Inheritance diagram for ilAuthProviderSoap:

Collaboration diagram for ilAuthProviderSoap:

Public Member Functions
	__construct (ilAuthCredentials $credentials)

	doAuthentication (ilAuthStatus $status)

Public Member Functions inherited from ilAuthProvider
	__construct (ilAuthCredentials $credentials)
	Constructor. More...

	getLogger ()
	Get logger. More...

	getCredentials ()

Public Member Functions inherited from ilAuthProviderInterface
	doAuthentication (\ilAuthStatus $status)
	Do authentication. More...

Protected Attributes
string	$server_host = ''

string	$server_port = ''

string	$server_uri = ''

bool	$server_https = false

string	$server_nms = ''

bool	$use_dot_net = false

string	$uri = ''

nusoap_client	$client

ilLogger	$logger

ilSetting	$settings

ilLanguage	$language

ilRbacAdmin	$rbacAdmin

Private Member Functions
	initClient ()

	handleSoapAuth (ilAuthStatus $status)

Additional Inherited Members
Protected Member Functions inherited from ilAuthProvider
	handleAuthenticationFail (ilAuthStatus $status, string $a_reason)
	Handle failed authentication. More...

Detailed Description

Definition at line 21 of file class.ilAuthProviderSoap.php.

Constructor & Destructor Documentation

◆ __construct()

ilAuthProviderSoap::__construct ( ilAuthCredentials $credentials )

Definition at line 36 of file class.ilAuthProviderSoap.php.

References $DIC, ILIAS\GlobalScreen\Provider\__construct(), ILIAS\UI\examples\Symbol\Glyph\Language\language(), ILIAS\Repository\logger(), and ILIAS\Repository\settings().

     {
         global $DIC;
 
         $this->settings = $DIC->settings();
         $this->logger = $DIC->logger()->auth();
         $this->language = $DIC->language();
         $this->rbacAdmin = $DIC->rbac()->admin();
 
         parent::__construct($credentials);
     }

Here is the call graph for this function:

Member Function Documentation

◆ doAuthentication()

ilAuthProviderSoap::doAuthentication ( ilAuthStatus $status )

Definition at line 74 of file class.ilAuthProviderSoap.php.

References Vendor\Package\$e, ANONYMOUS_USER_ID, ilAuthUtils\AUTH_SOAP, ilAuthStatus\getAuthenticatedUserId(), ilAuthProvider\getCredentials(), ilAuthProvider\getLogger(), handleSoapAuth(), initClient(), ILIAS\Repository\logger(), ilSession\set(), ilAuthStatus\setStatus(), ilAuthStatus\setTranslatedReason(), ilAuthStatus\STATUS_AUTHENTICATED, and ilAuthStatus\STATUS_AUTHENTICATION_FAILED.

                                                           : bool
     {
         try {
             $this->initClient();
             $this->handleSoapAuth($status);
         } catch (Exception $e) {
             $this->getLogger()->error($e->getMessage());
             $this->getLogger()->error($e->getTraceAsString());
             $status->setTranslatedReason($e->getMessage());
         }
 
         if ($status->getAuthenticatedUserId() > 0 && $status->getAuthenticatedUserId() !== ANONYMOUS_USER_ID) {
             $this->logger->info('Successfully authenticated user via SOAP: ' . $this->getCredentials()->getUsername());
             $status->setStatus(ilAuthStatus::STATUS_AUTHENTICATED);
             ilSession::set('used_external_auth_mode', ilAuthUtils::AUTH_SOAP);
 
             return true;
         }
 
         $status->setStatus(ilAuthStatus::STATUS_AUTHENTICATION_FAILED);
 
         return false;
     }

Here is the call graph for this function:

◆ handleSoapAuth()

ilAuthProviderSoap::handleSoapAuth ( ilAuthStatus $status )

private

Definition at line 98 of file class.ilAuthProviderSoap.php.

References $valid, ilObjUser\_checkExternalAuthAccount(), ilAuthUtils\_generateLogin(), ilObjUser\_lookupId(), ILIAS\UI\examples\Progress\Bar\client(), ilSecuritySettingsChecker\generatePasswords(), ilAuthProvider\getCredentials(), ILIAS\UI\examples\Symbol\Glyph\Language\language(), ILIAS\Repository\logger(), ilObjUser\PASSWD_CRYPTED, ilObjUser\PASSWD_PLAIN, ilAuthStatus\setAuthenticatedUserId(), ilAuthStatus\setReason(), ILIAS\Repository\settings(), ilAuthStatus\setTranslatedReason(), and USER_FOLDER_ID.

Referenced by doAuthentication().

