Authentication against external SOAP server More...

Inheritance diagram for ilAuthContainerSOAP:

Collaboration diagram for ilAuthContainerSOAP:

Public Member Functions
	__construct ()
	Constructor. More...

	initClient ()
	Init soap client. More...

	fetchData ($a_username, $a_password, $isChallengeResponse=false)
	Call is isValidSession of soap server. More...

	loginObserver ($a_username, $a_auth)
	Called after login and successful call of fetch data. More...

Public Member Functions inherited from Auth_Container
	Auth_Container ()
	Constructor. More...

	fetchData ($username, $password, $isChallengeResponse=false)
	Fetch data from storage container. More...

	verifyPassword ($password1, $password2, $cryptType="md5")
	Crypt and verfiy the entered password. More...

	supportsChallengeResponse ()
	Returns true if the container supports Challenge Response password authentication. More...

	getCryptType ()
	Returns the crypt current crypt type of the container. More...

	listUsers ()
	List all users that are available from the storage container. More...

	getUser ($username)
	Returns a user assoc array. More...

	addUser ($username, $password, $additional=null)
	Add a new user to the storage container. More...

	removeUser ($username)
	Remove user from the storage container. More...

	changePassword ($username, $password)
	Change password for user in the storage container. More...

	log ($message, $level=AUTH_LOG_DEBUG)
	Log a message to the Auth log. More...

Public Member Functions inherited from ilAuthContainerBase
	loginObserver ($a_username, $a_auth)
	Called after successful login. More...

	failedLoginObserver ($a_username, $a_auth)
	Called after failed login. More...

	checkAuthObserver ($a_username, $a_auth)
	Called after check auth requests. More...

	logoutObserver ($a_username, $a_auth)
	Called after logout. More...

	supportsCaptchaVerification ()
	Returns whether or not the auth container supports the verification of captchas This should be true for those auth methods, which are available in the default login form. More...

Protected Attributes
	$server_host = null

	$server_port = null

	$server_uri = null

	$server_https = null

	$server_nms = null

	$use_dot_net = null

	$uri = null

	$client = null

	$response = null

Additional Inherited Members
Data Fields inherited from Auth_Container
	$activeUser = ""
	User that is currently selected from the storage container. More...

	$_auth_obj = null
	The Auth object this container is attached to. More...

Detailed Description

Authentication against external SOAP server

Todo:: This class should inherit either from Auth_Container_SOAP or Auth_Container_SOAP5

Author: Stefan Meyer smeye.nosp@m.r.il.nosp@m.ias@g.nosp@m.mx.d.nosp@m.e

Version: $id$

Definition at line 35 of file class.ilAuthContainerSOAP.php.

Constructor & Destructor Documentation

◆ __construct()

ilAuthContainerSOAP::__construct ( )

Constructor.

Definition at line 50 of file class.ilAuthContainerSOAP.php.

References $_GET, $_POST, and initClient().

         {
                 $_POST['username'] = $_GET['ext_uid'];
                 $_POST['password'] = $_GET['soap_pw'];
                 
                 parent::__construct();
                 $this->initClient();
         }

Here is the call graph for this function:

Member Function Documentation

◆ fetchData()

ilAuthContainerSOAP::fetchData	(	$a_username,
		$a_password,
		$isChallengeResponse = `false`
	)

Call is isValidSession of soap server.

Returns: bool

Parameters

string	$a_username
string	$a_password
bool	$isChallengeResponse,[optional]

Definition at line 94 of file class.ilAuthContainerSOAP.php.

References $GLOBALS, $new_user, $valid, and ilObjUser\_checkExternalAuthAccount().

         {
                 $GLOBALS['ilLog']->write(__METHOD__.': Soap auth fetch data');
 
                 // check whether external user exists in ILIAS database
                 $local_user = ilObjUser::_checkExternalAuthAccount("soap", $a_username);
                 
                 if ($local_user == "")
                 {
                         $new_user = true;
                 }
                 else
                 {
                         $new_user = false;
                 }
                 
                 $soapAction = "";
                 $nspref = "";
                 if ($this->use_dotnet)
                 {
                         $soapAction = $this->server_nms."/isValidSession";
                         $nspref = "ns1:";
                 }
                 $valid = $this->client->call('isValidSession',
                         array($nspref.'ext_uid' => $a_username,
                                 $nspref.'soap_pw' => $a_password,
                                 $nspref.'new_user' => $new_user),
                         $this->server_nms,
                         $soapAction);
                 
                 if (trim($valid["valid"]) == "false")
                 {
                         $valid["valid"] = false;
                 }
 
                 // to do check SOAP error!?
                 $valid["local_user"] = $local_user;
                 $this->response = $valid;
 
                 return $valid['valid'] == true;
         }

Here is the call graph for this function:

◆ initClient()

ilAuthContainerSOAP::initClient ( )

Init soap client.

Definition at line 62 of file class.ilAuthContainerSOAP.php.

References $ilSetting, and $server_host.

Referenced by __construct().

