Custom PEAR Auth Container for ECS auth checks. More...

Inheritance diagram for ilAuthContainerECS:

Collaboration diagram for ilAuthContainerECS:

Public Member Functions
	__construct ($a_params=array())
	Constructor. More...

	getAbreviation ()
	get abbreviation More...

	getMID ()
	get mid More...

	setMID ($a_mid)

	setCurrentServer (ilECSSetting $server=null)
	Set current server. More...

	getCurrentServer ()
	Get current server. More...

	getServerSettings ()
	Get server settings. More...

	fetchData ($a_username, $a_pass)
	Check for valid ecs_hash. More...

	validateHash ()
	Validate ECS hash. More...

	loginObserver ($a_username, $a_auth)
	Called from base class after successful login. More...

	failedLoginObserver ()
	Called from base class after failed login. More...

Public Member Functions inherited from Auth_Container
	Auth_Container ()
	Constructor. More...

	fetchData ($username, $password, $isChallengeResponse=false)
	Fetch data from storage container. More...

	verifyPassword ($password1, $password2, $cryptType="md5")
	Crypt and verfiy the entered password. More...

	supportsChallengeResponse ()
	Returns true if the container supports Challenge Response password authentication. More...

	getCryptType ()
	Returns the crypt current crypt type of the container. More...

	listUsers ()
	List all users that are available from the storage container. More...

	getUser ($username)
	Returns a user assoc array. More...

	addUser ($username, $password, $additional=null)
	Add a new user to the storage container. More...

	removeUser ($username)
	Remove user from the storage container. More...

	changePassword ($username, $password)
	Change password for user in the storage container. More...

	log ($message, $level=AUTH_LOG_DEBUG)
	Log a message to the Auth log. More...

Public Member Functions inherited from ilAuthContainerBase
	loginObserver ($a_username, $a_auth)
	Called after successful login. More...

	failedLoginObserver ($a_username, $a_auth)
	Called after failed login. More...

	checkAuthObserver ($a_username, $a_auth)
	Called after check auth requests. More...

	logoutObserver ($a_username, $a_auth)
	Called after logout. More...

	supportsCaptchaVerification ()
	Returns whether or not the auth container supports the verification of captchas This should be true for those auth methods, which are available in the default login form. More...

Protected Member Functions
	createUser (ilECSUser $user)
	create new user More...

	updateUser (ilECSUser $user, $a_local_user_id)
	update existing user More...

	resetMailOptions ($a_usr_id)
	Reset mail options to "local only". More...

Protected Attributes
	$mid = null

	$abreviation = null

	$currentServer = null

	$servers = null

	$log

Private Member Functions
	initECSServices ()
	Init ECS Services @access private. More...

	sendNotification ($user_obj)
	Send notification. More...

Additional Inherited Members
Data Fields inherited from Auth_Container
	$activeUser = ""
	User that is currently selected from the storage container. More...

	$_auth_obj = null
	The Auth object this container is attached to. More...

Detailed Description

Custom PEAR Auth Container for ECS auth checks.

Author: Stefan Meyer meyer.nosp@m.@lei.nosp@m.fos.c.nosp@m.om

Version: $Id$

Definition at line 34 of file class.ilAuthContainerECS.php.

Constructor & Destructor Documentation

◆ __construct()

ilAuthContainerECS::__construct ( $a_params = array() )

Constructor.

@access public

Parameters

Definition at line 51 of file class.ilAuthContainerECS.php.

        {
                parent::__construct($a_params);
 
                $this->initECSServices();
                
                $this->log = $GLOBALS['ilLog'];
        }

References $GLOBALS, initECSServices(), and Auth_Container\log().

Here is the call graph for this function:

Member Function Documentation

◆ createUser()

ilAuthContainerECS::createUser ( ilECSUser $user )

protected

create new user

@access protected

Definition at line 302 of file class.ilAuthContainerECS.php.

        {
                global $ilClientIniFile, $ilSetting, $rbacadmin, $ilLog;
 
                $userObj = new ilObjUser();
 
                include_once('./Services/Authentication/classes/class.ilAuthUtils.php');
                $local_user = ilAuthUtils::_generateLogin($this->getAbreviation() . '_' . $user->getLogin());
 
                $newUser["login"] = $local_user;
                $newUser["firstname"] = $user->getFirstname();
                $newUser["lastname"] = $user->getLastname();
                $newUser['email'] = $user->getEmail();
                $newUser['institution'] = $user->getInstitution();
 
                // set "plain md5" password (= no valid password)
                $newUser["passwd"] = "";
                $newUser["passwd_type"] = IL_PASSWD_CRYPTED;
 
                $newUser["auth_mode"] = "ecs";
                $newUser["profile_incomplete"] = 0;
 