                                                          : bool
     {
         $this->logger->debug(sprintf(
             'Login observer called for SOAP authentication request of ext_account "%s" and auth_mode "%s".',
             $this->getCredentials()->getUsername(),
             'soap'
         ));
         $this->logger->debug(sprintf(
             'Trying to find ext_account "%s" for auth_mode "%s".',
             $this->getCredentials()->getUsername(),
             'soap'
         ));
 
         $internalLogin = ilObjUser::_checkExternalAuthAccount(
             'soap',
             $this->getCredentials()->getUsername()
         );
 
         $isNewUser = false;
         if ('' === $internalLogin || null === $internalLogin) {
             $isNewUser = true;
         }
 
         $soapAction = '';
         $nspref = '';
         if ($this->use_dot_net) {
             $soapAction = $this->server_nms . '/isValidSession';
             $nspref = 'ns1:';
         }
 
         $valid = $this->client->call(
             'isValidSession',
             [
                 $nspref . 'ext_uid' => $this->getCredentials()->getUsername(),
                 $nspref . 'soap_pw' => $this->getCredentials()->getPassword(),
                 $nspref . 'new_user' => $isNewUser
             ],
             $this->server_nms,
             $soapAction
         );
 
         if (!is_array($valid)) {
             $valid = ['valid' => false];
         }
 
         if ($valid['valid'] !== true) {
             $valid['valid'] = false;
         }
 
         if (!$valid['valid']) {
             $status->setReason('err_wrong_login');
             return false;
         }
 
         if (!$isNewUser) {
             $status->setAuthenticatedUserId(ilObjUser::_lookupId($internalLogin));
             return true;
         }
 
         if (!$this->settings->get('soap_auth_create_users')) {
             // Translate the reasons, otherwise the default failure is displayed
             $status->setTranslatedReason($this->language->txt('err_valid_login_account_creation_disabled'));
             return false;
         }
 
         $userObj = new ilObjUser();
         $internalLogin = ilAuthUtils::_generateLogin($this->getCredentials()->getUsername());
 
         $usrData = [];
         $usrData['firstname'] = $valid['firstname'];
         $usrData['lastname'] = $valid['lastname'];
         $usrData['email'] = $valid['email'];
         $usrData['login'] = $internalLogin;
         $usrData['passwd'] = '';
         $usrData['passwd_type'] = ilObjUser::PASSWD_CRYPTED;
 
         $password = '';
         if ($this->settings->get('soap_auth_allow_local')) {
             $passwords = ilSecuritySettingsChecker::generatePasswords(1);
             $password = $passwords[0];
             $usrData['passwd'] = $password;
             $usrData['passwd_type'] = ilObjUser::PASSWD_PLAIN;
         }
 
         $usrData['auth_mode'] = 'soap';
         $usrData['ext_account'] = $this->getCredentials()->getUsername();
         $usrData['profile_incomplete'] = 1;
 
         $userObj->assignData($usrData);
         $userObj->setTitle($userObj->getFullname());
         $userObj->setDescription($userObj->getEmail());
         $userObj->setLanguage($this->language->getDefaultLanguage());
 
         $userObj->setTimeLimitOwner(USER_FOLDER_ID);
         $userObj->setTimeLimitUnlimited(true);
         $userObj->setTimeLimitFrom(time());
         $userObj->setTimeLimitUntil(time());
         $userObj->setOwner(0);
         $userObj->create();
         $userObj->setActive(true);
         $userObj->updateOwner();
         $userObj->saveAsNew();
         $userObj->writePrefs();
 
         $this->rbacAdmin->assignUser(
             (int) $this->settings->get('soap_auth_user_default_role', '4'),
             $userObj->getId()
         );
 
         if ($this->settings->get('soap_auth_account_mail', '0')) {
             $registrationSettings = new ilRegistrationSettings();
             $registrationSettings->setPasswordGenerationStatus(true);
 
             $accountMail = new ilAccountRegistrationMail(
                 $registrationSettings,
                 $this->language,
                 $this->logger
             );
             $accountMail
                 ->withDirectRegistrationMode()
                 ->send($userObj, $password, false);
         }
 
         $status->setAuthenticatedUserId($userObj->getId());
         return true;
     }

Here is the call graph for this function:

Here is the caller graph for this function:

◆ initClient()

ilAuthProviderSoap::initClient ( )

private

Definition at line 48 of file class.ilAuthProviderSoap.php.

References $server_host, $server_port, $server_uri, ILIAS\UI\examples\Progress\Bar\client(), and ILIAS\Repository\settings().

Referenced by doAuthentication().

                                  : void
     {
         $this->server_host = (string) $this->settings->get('soap_auth_server', '');
         $this->server_port = (string) $this->settings->get('soap_auth_port', '');
         $this->server_uri = (string) $this->settings->get('soap_auth_uri', '');
         $this->server_nms = (string) $this->settings->get('soap_auth_namespace', '');
         $this->server_https = (bool) $this->settings->get('soap_auth_use_https', '0');
         $this->use_dot_net = (bool) $this->settings->get('use_dotnet', '0');
 
         $this->uri = $this->server_https ? 'https://' : 'http://';
         $this->uri .= $this->server_host;
 
         if ($this->server_port > 0) {
             $this->uri .= (':' . $this->server_port);
         }
         if ($this->server_uri) {
             $this->uri .= ('/' . $this->server_uri);
         }
 
         require_once __DIR__ . '/../../soap/lib/nusoap.php';
         $this->client = new nusoap_client($this->uri);
     }