ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilAuthContainerOpenId.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
4 include_once 'Auth/Container.php';
5 
13 class ilAuthContainerOpenId extends Auth_Container
14 {
15  private $settings = null;
16 
17  private $response_data = array();
18  private $force_creation = false;
19 
24  public function __construct()
25  {
26  parent::__construct();
27 
28  $this->initSettings();
29  }
30 
38  public function fetchData($a_username,$a_password,$isChallengeResponse = false)
39  {
40  global $ilLog;
41 
42  $ilLog->write(__METHOD__.': Fetch Data called');
43 
44  $response = $this->settings->getConsumer()->complete($this->settings->getReturnLocation());
45 
46  switch($response->status)
47  {
48  case Auth_OpenID_CANCEL:
49  die("Auth cancelled");
50 
51  case Auth_OpenID_FAILURE:
52  die("Auth failed with message: ".$response->message);
53 
54  case Auth_OpenID_SUCCESS:
55  $openid = $response->getDisplayIdentifier();
56  $esc_identity = htmlentities($openid);
57  $ilLog->write(__METHOD__.': Auth success with identity '.$esc_identity);
58 
59  if($response->endpoint->canonicalID)
60  {
61  $escaped_canonicalID = htmlentities($response->endpoint->canonicalID);
62  $ilLog->write(__METHOD__.': Auth success with canonical id: '.$esc_identity);
63 
64  }
65  include_once 'Auth/OpenID/SReg.php';
66 
67  // Check if simple registration is supported
68  if(Auth_OpenID_supportsSReg($response->endpoint))
69  {
70  $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response,true);
71  $this->response_data = $sreg_resp->contents();
72 
73 
74  $ilLog->write(__METHOD__.' auth data: '.print_r($this->response_data,true));
75  return true;
76  }
77  else
78  {
79  // Try to fetch response values
80  foreach($response->message->args->keys as $key => $mapping)
81  {
82  if($mapping[1] == 'sreg.nickname')
83  {
84  $this->response_data['nickname'] = $response->message->args->values[$key];
85  }
86  if($mapping[1] == 'sreg.email')
87  {
88  $this->response_data['email'] = $response->message->args->values[$key];
89  }
90  }
91  }
92  return true;
93 
94  }
95  return false;
96  }
97 
105  public function forceCreation($a_status)
106  {
107  $this->force_creation = true;
108  }
109 
110 
114  public function loginObserver($a_username,$a_auth)
115  {
116  global $ilLog;
117 
118  $GLOBALS['ilLog']->write(__METHOD__.': Login observer called for openid');
119 
120  $this->initSettings();
121  $this->response_data['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount(
122  "openid",
123  $this->response_data['nickname']
124  );
125  if(!$this->response_data['ilInternalAccount'])
126  {
127  if($this->settings->isCreationEnabled())
128  {
129  if($this->settings->isAccountMigrationEnabled() and !$this->force_creation and !$_SESSION['force_creation'])
130  {
131  $a_auth->logout();
132  $_SESSION['tmp_auth_mode'] = 'openid';
133  $_SESSION['tmp_auth_mode_type'] = 'openid';
134  $_SESSION['tmp_oid_username'] = urldecode($_GET['openid_identity']);
135  $_SESSION['tmp_oid_provider'] = $_POST['oid_provider'];
136  $_SESSION['tmp_external_account'] = $this->response_data['nickname'];
137  $_SESSION['tmp_pass'] = $_POST['password'];
138  $_SESSION['tmp_roles'] = array(0 => $this->settings->getDefaultRole());
139 
140  $GLOBALS['ilLog']->write(__METHOD__.': Redirect migration');
141  ilUtil::redirect('ilias.php?baseClass=ilStartUpGUI&cmd=showAccountMigration&cmdClass=ilstartupgui');
142  }
143 
144  include_once './Services/OpenId/classes/class.ilOpenIdAttributeToUser.php';
145  $new_user = new ilOpenIdAttributeToUser();
146  $new_name = $new_user->create($this->response_data['nickname'],$this->response_data);
147 
148  $GLOBALS['ilLog']->write(__METHOD__.': Create user with name:'. $new_name);
149  $a_auth->setAuth($new_name);
150  return true;
151  }
152  else
153  {
154  // No syncronisation allowed => create Error
155  $a_auth->status = AUTH_OPENID_NO_ILIAS_USER;
156  $a_auth->logout();
157  $GLOBALS['ilLog']->write(__METHOD__.': No creation');
158  return false;
159  }
160 
161  }
162  else
163  {
164  $GLOBALS['ilLog']->write(__METHOD__.': Using old name: ' . $this->response_data['ilInternalAccount']);
165  $a_auth->setAuth($this->response_data['ilInternalAccount']);
166  return true;
167  }
168  return false;
169  }
170 
175  protected function initSettings()
176  {
177  include_once './Services/OpenId/classes/class.ilOpenIdSettings.php';
178  //$this->settings = ilOpenIdSettings::getInstance();
179  $this->settings = ilOpenIdSettings::getInstance();
180  $this->settings->initConsumer();
181  }
182 }
183 ?>
Auth_Container
Definition: Container.php:39
Auth_OpenID_SUCCESS
const Auth_OpenID_SUCCESS
Require utility classes and functions for the consumer.
Definition: Consumer.php:180
Auth_OpenID_CANCEL
const Auth_OpenID_CANCEL
Status to indicate cancellation of OpenID authentication.
Definition: Consumer.php:185
$_POST
$_POST['username']
Definition: cron.php:12
Auth_OpenID_SRegResponse\fromSuccessResponse
static fromSuccessResponse($success_response, $signed_only=true)
Create a C{L{SRegResponse}} object from a successful OpenID library response (C{L{openid.consumer.consumer.SuccessResponse}}) response message.
Definition: SReg.php:474
ilOpenIdSettings\getInstance
static getInstance()
Get singleton instance.
Definition: class.ilOpenIdSettings.php:40
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
Auth_OpenID_FAILURE
const Auth_OpenID_FAILURE
This is the status code completeAuth returns when the value it received indicated an invalid login...
Definition: Consumer.php:191
ilAuthContainerOpenId\initSettings
initSettings()
Init open id settings.
Definition: class.ilAuthContainerOpenId.php:175
ilAuthContainerOpenId\loginObserver
loginObserver($a_username, $a_auth)
Definition: class.ilAuthContainerOpenId.php:114
ilAuthContainerOpenId\forceCreation
forceCreation($a_status)
Force creation of user accounts.
Definition: class.ilAuthContainerOpenId.php:105
ilAuthContainerOpenId\fetchData
fetchData($a_username, $a_password, $isChallengeResponse=false)
Definition: class.ilAuthContainerOpenId.php:38
AUTH_OPENID_NO_ILIAS_USER
const AUTH_OPENID_NO_ILIAS_USER
Definition: class.ilAuthUtils.php:29
$ilLog
$ilLog
Definition: inc.setup_header.php:136
$new_user
$new_user
Definition: dummy_client.php:24
ilObjUser\_checkExternalAuthAccount
static _checkExternalAuthAccount($a_auth, $a_account)
check whether external account and authentication method matches with a user
Definition: class.ilObjUser.php:3766
$GLOBALS
$GLOBALS['PHPCAS_CLIENT']
This global variable is used by the interface class phpCAS.
Definition: CAS.php:276
ilUtil\redirect
static redirect($a_script)
http redirect to other script
Definition: class.ilUtil.php:3635
ilAuthContainerOpenId
Pear auth container for openid
Definition: class.ilAuthContainerOpenId.php:13
Auth_OpenID_supportsSReg
Auth_OpenID_supportsSReg($endpoint)
Does the given endpoint advertise support for simple registration?
Definition: SReg.php:97