ILIAS  release_5-0 Revision 5.0.0-1144-gc4397b1f870
class.ilAuthContainerOpenId.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3
4include_once 'Auth/Container.php';
5
14{
15 private $settings = null;
16
17 private $response_data = array();
18 private $force_creation = false;
19
24 public function __construct()
25 {
26 parent::__construct();
27
28 $this->initSettings();
29 }
30
38 public function fetchData($a_username,$a_password,$isChallengeResponse = false)
39 {
40 global $ilLog;
41
42 $ilLog->write(__METHOD__.': Fetch Data called');
43
44 $response = $this->settings->getConsumer()->complete($this->settings->getReturnLocation());
45
46 switch($response->status)
47 {
49 die("Auth cancelled");
50
52 die("Auth failed with message: ".$response->message);
53
55 $openid = $response->getDisplayIdentifier();
56 $esc_identity = htmlentities($openid);
57 $ilLog->write(__METHOD__.': Auth success with identity '.$esc_identity);
58
59 if($response->endpoint->canonicalID)
60 {
61 $escaped_canonicalID = htmlentities($response->endpoint->canonicalID);
62 $ilLog->write(__METHOD__.': Auth success with canonical id: '.$esc_identity);
63
64 }
65 include_once 'Auth/OpenID/SReg.php';
66
67 // Check if simple registration is supported
68 if(Auth_OpenID_supportsSReg($response->endpoint))
69 {
70 $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response,true);
71 $this->response_data = $sreg_resp->contents();
72
73
74 $ilLog->write(__METHOD__.' auth data: '.print_r($this->response_data,true));
75 return true;
76 }
77 else
78 {
79 // Try to fetch response values
80 foreach($response->message->args->keys as $key => $mapping)
81 {
82 if($mapping[1] == 'sreg.nickname')
83 {
84 $this->response_data['nickname'] = $response->message->args->values[$key];
85 }
86 if($mapping[1] == 'sreg.email')
87 {
88 $this->response_data['email'] = $response->message->args->values[$key];
89 }
90 }
91 }
92 return true;
93
94 }
95 return false;
96 }
97
105 public function forceCreation($a_status)
106 {
107 $this->force_creation = true;
108 }
109
110
114 public function loginObserver($a_username,$a_auth)
115 {
116 global $ilLog;
117
118 $GLOBALS['ilLog']->write(__METHOD__.': Login observer called for openid');
119
120 $this->initSettings();
121 $this->response_data['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount(
122 "openid",
123 $this->response_data['nickname']
124 );
125 if(!$this->response_data['ilInternalAccount'])
126 {
127 if($this->settings->isCreationEnabled())
128 {
129 if($this->settings->isAccountMigrationEnabled() and !$this->force_creation and !$_SESSION['force_creation'])
130 {
131 $a_auth->logout();
132 $_SESSION['tmp_auth_mode'] = 'openid';
133 $_SESSION['tmp_oid_username'] = urldecode($_GET['openid_identity']);
134 $_SESSION['tmp_oid_provider'] = $_POST['oid_provider'];
135 $_SESSION['tmp_external_account'] = $this->response_data['nickname'];
136 $_SESSION['tmp_pass'] = $_POST['password'];
137 $_SESSION['tmp_roles'] = array(0 => $this->settings->getDefaultRole());
138
139 $GLOBALS['ilLog']->write(__METHOD__.': Redirect migration');
140 ilUtil::redirect('ilias.php?baseClass=ilStartUpGUI&cmd=showAccountMigration&cmdClass=ilstartupgui');
141 }
142
143 include_once './Services/OpenId/classes/class.ilOpenIdAttributeToUser.php';
145 $new_name = $new_user->create($this->response_data['nickname'],$this->response_data);
146
147 $GLOBALS['ilLog']->write(__METHOD__.': Create user with name:'. $new_name);
148 $a_auth->setAuth($new_name);
149 return true;
150 }
151 else
152 {
153 // No syncronisation allowed => create Error
154 $a_auth->status = AUTH_OPENID_NO_ILIAS_USER;
155 $a_auth->logout();
156 $GLOBALS['ilLog']->write(__METHOD__.': No creation');
157 return false;
158 }
159
160 }
161 else
162 {
163 $GLOBALS['ilLog']->write(__METHOD__.': Using old name: ' . $this->response_data['ilInternalAccount']);
164 $a_auth->setAuth($this->response_data['ilInternalAccount']);
165 return true;
166 }
167 return false;
168 }
169
174 protected function initSettings()
175 {
176 include_once './Services/OpenId/classes/class.ilOpenIdSettings.php';
177 //$this->settings = ilOpenIdSettings::getInstance();
178 $this->settings = ilOpenIdSettings::getInstance();
179 $this->settings->initConsumer();
180 }
181}
182?>
const Auth_OpenID_FAILURE
This is the status code completeAuth returns when the value it received indicated an invalid login.
Definition: Consumer.php:191
const Auth_OpenID_CANCEL
Status to indicate cancellation of OpenID authentication.
Definition: Consumer.php:185
const Auth_OpenID_SUCCESS
Require utility classes and functions for the consumer.
Definition: Consumer.php:180
Auth_OpenID_supportsSReg($endpoint)
Does the given endpoint advertise support for simple registration?
Definition: SReg.php:97
$_GET["client_id"]
static fromSuccessResponse($success_response, $signed_only=true)
Create a C{L{SRegResponse}} object from a successful OpenID library response (C{L{openid....
Definition: SReg.php:474
const AUTH_OPENID_NO_ILIAS_USER
@classDescription Pear auth container for openid
forceCreation($a_status)
Force creation of user accounts.
fetchData($a_username, $a_password, $isChallengeResponse=false)
loginObserver($a_username, $a_auth)
initSettings()
Init open id settings.
static _checkExternalAuthAccount($a_auth, $a_account)
check whether external account and authentication method matches with a user
@classDescription Open ID auth class
static getInstance()
Get singleton instance.
static redirect($a_script)
http redirect to other script
$_POST['username']
Definition: cron.php:12
$new_user
$GLOBALS['ct_recipient']
< a tabindex="-1" style="border-style: none;" href="#" title="Refresh Image" onclick="document.getElementById('siimage').src = './securimage_show.php?sid=' + Math.random(); this.blur(); return false">< img src="./images/refresh.png" alt="Reload Image" height="32" width="32" onclick="this.blur()" align="bottom" border="0"/></a >< br/>< strong > Enter Code *if($_SERVER['REQUEST_METHOD']=='POST' &&@ $_POST['do']=='contact') $_SESSION['ctform']['success']