ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
ilAuthContainerOpenId Class Reference

@classDescription Pear auth container for openid More...

+ Inheritance diagram for ilAuthContainerOpenId:
+ Collaboration diagram for ilAuthContainerOpenId:

Public Member Functions

 __construct ()
 Constructor. More...
 
 fetchData ($a_username, $a_password, $isChallengeResponse=false)
 
 forceCreation ($a_status)
 Force creation of user accounts. More...
 
 loginObserver ($a_username, $a_auth)
 
- Public Member Functions inherited from Auth_Container
 Auth_Container ()
 Constructor. More...
 
 fetchData ($username, $password, $isChallengeResponse=false)
 Fetch data from storage container. More...
 
 verifyPassword ($password1, $password2, $cryptType="md5")
 Crypt and verfiy the entered password. More...
 
 supportsChallengeResponse ()
 Returns true if the container supports Challenge Response password authentication. More...
 
 getCryptType ()
 Returns the crypt current crypt type of the container. More...
 
 listUsers ()
 List all users that are available from the storage container. More...
 
 getUser ($username)
 Returns a user assoc array. More...
 
 addUser ($username, $password, $additional=null)
 Add a new user to the storage container. More...
 
 removeUser ($username)
 Remove user from the storage container. More...
 
 changePassword ($username, $password)
 Change password for user in the storage container. More...
 
 log ($message, $level=AUTH_LOG_DEBUG)
 Log a message to the Auth log. More...
 
- Public Member Functions inherited from ilAuthContainerBase
 loginObserver ($a_username, $a_auth)
 Called after successful login. More...
 
 failedLoginObserver ($a_username, $a_auth)
 Called after failed login. More...
 
 checkAuthObserver ($a_username, $a_auth)
 Called after check auth requests. More...
 
 logoutObserver ($a_username, $a_auth)
 Called after logout. More...
 
 supportsCaptchaVerification ()
 Returns whether or not the auth container supports the verification of captchas This should be true for those auth methods, which are available in the default login form. More...
 

Protected Member Functions

 initSettings ()
 Init open id settings. More...
 

Private Attributes

 $settings = null
 
 $response_data = array()
 
 $force_creation = false
 

Additional Inherited Members

- Data Fields inherited from Auth_Container
 $activeUser = ""
 User that is currently selected from the storage container. More...
 
 $_auth_obj = null
 The Auth object this container is attached to. More...
 

Detailed Description

@classDescription Pear auth container for openid

Author
Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om
Version
$Id$

Definition at line 13 of file class.ilAuthContainerOpenId.php.

Constructor & Destructor Documentation

◆ __construct()

ilAuthContainerOpenId::__construct ( )

Constructor.

Returns

Definition at line 24 of file class.ilAuthContainerOpenId.php.

25 {
26 parent::__construct();
27
28 $this->initSettings();
29 }
initSettings()
Init open id settings.

References initSettings().

+ Here is the call graph for this function:

Member Function Documentation

◆ fetchData()

ilAuthContainerOpenId::fetchData (   $a_username,
  $a_password,
  $isChallengeResponse = false 
)
Returns
bool
Parameters
string$a_username
string$a_password
bool$isChallengeResponse,[optional]

Reimplemented from Auth_Container.

Definition at line 38 of file class.ilAuthContainerOpenId.php.

39 {
40 global $ilLog;
41
42 $ilLog->write(__METHOD__.': Fetch Data called');
43
44 $response = $this->settings->getConsumer()->complete($this->settings->getReturnLocation());
45
46 switch($response->status)
47 {
49 die("Auth cancelled");
50
52 die("Auth failed with message: ".$response->message);
53
55 $openid = $response->getDisplayIdentifier();
56 $esc_identity = htmlentities($openid);
57 $ilLog->write(__METHOD__.': Auth success with identity '.$esc_identity);
58
59 if($response->endpoint->canonicalID)
60 {
61 $escaped_canonicalID = htmlentities($response->endpoint->canonicalID);
62 $ilLog->write(__METHOD__.': Auth success with canonical id: '.$esc_identity);
63
64 }
65 include_once 'Auth/OpenID/SReg.php';
66
67 // Check if simple registration is supported
68 if(Auth_OpenID_supportsSReg($response->endpoint))
69 {
70 $sreg_resp = Auth_OpenID_SRegResponse::fromSuccessResponse($response,true);
71 $this->response_data = $sreg_resp->contents();
72
73
74 $ilLog->write(__METHOD__.' auth data: '.print_r($this->response_data,true));
75 return true;
76 }
77 else
78 {
79 // Try to fetch response values
80 foreach($response->message->args->keys as $key => $mapping)
81 {
82 if($mapping[1] == 'sreg.nickname')
83 {
84 $this->response_data['nickname'] = $response->message->args->values[$key];
85 }
86 if($mapping[1] == 'sreg.email')
87 {
88 $this->response_data['email'] = $response->message->args->values[$key];
89 }
90 }
91 }
92 return true;
93
94 }
95 return false;
96 }
const Auth_OpenID_FAILURE
This is the status code completeAuth returns when the value it received indicated an invalid login.
Definition: Consumer.php:191
const Auth_OpenID_CANCEL
Status to indicate cancellation of OpenID authentication.
Definition: Consumer.php:185
const Auth_OpenID_SUCCESS
Require utility classes and functions for the consumer.
Definition: Consumer.php:180
Auth_OpenID_supportsSReg($endpoint)
Does the given endpoint advertise support for simple registration?
Definition: SReg.php:97
static fromSuccessResponse($success_response, $signed_only=true)
Create a C{L{SRegResponse}} object from a successful OpenID library response (C{L{openid....
Definition: SReg.php:474

References $ilLog, Auth_OpenID_CANCEL, Auth_OpenID_FAILURE, Auth_OpenID_SUCCESS, Auth_OpenID_supportsSReg(), and Auth_OpenID_SRegResponse\fromSuccessResponse().