                // system data
                $userObj->assignData($newUser);
                $userObj->setTitle($userObj->getFullname());
                $userObj->setDescription($userObj->getEmail());
 
                // set user language to system language
                $userObj->setLanguage($ilSetting->get("language"));
 
                // Time limit
                $userObj->setTimeLimitOwner(7);
                $userObj->setTimeLimitUnlimited(0);
                $userObj->setTimeLimitFrom(time() - 5);
                $userObj->setTimeLimitUntil(time() + $ilClientIniFile->readVariable("session", "expire"));
 
                #$now = new ilDateTime(time(), IL_CAL_UNIX);
                #$userObj->setAgreeDate($now->get(IL_CAL_DATETIME));
 
                // Create user in DB
                $userObj->setOwner(6);
                $userObj->create();
                $userObj->setActive(1);
                $userObj->updateOwner();
                $userObj->saveAsNew();
                $userObj->writePrefs();
 
                if($global_role = $this->getCurrentServer()->getGlobalRole())
                {
                        $rbacadmin->assignUser($this->getCurrentServer()->getGlobalRole(), $userObj->getId(), true);
                }
                ilObject::_writeImportId($userObj->getId(), $user->getImportId());
 
                $ilLog->write(__METHOD__ . ': Created new remote user with usr_id: ' . $user->getImportId());
 
                // Send Mail
                #$this->sendNotification($userObj);
                $this->resetMailOptions($userObj->getId());
                
                return $userObj->getLogin();
        }

References $ilLog, $ilSetting, ilAuthUtils\_generateLogin(), ilObject\_writeImportId(), getAbreviation(), getCurrentServer(), ilECSUser\getEmail(), ilECSUser\getFirstname(), ilECSUser\getImportId(), ilECSUser\getInstitution(), ilECSUser\getLastname(), ilECSUser\getLogin(), IL_PASSWD_CRYPTED, and resetMailOptions().

Referenced by loginObserver().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ failedLoginObserver()

ilAuthContainerECS::failedLoginObserver ( )

Called from base class after failed login.

Parameters

string username

Definition at line 289 of file class.ilAuthContainerECS.php.

        {
                $this->log->write(__METHOD__.': Login failed');
                return false;
        }

References Auth_Container\log().

Here is the call graph for this function:

◆ fetchData()

ilAuthContainerECS::fetchData	(	$a_username,
		$a_pass
	)

Check for valid ecs_hash.

Parameters

string	$a_username
string	$a_pass

Definition at line 119 of file class.ilAuthContainerECS.php.

        {
                global $ilLog;
 
                $ilLog->write(__METHOD__.': Starting ECS authentication.');
 
                if(!$this->getServerSettings()->activeServerExists())
                {
                        $GLOBALS['ilLog']->write(__METHOD__.': no active ecs server found. Aborting');
                        return false;
                }
 
                // Iterate through all active ecs instances
                include_once './Services/WebServices/ECS/classes/class.ilECSServerSettings.php';
                foreach($this->getServerSettings()->getServers() as $server)
                {
                        $this->setCurrentServer($server);
                        if($this->validateHash())
                        {
                                return true;
                        }
                }
                $GLOBALS['ilLog']->write(__METHOD__.': Could not validate ecs hash for any server');
                return false;
 
        }

References $GLOBALS, $ilLog, $server, getServerSettings(), setCurrentServer(), and validateHash().

Here is the call graph for this function:

◆ getAbreviation()

ilAuthContainerECS::getAbreviation ( )

get abbreviation

@access public

Parameters

Definition at line 67 of file class.ilAuthContainerECS.php.

        {
                return $this->abreviation;
        }

References $abreviation.

Referenced by createUser().

Here is the caller graph for this function:

◆ getCurrentServer()

ilAuthContainerECS::getCurrentServer ( )

Get current server.

Returns: ilECSSetting

Definition at line 100 of file class.ilAuthContainerECS.php.

        {
                return $this->currentServer;
        }

References $currentServer.

Referenced by createUser(), loginObserver(), sendNotification(), updateUser(), and validateHash().

Here is the caller graph for this function:

◆ getMID()

ilAuthContainerECS::getMID ( )

get mid

@access public

Definition at line 77 of file class.ilAuthContainerECS.php.

        {
                return $this->mid;              
        }

References $mid.

Referenced by loginObserver().

Here is the caller graph for this function:

◆ getServerSettings()

ilAuthContainerECS::getServerSettings ( )

Get server settings.

Returns: ilECSServerSettings

Definition at line 109 of file class.ilAuthContainerECS.php.

        {
                return $this->servers;
        }

References $servers.

Referenced by fetchData().

Here is the caller graph for this function:

◆ initECSServices()

ilAuthContainerECS::initECSServices ( )

private

Init ECS Services @access private.

Parameters

Definition at line 428 of file class.ilAuthContainerECS.php.

        {
                include_once './Services/WebServices/ECS/classes/class.ilECSServerSettings.php';
                $this->servers = ilECSServerSettings::getInstance();
        }

References ilECSServerSettings\getInstance().

Referenced by __construct().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ loginObserver()

ilAuthContainerECS::loginObserver	(	$a_username,
		$a_auth
	)

Called from base class after successful login.

Parameters

string username

Reimplemented from ilAuthContainerBase.

Definition at line 244 of file class.ilAuthContainerECS.php.

        {
                include_once('./Services/WebServices/ECS/classes/class.ilECSUser.php');
                
                $user = new ilECSUser($_GET);
                
                if(!$usr_id = ilObject::_lookupObjIdByImportId($user->getImportId()))
                {
                        $username = $this->createUser($user);
                }
                else
                {
                        $username = $this->updateUser($user,$usr_id);
                }
                
                // set user imported
                include_once './Services/WebServices/ECS/classes/class.ilECSImport.php';
                $import = new ilECSImport($this->getCurrentServer()->getServerId(), $usr_id);
                $import->save();
                
                // Store remote user data
                include_once './Services/WebServices/ECS/classes/class.ilECSRemoteUser.php';
                $remote = new ilECSRemoteUser();
                $remote->setServerId($this->getCurrentServer()->getServerId());
                $remote->setMid($this->getMID());
                $remote->setRemoteUserId($user->getImportId());
                $remote->setUserId(ilObjUser::_lookupId($username));
                
                $GLOBALS['ilLog']->write(__METHOD__.': Current username '.$username);
                
                if(!$remote->exists())
                {
                        $remote->create();
                }
                
                $a_auth->setAuth($username);
                $this->log->write(__METHOD__.': Login succesesful');
                return true;
        }

References $_GET, $GLOBALS, ilObjUser\_lookupId(), ilObject\_lookupObjIdByImportId(), createUser(), getCurrentServer(), getMID(), Auth_Container\log(), and updateUser().

Here is the call graph for this function:

◆ resetMailOptions()

ilAuthContainerECS::resetMailOptions ( $a_usr_id )

protected

Reset mail options to "local only".

Definition at line 409 of file class.ilAuthContainerECS.php.

        {
                include_once './Services/Mail/classes/class.ilMailOptions.php';
                $options = new ilMailOptions($a_usr_id);
                $options->updateOptions(
                                $options->getSignature(),
                                $options->getLinebreak(),
                                IL_MAIL_LOCAL,
                                $options->getCronjobNotification()
                );
        }

References $options, and IL_MAIL_LOCAL.

Referenced by createUser(), and updateUser().

Here is the caller graph for this function:

◆ sendNotification()

ilAuthContainerECS::sendNotification ( $user_obj )

private

Send notification.

@access private

Parameters

Definition at line 441 of file class.ilAuthContainerECS.php.

        {
                if(!count($this->getCurrentServer()->getUserRecipients()))
                {
                        return true;
                }
 
                include_once('./Services/Language/classes/class.ilLanguageFactory.php');
                include_once './Services/Language/classes/class.ilLanguage.php';
                $lang = ilLanguageFactory::_getLanguage();
                $GLOBALS['lng'] = $lang;
                $GLOBALS['ilUser'] = $user_obj;
                $lang->loadLanguageModule('ecs');
 
                include_once('./Services/Mail/classes/class.ilMail.php');
                $mail = new ilMail(6);
                $mail->enableSoap(false);
                $subject = $lang->txt('ecs_new_user_subject');
 
                                // build body
                $body = $lang->txt('ecs_new_user_body')."\n\n";
                $body .= $lang->txt('ecs_new_user_profile')."\n\n";
                $body .= $user_obj->getProfileAsString($lang)."\n\n";
                $body .= ilMail::_getAutoGeneratedMessageString($lang);
                
                $mail->sendMail(
                        $this->getCurrentServer()->getUserRecipientsAsString(),
                        "",
                        "",
                        $subject,
                        $body,
                        array(),
                        array("normal")
                );
        }

References $GLOBALS, $lang, ilMail\_getAutoGeneratedMessageString(), ilLanguageFactory\_getLanguage(), and getCurrentServer().

Here is the call graph for this function:

◆ setCurrentServer()

ilAuthContainerECS::setCurrentServer ( ilECSSetting $server = null )

Set current server.

Parameters

ilECSSetting $server

Definition at line 91 of file class.ilAuthContainerECS.php.

        {
                $this->currentServer = $server;
        }

References $server.

Referenced by fetchData().

Here is the caller graph for this function:

◆ setMID()

ilAuthContainerECS::setMID ( $a_mid )

Definition at line 82 of file class.ilAuthContainerECS.php.

        {
                $this->mid = $a_mid;
        }

Referenced by validateHash().

