ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
Public Member Functions | Protected Member Functions | Private Attributes
ilAuthOpenId Class Reference

Open ID auth class More...

+ Inheritance diagram for ilAuthOpenId:
+ Collaboration diagram for ilAuthOpenId:

Public Member Functions

 __construct ($a_container, $a_addition_options=array())
 Contructor. More...
 
 supportsRedirects ()
 Returns true, if the current auth mode allows redirection to e.g to loginScreen, public section... More...
 
 callProvider ($username, $status, $auth)
 Auth login function Redirects to openid provider. More...
 
- Public Member Functions inherited from Auth
 Auth ($storageDriver, $options='', $loginFunction='', $showLogin=true)
 Constructor. More...
 
applyAuthOptions (&$options)
 Set the Auth options. More...
 
 _loadStorage ()
 Load Storage Driver if not already loaded. More...
 
 assignData ()
 Assign data from login form to internal values. More...
 
 start ()
 Start new auth session. More...
 
 login ()
 Login function. More...
 
 setExpire ($time, $add=false)
 Set the maximum expire time. More...
 
 setIdle ($time, $add=false)
 Set the maximum idle time. More...
 
 setSessionName ($name='session')
 Set name of the session to a customized value. More...
 
 setShowLogin ($showLogin=true)
 Should the login form be displayed if neccessary? More...
 
 setAllowLogin ($allowLogin=true)
 Should the login form be displayed if neccessary? More...
 
 setCheckAuthCallback ($checkAuthCallback)
 Register a callback function to be called whenever the validity of the login is checked The function will receive two parameters, the username and a reference to the auth object. More...
 
 setLoginCallback ($loginCallback)
 Register a callback function to be called on user login. More...
 
 setFailedLoginCallback ($loginFailedCallback)
 Register a callback function to be called on failed user login. More...
 
 setLogoutCallback ($logoutCallback)
 Register a callback function to be called on user logout. More...
 
 setAuthData ($name, $value, $overwrite=true)
 Register additional information that is to be stored in the session. More...
 
 getAuthData ($name=null)
 Get additional information that is stored in the session. More...
 
 setAuth ($username)
 Register variable in a session telling that the user has logged in successfully. More...
 
 setAdvancedSecurity ($flag=true)
 Enables advanced security checks. More...
 
 checkAuth ()
 Checks if there is a session with valid auth information. More...
 
 getAuth ()
 Has the user been authenticated? More...
 
 logout ()
 Logout function. More...
 
 updateIdle ()
 Update the idletime. More...
 
 getUsername ()
 Get the username. More...
 
 getStatus ()
 Get the current status. More...
 
 getPostUsernameField ()
 Gets the post varible used for the username. More...
 
 getPostPasswordField ()
 Gets the post varible used for the username. More...
 
 sessionValidThru ()
 Returns the time up to the session is valid. More...
 
 listUsers ()
 List all users that are currently available in the storage container. More...
 
 addUser ($username, $password, $additional='')
 Add user to the storage container. More...
 
 removeUser ($username)
 Remove user from the storage container. More...
 
 changePassword ($username, $password)
 Change password for user in the storage container. More...
 
 log ($message, $level=AUTH_LOG_DEBUG)
 Log a message from the Auth system. More...
 
 _loadLogger ()
 Load Log object if not already loaded. More...
 
 attachLogObserver (&$observer)
 Attach an Observer to the Auth Log Source. More...
 
 _isAdvancedSecurityEnabled ($feature=null)
 Is advanced security enabled? More...
 
- Public Member Functions inherited from ilAuthBase
 getSubStatus ()
 Get sub status. More...
 
 setSubStatus ($a_sub_status)
 Set sub status. More...
 
 supportsRedirects ()
 Returns true, if the current auth mode allows redirects to e.g the login screen, public section ... More...
 
 getContainer ()
 Get container object. More...
 
 getExceededUserName ()
 

Protected Member Functions

 initSettings ()
 Init open id settings. More...
 
 parseUsername (&$username, $auth)
 Parse username. More...
 
- Protected Member Functions inherited from ilAuthBase
 initAuth ()
 Init auth object Enable logging, set callbacks... More...
 
 loginObserver ($a_username, $a_auth)
 Called after successful login. More...
 
 checkExceededLoginAttempts (\ilObjUser $user)
 
 failedLoginObserver ($a_username, $a_auth)
 Called after failed login. More...
 
 checkAuthObserver ($a_username, $a_auth)
 Called after each check auth request. More...
 
 logoutObserver ($a_username, $a_auth)
 Called after logout. More...
 