+ Here is the call graph for this function:

◆ forceCreation()

ilAuthContainerOpenId::forceCreation (   $a_status)

Force creation of user accounts.

@access public

Parameters
boolforce_creation

Definition at line 105 of file class.ilAuthContainerOpenId.php.

106 {
107 $this->force_creation = true;
108 }

◆ initSettings()

ilAuthContainerOpenId::initSettings ( )
protected

Init open id settings.

Returns

Definition at line 175 of file class.ilAuthContainerOpenId.php.

176 {
177 include_once './Services/OpenId/classes/class.ilOpenIdSettings.php';
178 //$this->settings = ilOpenIdSettings::getInstance();
179 $this->settings = ilOpenIdSettings::getInstance();
180 $this->settings->initConsumer();
181 }
static getInstance()
Get singleton instance.

References ilOpenIdSettings\getInstance().

Referenced by __construct(), and loginObserver().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ loginObserver()

ilAuthContainerOpenId::loginObserver (   $a_username,
  $a_auth 
)
See also
ilAuthContainerBase::loginObserver()

Reimplemented from ilAuthContainerBase.

Definition at line 114 of file class.ilAuthContainerOpenId.php.

115 {
116 global $ilLog;
117
118 $GLOBALS['ilLog']->write(__METHOD__.': Login observer called for openid');
119
120 $this->initSettings();
121 $this->response_data['ilInternalAccount'] = ilObjUser::_checkExternalAuthAccount(
122 "openid",
123 $this->response_data['nickname']
124 );
125 if(!$this->response_data['ilInternalAccount'])
126 {
127 if($this->settings->isCreationEnabled())
128 {
129 if($this->settings->isAccountMigrationEnabled() and !$this->force_creation and !$_SESSION['force_creation'])
130 {
131 $a_auth->logout();
132 $_SESSION['tmp_auth_mode'] = 'openid';
133 $_SESSION['tmp_auth_mode_type'] = 'openid';
134 $_SESSION['tmp_oid_username'] = urldecode($_GET['openid_identity']);
135 $_SESSION['tmp_oid_provider'] = $_POST['oid_provider'];
136 $_SESSION['tmp_external_account'] = $this->response_data['nickname'];
137 $_SESSION['tmp_pass'] = $_POST['password'];
138 $_SESSION['tmp_roles'] = array(0 => $this->settings->getDefaultRole());
139
140 $GLOBALS['ilLog']->write(__METHOD__.': Redirect migration');
141 ilUtil::redirect('ilias.php?baseClass=ilStartUpGUI&cmd=showAccountMigration&cmdClass=ilstartupgui');
142 }
143
144 include_once './Services/OpenId/classes/class.ilOpenIdAttributeToUser.php';
146 $new_name = $new_user->create($this->response_data['nickname'],$this->response_data);
147
148 $GLOBALS['ilLog']->write(__METHOD__.': Create user with name:'. $new_name);
149 $a_auth->setAuth($new_name);
150 return true;
151 }
152 else
153 {
154 // No syncronisation allowed => create Error
155 $a_auth->status = AUTH_OPENID_NO_ILIAS_USER;
156 $a_auth->logout();
157 $GLOBALS['ilLog']->write(__METHOD__.': No creation');
158 return false;
159 }
160
161 }
162 else
163 {
164 $GLOBALS['ilLog']->write(__METHOD__.': Using old name: ' . $this->response_data['ilInternalAccount']);
165 $a_auth->setAuth($this->response_data['ilInternalAccount']);
166 return true;
167 }
168 return false;
169 }
$_GET["client_id"]
$_SESSION["AccountId"]
const AUTH_OPENID_NO_ILIAS_USER
static _checkExternalAuthAccount($a_auth, $a_account)
check whether external account and authentication method matches with a user
@classDescription Open ID auth class
static redirect($a_script)
http redirect to other script
$_POST['username']
Definition: cron.php:12
$new_user
$GLOBALS['PHPCAS_CLIENT']
This global variable is used by the interface class phpCAS.
Definition: CAS.php:276

References $_GET, $_POST, $_SESSION, $GLOBALS, $ilLog, $new_user, ilObjUser\_checkExternalAuthAccount(), AUTH_OPENID_NO_ILIAS_USER, initSettings(), and ilUtil\redirect().

+ Here is the call graph for this function:

Field Documentation

◆ $force_creation

ilAuthContainerOpenId::$force_creation = false
private

Definition at line 18 of file class.ilAuthContainerOpenId.php.

◆ $response_data

ilAuthContainerOpenId::$response_data = array()
private

Definition at line 17 of file class.ilAuthContainerOpenId.php.

◆ $settings

ilAuthContainerOpenId::$settings = null
private

Definition at line 15 of file class.ilAuthContainerOpenId.php.


The documentation for this class was generated from the following file: