ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
class.ilAuthContainerOpenId.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3
4include_once 'Auth/Container.php';
5
14{
15 private $settings = null;
16
17 private $response_data = array();
18 private $force_creation = false;
19
24 public function __construct()
25 {
26 parent::__construct();
27
28 $this->initSettings();
29 }
30
38 public function fetchData($a_username,$a_password,$isChallengeResponse = false)
39 {
40 global $ilLog;
41
42 $ilLog->write(__METHOD__.': Fetch Data called');
43
44 $response = $this->settings->getConsumer()->complete($this->settings->getReturnLocation());
45
46 switch($response->status)
47 {
49 die("Auth cancelled");
50
52 die("Auth failed with message: ".$response->message);
53
55 $openid = $response->getDisplayIdentifier();
56 $esc_identity = htmlentities($openid);
57 $ilLog->write(__METHOD__.': Auth success with identity '.$esc_identity);
58
59 if($response->endpoint->canonicalID)
60 {
61 $escaped_canonicalID = htmlentities($response->endpoint->canonicalID);
62 $ilLog->write(__METHOD__.': Auth success with canonical id: '.$esc_identity);
63
64 }
65 include_once 'Auth/OpenID/SReg.php';
66
67 // Check if simple registration is supported
68 if(Auth_OpenID_supportsSReg($response->endpoint))
69 {
70 $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response,true);
71 $this->response_data = $sreg_resp->contents();
72
73
74 $ilLog->write(__METHOD__.' auth data: '.print_r($this->response_data,true));
75 return true;
76 }
77 else
78 {
79 // Try to fetch response values
80 foreach($response->message->args->keys as $key => $mapping)
81 {
82 if($mapping[1] == 'sreg.nickname')
83 {
84 $this->response_data['nickname'] = $response->message->args->values[$key];
85 }
86 if($mapping[1] == 'sreg.email')
87 {
88 $this->response_data['email'] = $response->message->args->values[$key];
89 }
90 }
91 }
92 return true;
93
94 }
95 return false;
96 }
97
105 public function forceCreation($a_status)
106 {
107 $this->force_creation = true;
108 }
109
110
114 public function loginObserver($a_username,$a_auth)
115 {
116 global $ilLog;
117
118 $GLOBALS['ilLog']->write(__METHOD__.': Login observer called for openid');
119
120 $this->initSettings();
121 $this->response_data['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount(
122 "openid",
123 $this->response_data['nickname']
124 );
125 if(!$this->response_data['ilInternalAccount'])
126 {
127 if($this->settings->isCreationEnabled())
128 {
129 if($this->settings->isAccountMigrationEnabled() and !$this->force_creation and !$_SESSION['force_creation'])
130 {
131 $a_auth->logout();
132 $_SESSION['tmp_auth_mode'] = 'openid';
133 $_SESSION['tmp_auth_mode_type'] = 'openid';
134 $_SESSION['tmp_oid_username'] = urldecode($_GET['openid_identity']);
135 $_SESSION['tmp_oid_provider'] = $_POST['oid_provider'];
136 $_SESSION['tmp_external_account'] = $this->response_data['nickname'];
137 $_SESSION['tmp_pass'] = $_POST['password'];
138 $_SESSION['tmp_roles'] = array(0 => $this->settings->getDefaultRole());
139
140 $GLOBALS['ilLog']->write(__METHOD__.': Redirect migration');
141 ilUtil::redirect('ilias.php?baseClass=ilStartUpGUI&cmd=showAccountMigration&cmdClass=ilstartupgui');
142 }
143
144 include_once './Services/OpenId/classes/class.ilOpenIdAttributeToUser.php';
146 $new_name = $new_user->create($this->response_data['nickname'],$this->response_data);
147
148 $GLOBALS['ilLog']->write(__METHOD__.': Create user with name:'. $new_name);
149 $a_auth->setAuth($new_name);
150 return true;
151 }
152 else
153 {
154 // No syncronisation allowed => create Error
155 $a_auth->status = AUTH_OPENID_NO_ILIAS_USER;
156 $a_auth->logout();
157 $GLOBALS['ilLog']->write(__METHOD__.': No creation');
158 return false;
159 }
160
161 }
162 else
163 {
164 $GLOBALS['ilLog']->write(__METHOD__.': Using old name: ' . $this->response_data['ilInternalAccount']);
165 $a_auth->setAuth($this->response_data['ilInternalAccount']);
166 return true;
167 }
168 return false;
169 }
170
175 protected function initSettings()
176 {
177 include_once './Services/OpenId/classes/class.ilOpenIdSettings.php';
178 //$this->settings = ilOpenIdSettings::getInstance();
179 $this->settings = ilOpenIdSettings::getInstance();
180 $this->settings->initConsumer();
181 }
182}
183?>
const Auth_OpenID_FAILURE
This is the status code completeAuth returns when the value it received indicated an invalid login.
Definition: Consumer.php:191
const Auth_OpenID_CANCEL
Status to indicate cancellation of OpenID authentication.
Definition: Consumer.php:185
const Auth_OpenID_SUCCESS
Require utility classes and functions for the consumer.
Definition: Consumer.php:180
Auth_OpenID_supportsSReg($endpoint)
Does the given endpoint advertise support for simple registration?
Definition: SReg.php:97
$_GET["client_id"]
$_SESSION["AccountId"]
static fromSuccessResponse($success_response, $signed_only=true)
Create a C{L{SRegResponse}} object from a successful OpenID library response (C{L{openid....
Definition: SReg.php:474
const AUTH_OPENID_NO_ILIAS_USER
@classDescription Pear auth container for openid
forceCreation($a_status)
Force creation of user accounts.
fetchData($a_username, $a_password, $isChallengeResponse=false)
loginObserver($a_username, $a_auth)
initSettings()
Init open id settings.
static _checkExternalAuthAccount($a_auth, $a_account)
check whether external account and authentication method matches with a user
@classDescription Open ID auth class
static getInstance()
Get singleton instance.
static redirect($a_script)
http redirect to other script
$_POST['username']
Definition: cron.php:12
$new_user
$GLOBALS['PHPCAS_CLIENT']
This global variable is used by the interface class phpCAS.
Definition: CAS.php:276