Private Attributes

 $settings = null
 

Additional Inherited Members

- Static Public Member Functions inherited from Auth
_factory ($driver, $options='')
 Return a storage driver based on $driver and $options. More...
 
 staticCheckAuth ($options=null)
 Statically checks if there is a session with valid auth information. More...
 
- Data Fields inherited from Auth
 $expire = 0
 
 $expired = false
 
 $idle = 0
 
 $idled = false
 
 $storage = ''
 
 $loginFunction = ''
 
 $showLogin = true
 
 $allowLogin = true
 
 $status = ''
 
 $username = ''
 
 $password = ''
 
 $checkAuthCallback = ''
 
 $loginCallback = ''
 
 $loginFailedCallback = ''
 
 $logoutCallback = ''
 
 $_sessionName = '_authsession'
 
 $version = "@version@"
 
 $advancedsecurity = false
 
 $_postUsername = 'username'
 
 $_postPassword = 'password'
 
 $session
 
 $server
 
 $post
 
 $cookie
 
 $authdata
 
 $authChecks = 0
 
 $logger = null
 
 $enableLogging = false
 
 $regenerateSessionId = false
 
- Protected Attributes inherited from ilAuthBase
 $sub_status = null
 
 $exceeded_user_name
 

Detailed Description

Open ID auth class

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Version
$Id$

Definition at line 11 of file class.ilAuthOpenId.php.

Constructor & Destructor Documentation

◆ __construct()

ilAuthOpenId::__construct (   $a_container,
  $a_addition_options = array() 
)

Contructor.

Returns
Parameters
object$a_container
object$a_addition_options,[optional]

Definition at line 21 of file class.ilAuthOpenId.php.

References $_GET, $_POST, ilAuthBase\initAuth(), initSettings(), and Auth\setSessionName().

22  {
23  parent::__construct(
24  $a_container,
25  $a_addition_options,
26  array($this,'callProvider'),
27  true);
28  $this->setSessionName("_authhttp".md5(CLIENT_ID));
29 
30  $this->initAuth();
31  $this->initSettings();
32 
33  if(isset($_GET['oid_check_status']))
34  {
35  $_POST['username'] = 'dummy';
36  $_POST['password'] = 'dummy';
37  }
38 
39  }
$_POST
$_POST['username']
Definition: cron.php:12
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
ilAuthBase\initAuth
initAuth()
Init auth object Enable logging, set callbacks...
Definition: class.ilAuthBase.php:84
ilAuthOpenId\initSettings
initSettings()
Init open id settings.
Definition: class.ilAuthOpenId.php:112
Auth\setSessionName
setSessionName($name='session')
Set name of the session to a customized value.
Definition: Auth.php:656
+ Here is the call graph for this function:

Member Function Documentation

◆ callProvider()

ilAuthOpenId::callProvider (   $username,
  $status,
  $auth 
)

Auth login function Redirects to openid provider.

Parameters
object$username
object$status
object$auth
Returns

Definition at line 62 of file class.ilAuthOpenId.php.

References $_POST, $auth, $ilCtrl, $url, Auth\$username, AUTH_WRONG_LOGIN, Auth_OpenID_SRegRequest\build(), parseUsername(), and ilUtil\redirect().