Here is the caller graph for this function:

◆ updateUser()

ilAuthContainerECS::updateUser	(	ilECSUser	$user,
			$a_local_user_id
	)

protected

update existing user

@access protected

Definition at line 369 of file class.ilAuthContainerECS.php.

        {
                global $ilClientIniFile,$ilLog,$rbacadmin;
                
                $user_obj = new ilObjUser($a_local_user_id);
                $user_obj->setFirstname($user->getFirstname());
                $user_obj->setLastname($user->getLastname());
                $user_obj->setEmail($user->getEmail());
                $user_obj->setInstitution($user->getInstitution());
                $user_obj->setActive(true);
                
                $until = $user_obj->getTimeLimitUntil();
 
                if($until < (time() + $ilClientIniFile->readVariable('session','expire')))
                {               
                        $user_obj->setTimeLimitFrom(time() - 60);
                        $user_obj->setTimeLimitUntil(time() + $ilClientIniFile->readVariable("session","expire"));
                }
                $user_obj->update();
                $user_obj->refreshLogin();
                
                if($global_role = $this->getCurrentServer()->getGlobalRole())
                {
                        $rbacadmin->assignUser(
                                $this->getCurrentServer()->getGlobalRole(),
                                $user_obj->getId(),
                                true
                        );
                }
                
                $this->resetMailOptions($a_local_user_id);
 
                $ilLog->write(__METHOD__.': Finished update of remote user with usr_id: '.$user->getImportId());        
                return $user_obj->getLogin();
        }

References $ilLog, getCurrentServer(), ilECSUser\getEmail(), ilECSUser\getFirstname(), ilECSUser\getImportId(), ilECSUser\getInstitution(), ilECSUser\getLastname(), and resetMailOptions().

Referenced by loginObserver().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ validateHash()

ilAuthContainerECS::validateHash ( )

Validate ECS hash.

@access public

Parameters

string	username
string	pass

Definition at line 155 of file class.ilAuthContainerECS.php.

        {
                global $ilLog;
                
                // fetch hash
                if(isset($_GET['ecs_hash']) and strlen($_GET['ecs_hash']))
                {
                        $hash = $_GET['ecs_hash'];
                }
                if(isset($_GET['ecs_hash_url']))
                {
                        $hashurl = urldecode($_GET['ecs_hash_url']);
                        $hash = basename(parse_url($hashurl,PHP_URL_PATH));
                        //$hash = urldecode($_GET['ecs_hash_url']);
                }
                
                $GLOBALS['ilLog']->write(__METHOD__.': Using ecs hash '. $hash);
 
                // Check if hash is valid ...
                try
                {
                        include_once('./Services/WebServices/ECS/classes/class.ilECSConnector.php');
                        $connector = new ilECSConnector($this->getCurrentServer());
                        $res = $connector->getAuth($hash);
                        $auths = $res->getResult();
                        
                        $GLOBALS['ilLog']->write(__METHOD__.': Auths: '.print_r($auths,TRUE));
                        
                        if($auths->pid)
                        {
                                try
                                {
                                        include_once './Services/WebServices/ECS/classes/class.ilECSCommunityReader.php';
                                        $reader = ilECSCommunityReader::getInstanceByServerId($this->getCurrentServer()->getServerId());
                                        $part = $reader->getParticipantByMID($auths->pid);
                                        
                                        if(is_object($part) and is_object($part->getOrganisation()))
                                        {
                                                $this->abreviation = $part->getOrganisation()->getAbbreviation();
                                        }
                                        else
                                        {
                                                $this->abreviation = $auths->abbr;
                                        }
                                }
                                catch(Exception $e)
                                {
                                        $ilLog->write(__METHOD__.': Authentication failed with message: '.$e->getMessage());
                                        return false;
                                }
                        }
                        else
                        {
                                $this->abreviation = $auths->abbr;
                        }
                        
                        $ilLog->write(__METHOD__.': Got abr: '.$this->abreviation);
                }
                catch(ilECSConnectorException $e)
                {
                        $ilLog->write(__METHOD__.': Authentication failed with message: '.$e->getMessage());
                        return false;
                }
                
                // read current mid
                try
                {
                        include_once('./Services/WebServices/ECS/classes/class.ilECSConnector.php');
                        $connector = new ilECSConnector($this->getCurrentServer());
                        $details = $connector->getAuth($hash,TRUE);
                        
                        $GLOBALS['ilLog']->write(__METHOD__.': '.print_r($details,TRUE));
                        $GLOBALS['ilLog']->write(__METHOD__.': Token created for mid '. $details->getFirstSender());
                        
                        $this->setMID($details->getFirstSender());
                }
                catch(ilECSConnectorException $e)
                {
                        $ilLog->write(__METHOD__.': Receiving mid failed with message: '.$e->getMessage());
                        return false;
                }
                return TRUE;
        }