacadmin->assignUser($ilSetting->get('soap_auth_user_default_role'), $userObj->getId(),true);
299 
300  // send account mail
301  if ($ilSetting->get("soap_auth_account_mail"))
302  {
303  include_once('./Services/User/classes/class.ilObjUserFolder.php');
304  $amail = ilObjUserFolder::_lookupNewAccountMail($ilSetting->get("language"));
305  if (trim($amail["body"]) != "" && trim($amail["subject"]) != "")
306  {
307  include_once("Services/Mail/classes/class.ilAccountMail.php");
308  $acc_mail = new ilAccountMail();
309 
310  if ($pw != "")
311  {
312  $acc_mail->setUserPassword($pw);
313  }
314  $acc_mail->setUser($userObj);
315  $acc_mail->send();
316  }
317  }
318 
319  unset($userObj);
320  $a_auth->setAuth($local_user);
321  return true;
322  }
323 }