63  {
64  global $ilCtrl;
65 
66  $username = $_POST['oid_username'];
67 
68  if(!$this->parseUsername($username,$auth))
69  {
70  return false;
71  }
72 
73  $consumer = $this->settings->getConsumer();
74  $oid_auth = $consumer->begin($username);
75 
76  if (!$oid_auth)
77  {
78  $auth->status = AUTH_WRONG_LOGIN;
79  return false;
80  }
81 
82  include_once 'Auth/OpenID/SReg.php';
83  $sreg_req = Auth_OpenID_SRegRequest::build(
84  // Required
85  array('nickname'),
86  // Optional
87  array(
88  'fullname',
89  'dob',
90  'email',
91  'gender',
92  'postcode',
93  'language',
94  'timezone'
95  )
96  );
97 
98  if ($sreg_req)
99  {
100  $oid_auth->addExtension($sreg_req);
101  }
102 
103  // TODO: Switch openid v. 1,2
104  $url = $oid_auth->redirectURL(ILIAS_HTTP_PATH,$this->settings->getReturnLocation());
105  ilUtil::redirect($url);
106  }
ilAuthOpenId\parseUsername
parseUsername(&$username, $auth)
Parse username.
Definition: class.ilAuthOpenId.php:123
$_POST
$_POST['username']
Definition: cron.php:12
$auth
$auth
Definition: inc.check_pear.php:55
$url
$url
Definition: shib_logout.php:72
$ilCtrl
global $ilCtrl
Definition: ilias.php:18
AUTH_WRONG_LOGIN
const AUTH_WRONG_LOGIN
Returned if container is unable to authenticate user/password pair.
Definition: Auth.php:38
ilUtil\redirect
static redirect($a_script)
http redirect to other script
Definition: class.ilUtil.php:3635
Auth_OpenID_SRegRequest\build
static build($required=null, $optional=null, $policy_url=null, $sreg_ns_uri=Auth_OpenID_SREG_NS_URI, $cls='Auth_OpenID_SRegRequest')
Initialize an empty simple registration request.
Definition: SReg.php:176
Auth\$username
$username
Definition: Auth.php:175
+ Here is the call graph for this function:

◆ initSettings()

ilAuthOpenId::initSettings ( )
protected

Init open id settings.

Returns

Definition at line 112 of file class.ilAuthOpenId.php.

References ilOpenIdSettings\getInstance().

Referenced by __construct().

113  {
114  include_once './Services/OpenId/classes/class.ilOpenIdSettings.php';
115  $this->settings = ilOpenIdSettings::getInstance();
116  $this->settings->initConsumer();
117  }
ilOpenIdSettings\getInstance
static getInstance()
Get singleton instance.
Definition: class.ilOpenIdSettings.php:40
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ parseUsername()

ilAuthOpenId::parseUsername ( $username,
  $auth 
)
protected

Parse username.

Returns

Definition at line 123 of file class.ilAuthOpenId.php.

References $_POST, $auth, $GLOBALS, $url, Auth\$username, AUTH_WRONG_LOGIN, and ilOpenIdProviders\getInstance().

Referenced by callProvider().

124  {
125  if($_POST['oid_provider'])
126  {
127  include_once './Services/OpenId/classes/class.ilOpenIdProviders.php';
128  try
129  {
130  $url = ilOpenIdProviders::getInstance()->getProviderById($_POST['oid_provider'])->getURL();
131  $username = sprintf($url,(string) $username);
132  $GLOBALS['ilLog']->write(__METHOD__.': Using '.$username.' for authentication');
133  return true;
134  }
135  catch(UnexpectedValueException $e)
136  {
137  $GLOBALS['ilLog']->write(__METHOD__.': Unknown provider id given: '.$username);
138  $auth->status = AUTH_WRONG_LOGIN;
139  return false;
140  }
141  }
142  if($this->settings->forcedProviderSelection())
143  {
144  $auth->status = AUTH_WRONG_LOGIN;
145  return false;
146  }
147  $GLOBALS['ilLog']->write(__METHOD__.': Trying openid url: '.$username);
148  return true;
149  }
$_POST
$_POST['username']
Definition: cron.php:12
$auth
$auth
Definition: inc.check_pear.php:55
$url
$url
Definition: shib_logout.php:72
ilOpenIdProviders\getInstance
static getInstance()
Get singleton instance.
Definition: class.ilOpenIdProviders.php:32
AUTH_WRONG_LOGIN
const AUTH_WRONG_LOGIN
Returned if container is unable to authenticate user/password pair.
Definition: Auth.php:38
$GLOBALS
$GLOBALS['PHPCAS_CLIENT']
This global variable is used by the interface class phpCAS.
Definition: CAS.php:276
Auth\$username
$username
Definition: Auth.php:175
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ supportsRedirects()

ilAuthOpenId::supportsRedirects ( )

Returns true, if the current auth mode allows redirection to e.g to loginScreen, public section...

Todo:
check if redirects are possible
Returns

Definition at line 49 of file class.ilAuthOpenId.php.

50  {
51  return true;
52  }

Field Documentation

◆ $settings

ilAuthOpenId::$settings = null
private

Definition at line 13 of file class.ilAuthOpenId.php.

The documentation for this class was generated from the following file: