ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
Public Member Functions
ShibAuth Class Reference
+ Inheritance diagram for ShibAuth:
+ Collaboration diagram for ShibAuth:

Public Member Functions

 __construct ($authParams, $updateUserData=false)
 
 supportsRedirects ()
 
 login ()
 Login function. More...
 
 setAuth ($username, ilObjUser $userObj=NULL)
 
 logout ()
 
- Public Member Functions inherited from Auth
 Auth ($storageDriver, $options='', $loginFunction='', $showLogin=true)
 Constructor. More...
 
applyAuthOptions (&$options)
 Set the Auth options. More...
 
 _loadStorage ()
 Load Storage Driver if not already loaded. More...
 
 assignData ()
 Assign data from login form to internal values. More...
 
 start ()
 Start new auth session. More...
 
 login ()
 Login function. More...
 
 setExpire ($time, $add=false)
 Set the maximum expire time. More...
 
 setIdle ($time, $add=false)
 Set the maximum idle time. More...
 
 setSessionName ($name='session')
 Set name of the session to a customized value. More...
 
 setShowLogin ($showLogin=true)
 Should the login form be displayed if neccessary? More...
 
 setAllowLogin ($allowLogin=true)
 Should the login form be displayed if neccessary? More...
 
 setCheckAuthCallback ($checkAuthCallback)
 Register a callback function to be called whenever the validity of the login is checked The function will receive two parameters, the username and a reference to the auth object. More...
 
 setLoginCallback ($loginCallback)
 Register a callback function to be called on user login. More...
 
 setFailedLoginCallback ($loginFailedCallback)
 Register a callback function to be called on failed user login. More...
 
 setLogoutCallback ($logoutCallback)
 Register a callback function to be called on user logout. More...
 
 setAuthData ($name, $value, $overwrite=true)
 Register additional information that is to be stored in the session. More...
 
 getAuthData ($name=null)
 Get additional information that is stored in the session. More...
 
 setAuth ($username)
 Register variable in a session telling that the user has logged in successfully. More...
 
 setAdvancedSecurity ($flag=true)
 Enables advanced security checks. More...
 
 checkAuth ()
 Checks if there is a session with valid auth information. More...
 
 getAuth ()
 Has the user been authenticated? More...
 
 logout ()
 Logout function. More...
 
 updateIdle ()
 Update the idletime. More...
 
 getUsername ()
 Get the username. More...
 
 getStatus ()
 Get the current status. More...
 
 getPostUsernameField ()
 Gets the post varible used for the username. More...
 
 getPostPasswordField ()
 Gets the post varible used for the username. More...
 
 sessionValidThru ()
 Returns the time up to the session is valid. More...
 
 listUsers ()
 List all users that are currently available in the storage container. More...
 
 addUser ($username, $password, $additional='')
 Add user to the storage container. More...
 
 removeUser ($username)
 Remove user from the storage container. More...
 
 changePassword ($username, $password)
 Change password for user in the storage container. More...
 
 log ($message, $level=AUTH_LOG_DEBUG)
 Log a message from the Auth system. More...
 
 _loadLogger ()
 Load Log object if not already loaded. More...
 
 attachLogObserver (&$observer)
 Attach an Observer to the Auth Log Source. More...
 
 _isAdvancedSecurityEnabled ($feature=null)
 Is advanced security enabled? More...
 
- Public Member Functions inherited from ilAuthBase
 getSubStatus ()
 Get sub status. More...
 
 setSubStatus ($a_sub_status)
 Set sub status. More...
 
 supportsRedirects ()
 Returns true, if the current auth mode allows redirects to e.g the login screen, public section ... More...
 
 getContainer ()
 Get container object. More...
 
 getExceededUserName ()
 

Additional Inherited Members

- Static Public Member Functions inherited from Auth
_factory ($driver, $options='')
 Return a storage driver based on $driver and $options. More...
 
 staticCheckAuth ($options=null)
 Statically checks if there is a session with valid auth information. More...
 
- Data Fields inherited from Auth
 $expire = 0
 
 $expired = false
 
 $idle = 0
 
 $idled = false
 
 $storage = ''
 
 $loginFunction = ''
 
 $showLogin = true
 
 $allowLogin = true
 
 $status = ''
 
 $username = ''
 
 $password = ''
 
 $checkAuthCallback = ''
 
 $loginCallback = ''
 
 $loginFailedCallback = ''
 
 $logoutCallback = ''
 
 $_sessionName = '_authsession'
 
 $version = "@version@"
 
 $advancedsecurity = false
 
 $_postUsername = 'username'
 
 $_postPassword = 'password'
 
 $session
 
 $server
 
 $post
 
 $cookie
 
 $authdata
 
 $authChecks = 0
 
 $logger = null
 
 $enableLogging = false
 
 $regenerateSessionId = false
 
- Protected Member Functions inherited from ilAuthBase
 initAuth ()
 Init auth object Enable logging, set callbacks... More...
 
 loginObserver ($a_username, $a_auth)
 Called after successful login. More...
 
 checkExceededLoginAttempts (\ilObjUser $user)
 
 failedLoginObserver ($a_username, $a_auth)
 Called after failed login. More...
 
 checkAuthObserver ($a_username, $a_auth)
 Called after each check auth request. More...
 
 logoutObserver ($a_username, $a_auth)
 Called after logout. More...
 
- Protected Attributes inherited from ilAuthBase
 $sub_status = null
 
 $exceeded_user_name
 

Detailed Description

Definition at line 42 of file class.ilShibboleth.php.

Constructor & Destructor Documentation

◆ __construct()

ShibAuth::__construct (   $authParams,
  $updateUserData = false 
)
Parameters
$authParams
bool$updateUserData

Definition at line 48 of file class.ilShibboleth.php.

References Auth\setSessionName().

48  {
49  if ($authParams['sessionName'] != '') {
50  parent::Auth('', array( 'sessionName' => $authParams['sessionName'] ));
51  } else {
52  parent::Auth('');
53  }
54  $this->updateUserData = $updateUserData;
55  if (! empty($authParams['sessionName'])) {
56  $this->setSessionName($authParams['sessionName']);
57  unset($authParams['sessionName']);
58  }
59  }
Auth\setSessionName
setSessionName($name='session')
Set name of the session to a customized value.
Definition: Auth.php:656
+ Here is the call graph for this function:

Member Function Documentation

◆ login()

ShibAuth::login ( )

Login function.

private

Returns
void

Definition at line 76 of file class.ilShibboleth.php.

References $_GET, $_SERVER, $ilSetting, ilObjUser\_updateLastLogin(), AUTH_WRONG_LOGIN, shibUser\buildInstance(), ilShibbolethRoleAssignmentRules\doAssignments(), ilShibbolethPluginWrapper\getInstance(), shibConfig\getInstance(), ilUtil\redirect(), setAuth(), and ilShibbolethRoleAssignmentRules\updateAssignments().