         {
                 global $ilSetting;
                 
                 $this->server_host      = $ilSetting->get('soap_auth_server');
                 $this->server_port      = $ilSetting->get('soap_auth_port');
                 $this->server_uri       = $ilSetting->get('soap_auth_uri');
                 $this->server_https     = $ilSetting->get('soap_auth_use_https');
                 $this->server_nms       = $ilSetting->get('soap_auth_namespace');
                 $this->use_dot_net      = $ilSetting->get('use_dotnet');
                 
                 $this->uri  = $this->server_https ? 'https://' : 'http://';
                 $this->uri .= $this->server_host;
                 
                 if($this->server_port > 0)
                 {
                         $this->uri .= (':'.$this->server_port);
                 }
                 if($this->server_uri)
                 {
                         $this->uri .= ('/'.$this->server_uri);
                 }
                 $this->client = new nusoap_client($this->uri);
         }

Here is the caller graph for this function:

◆ loginObserver()

ilAuthContainerSOAP::loginObserver	(	$a_username,
		$a_auth
	)

Called after login and successful call of fetch data.

Returns: bool

Parameters

string	$a_username
\ilAuthWeb	$a_auth

Definition at line 142 of file class.ilAuthContainerSOAP.php.

References $GLOBALS, $ilSetting, $lng, ilAuthUtils\_generateLogin(), ilObjUserFolder\_lookupNewAccountMail(), AUTH_SOAP_NO_ILIAS_USER, ilUtil\generatePasswords(), IL_PASSWD_CRYPTED, and IL_PASSWD_PLAIN.

         {
                 global $rbacadmin, $lng, $ilSetting;
                 
                 $GLOBALS['ilLog']->write(__METHOD__.': SOAP login observer called');
                 
                 $local_user = $this->response["local_user"];
                 if ($local_user != "")
                 {
                         // to do: handle update of user
                         $a_auth->setAuth($local_user);
                         return true;
                 }
                 if(!$ilSetting->get("soap_auth_create_users"))
                 {
                         $a_auth->status = AUTH_SOAP_NO_ILIAS_USER;
                         $a_auth->logout();
                         return false;
                 }
 
                 $userObj = new ilObjUser();
                 $local_user = ilAuthUtils::_generateLogin($a_username);
                 
                 $newUser["firstname"] = $this->response["firstname"];
                 $newUser["lastname"] = $this->response["lastname"];
                 $newUser["email"] = $this->response["email"];
                 
                 $newUser["login"] = $local_user;
                 
                 // to do: set valid password and send mail
                 $newUser["passwd"] = ""; 
                 $newUser["passwd_type"] = IL_PASSWD_CRYPTED;
                 
                 // generate password, if local authentication is allowed
                 // and account mail is activated
                 $pw = "";
 
                 if ($ilSetting->get("soap_auth_allow_local") &&
                         $ilSetting->get("soap_auth_account_mail"))
                 {
                         $pw = ilUtil::generatePasswords(1);
                         $pw = $pw[0];
                         $newUser["passwd"] = $pw;
                         $newUser["passwd_type"] = IL_PASSWD_PLAIN;
                 }
 
                 //$newUser["gender"] = "m";
                 $newUser["auth_mode"] = "soap";
                 $newUser["ext_account"] = $a_username;
                 $newUser["profile_incomplete"] = 1;
                 
                 // system data
                 $userObj->assignData($newUser);
                 $userObj->setTitle($userObj->getFullname());
                 $userObj->setDescription($userObj->getEmail());
         
                 // set user language to system language
                 $userObj->setLanguage($lng->lang_default);
                 
                 // Time limit
                 $userObj->setTimeLimitOwner(7);
                 $userObj->setTimeLimitUnlimited(1);
                 $userObj->setTimeLimitFrom(time());
                 $userObj->setTimeLimitUntil(time());
                                                 
                 // Create user in DB
                 $userObj->setOwner(0);
                 $userObj->create();
                 $userObj->setActive(1);
                 
                 $userObj->updateOwner();
                 
                 //insert user data in table user_data
                 $userObj->saveAsNew(false);
                 
                 // setup user preferences
                 $userObj->writePrefs();
                 
                 // to do: test this
                 $rbacadmin->assignUser($ilSetting->get('soap_auth_user_default_role'), $userObj->getId(),true);
 
                 // send account mail
                 if ($ilSetting->get("soap_auth_account_mail"))
                 {
                         include_once('./Services/User/classes/class.ilObjUserFolder.php');
                         $amail = ilObjUserFolder::_lookupNewAccountMail($ilSetting->get("language"));
                         if (trim($amail["body"]) != "" && trim($amail["subject"]) != "")
                         {
                                 include_once("Services/Mail/classes/class.ilAccountMail.php");
                                 $acc_mail = new ilAccountMail();
 
                                 if ($pw != "")
                                 {
                                         $acc_mail->setUserPassword($pw);
                                 }
                                 $acc_mail->setUser($userObj);
                                 $acc_mail->send();
                         }
                 }
 
                 unset($userObj);
                 $a_auth->setAuth($local_user);
                 return true;
         }