ILIAS  release_10 Revision v10.1-43-ga1241a92c2f
class.ilSimpleSAMLphpWrapper.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
25 final class ilSimpleSAMLphpWrapper implements ilSamlAuth
26 {
27  private const ILIAS = 'ilias';
28 
29  private readonly SimpleSAML\Configuration $config;
30  private readonly SimpleSAML\Auth\Simple $authSource;
31 
32  public function __construct(string $authSourceName, string $configurationPath)
33  {
34  $this->initConfigFiles($configurationPath);
35 
36  SimpleSAML\Configuration::setConfigDir($configurationPath);
37  $this->config = SimpleSAML\Configuration::getInstance();
38 
39  $storageType = $this->config->getString('store.type');
40 
41  if (in_array($storageType, ['phpsession', ''], true)) {
42  throw new RuntimeException('Invalid SimpleSAMLphp session handler: Must not be phpsession or empty');
43  }
44 
45  $this->authSource = new SimpleSAML\Auth\Simple($authSourceName);
46  }
47 
48  private function initConfigFiles(string $configurationPath): void
49  {
50  global $DIC;
51 
52  $templateHandler = new ilSimpleSAMLphpConfigTemplateHandler($DIC->filesystem()->storage());
53  $templateHandler->copy('../components/ILIAS/Saml/resources/config.php.dist', 'auth/saml/config/config.php', [
54  'DB_PATH' => rtrim($configurationPath, '/') . '/ssphp.sq3',
55  'SQL_INITIAL_PASSWORD' => static function (): string {
56  return substr(str_replace('+', '.', base64_encode(ilPasswordUtils::getBytes(20))), 0, 10);
57  },
58  'COOKIE_PATH' => IL_COOKIE_PATH,
59  'LOG_DIRECTORY' => ilLoggingDBSettings::getInstance()->getLogDir()
60  ]);
61  $templateHandler->copy('../components/ILIAS/Saml/resources/authsources.php.dist', 'auth/saml/config/authsources.php', [
62  'RELAY_STATE' => rtrim(ILIAS_HTTP_PATH, '/') . '/saml.php',
63  'SP_ENTITY_ID' => rtrim(ILIAS_HTTP_PATH, '/') . '/metadata.php'
64  ]);
65  }
66 
67  public function getAuthId(): string
68  {
69  return $this->authSource->getAuthSource()->getAuthId();
70  }
71 
72  public function protectResource(): void
73  {
74  $this->authSource->requireAuth();
75  }
76 
77  public function storeParam(string $key, $value): void
78  {
79  $session = SimpleSAML\Session::getSessionFromRequest();
80  $session->setData(self::ILIAS, $key, $value);
81  }
82 
83  public function getParam(string $key)
84  {
85  $session = SimpleSAML\Session::getSessionFromRequest();
86 
87  return $session->getData(self::ILIAS, $key);
88  }
89 
90  public function popParam(string $key)
91  {
92  $session = SimpleSAML\Session::getSessionFromRequest();
93  $value = $this->getParam($key);
94  $session->deleteData(self::ILIAS, $key);
95 
96  return $value;
97  }
98 
99  public function isAuthenticated(): bool
100  {
101  return $this->authSource->isAuthenticated();
102  }
103 
104  public function getAttributes(): array
105  {
106  return $this->authSource->getAttributes();
107  }
108 
109  public function logout(string $returnUrl = ''): void
110  {
111  ilSession::clear('used_external_auth_mode');
112 
113  $params = [
114  'ReturnStateParam' => 'LogoutState',
115  'ReturnStateStage' => 'ilLogoutState'
116  ];
117 
118  if ($returnUrl !== '') {
119  $params['ReturnTo'] = $returnUrl;
120  }
121 
122  $this->authSource->logout($params);
123  }
124 
125  public function getIdpDiscovery(): ilSamlIdpDiscovery
126  {
127  return new ilSimpleSAMLphplIdpDiscovery();
128  }
129 
130  public function getAuthDataArray(): array
131  {
132  return $this->authSource->getAuthDataArray();
133  }
134 }
ilSimpleSAMLphpConfigTemplateHandler\copy
copy(string $sourcePath, string $destinationPath, array $placeholders=[])
Definition: class.ilSimpleSAMLphpConfigTemplateHandler.php:36
$params
if(! $DIC->user() ->getId()||!ilLTIConsumerAccess::hasCustomProviderCreationAccess()) $params
Definition: ltiregstart.php:31
ilSimpleSAMLphpWrapper\protectResource
protectResource()
Protect a script resource with a SAML auth.
Definition: class.ilSimpleSAMLphpWrapper.php:72
ILIAS
Interface Observer Contains several chained tasks and infos about them.
Definition: AccessControl.php:21
ilSimpleSAMLphpWrapper\__construct
__construct(string $authSourceName, string $configurationPath)
Definition: class.ilSimpleSAMLphpWrapper.php:32
ilSimpleSAMLphpWrapper\$config
readonly SimpleSAML Configuration $config
Definition: class.ilSimpleSAMLphpWrapper.php:29
$DIC
global $DIC
Definition: shib_login.php:25
ilPasswordUtils\getBytes
static getBytes(int $length)
Generate random bytes using OpenSSL or Mcrypt and mt_rand() as fallback.
Definition: class.ilPasswordUtils.php:32
ilSimpleSAMLphpWrapper\initConfigFiles
initConfigFiles(string $configurationPath)
Definition: class.ilSimpleSAMLphpWrapper.php:48
ilSimpleSAMLphpWrapper\$authSource
readonly SimpleSAML Auth Simple $authSource
Definition: class.ilSimpleSAMLphpWrapper.php:30
ilSimpleSAMLphpWrapper
Class ilSimpleSAMLphpWrapper.
Definition: class.ilSimpleSAMLphpWrapper.php:25
ilSession\clear
static clear(string $a_var)
Definition: class.ilSession.php:414
ilSimpleSAMLphplIdpDiscovery
Class ilSimpleSAMLphplIdpDiscovery.
Definition: class.ilSimpleSAMLphplIdpDiscovery.php:25
IL_COOKIE_PATH
const IL_COOKIE_PATH(isset($_GET['client_id']))
Definition: index.php:47