76  {
77  global $ilias, $ilSetting; // for backword compatibility of hook environment variables
78  $shibServerData = shibServerData::getInstance($_SERVER);
79  if ($shibServerData->getLogin()) {
80  $shibUser = shibUser::buildInstance($shibServerData);
81  // for backword compatibility of hook environment variables
82  $userObj =& $shibUser; // For shib_data_conv included Script
83  $newUser = $shibUser->isNew(); // For shib_data_conv included Script
84  if ($shibUser->isNew()) {
85  $shibUser->createFields();
86  $shibUser->setPref('hits_per_page', $ilSetting->get('hits_per_page'));
87 
88  // Modify user data before creating the user
89  // Include custom code that can be used to further modify
90  // certain Shibboleth user attributes
91  if ($ilias->getSetting('shib_data_conv') AND $ilias->getSetting('shib_data_conv') != ''
92  AND is_readable($ilias->getSetting('shib_data_conv'))
93  ) {
94  include($ilias->getSetting('shib_data_conv'));
95  }
96  $shibUser = ilShibbolethPluginWrapper::getInstance()->beforeCreateUser($shibUser);
97  $shibUser->create();
98  $shibUser->updateOwner();
99  $shibUser->saveAsNew();
100  $shibUser->writePrefs();
101  $shibUser = ilShibbolethPluginWrapper::getInstance()->afterCreateUser($shibUser);
102  ilShibbolethRoleAssignmentRules::doAssignments($shibUser->getId(), $_SERVER);
103  } else {
104  $shibUser->updateFields();
105  // Include custom code that can be used to further modify
106  // certain Shibboleth user attributes
107  if ($ilias->getSetting('shib_data_conv') AND $ilias->getSetting('shib_data_conv') != ''
108  AND is_readable($ilias->getSetting('shib_data_conv'))
109  ) {
110  include($ilias->getSetting('shib_data_conv'));
111  }
112  // $shibUser->update();
113  $shibUser = ilShibbolethPluginWrapper::getInstance()->beforeUpdateUser($shibUser);
114  $shibUser->update();
115  $shibUser = ilShibbolethPluginWrapper::getInstance()->afterUpdateUser($shibUser);
116  ilShibbolethRoleAssignmentRules::updateAssignments($shibUser->getId(), $_SERVER);
117  }
118  $this->setAuth($shibUser->getLogin(), $shibUser);
119  ilObjUser::_updateLastLogin($shibUser->getId());
120  if ($_GET['target'] != '') {
121  ilUtil::redirect('goto.php?target=' . $_GET['target'] . '&client_id=' . CLIENT_ID);
122  }
123  } else {
124  $this->status = AUTH_WRONG_LOGIN;
125  }
126  }
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
shibConfig\getInstance
static getInstance()
Definition: class.shibConfig.php:201
shibUser\buildInstance
static buildInstance(shibServerData $shibServerData)
Definition: class.shibUser.php:34
$ilSetting
global $ilSetting
Definition: privfeed.php:40
ShibAuth\setAuth
setAuth($username, ilObjUser $userObj=NULL)
Definition: class.ilShibboleth.php:133
ilObjUser\_updateLastLogin
static _updateLastLogin($a_usr_id, $a_last_login=null)
STATIC METHOD updates the last_login field of user with given id to given or current date...
Definition: class.ilObjUser.php:5207
AUTH_WRONG_LOGIN
const AUTH_WRONG_LOGIN
Returned if container is unable to authenticate user/password pair.
Definition: Auth.php:38
ilUtil\redirect
static redirect($a_script)
http redirect to other script
Definition: class.ilUtil.php:3635
+ Here is the call graph for this function:

◆ logout()

ShibAuth::logout ( )

Definition at line 144 of file class.ilShibboleth.php.

References $ilUser, and ilShibbolethPluginWrapper\getInstance().

144  {
145  global $ilUser;
146  ilShibbolethPluginWrapper::getInstance()->beforeLogout($ilUser);
147  parent::logout();
148  ilShibbolethPluginWrapper::getInstance()->afterLogout($ilUser);
149  }
$ilUser
global $ilUser
Definition: imgupload.php:15
+ Here is the call graph for this function:

◆ setAuth()

ShibAuth::setAuth (   $username,
ilObjUser  $userObj = NULL 
)
Parameters
$username
ilObjUser$userObj

Definition at line 133 of file class.ilShibboleth.php.

References Auth\$username, and ilShibbolethPluginWrapper\getInstance().

Referenced by login().

133  {
134  if ($userObj) {
135  ilShibbolethPluginWrapper::getInstance()->beforeLogin($userObj);
136  }
137  parent::setAuth($username);
138  if ($userObj) {
139  ilShibbolethPluginWrapper::getInstance()->afterLogin($userObj);
140  }
141  }
Auth\$username
$username
Definition: Auth.php:175
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ supportsRedirects()

ShibAuth::supportsRedirects ( )
Returns
bool

Definition at line 65 of file class.ilShibboleth.php.

65  {
66  return true;
67  }
The documentation for this class was generated from the following file: