ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
class.ilAuthProviderShibboleth.php
Go to the documentation of this file.
1 <?php
2 
3 /* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
4 
5 include_once './Services/Authentication/classes/Provider/class.ilAuthProvider.php';
6 include_once './Services/Authentication/interfaces/interface.ilAuthProviderInterface.php';
7 include_once './Services/Authentication/interfaces/interface.ilAuthProviderAccountMigrationInterface.php';
8 
9 
10 require_once('./Services/AuthShibboleth/classes/class.ilShibbolethRoleAssignmentRules.php');
11 require_once('include/Unicode/UtfNormal.php');
12 require_once('./Services/AuthShibboleth/classes/class.ilShibbolethPluginWrapper.php');
13 require_once('./Services/AuthShibboleth/classes/Config/class.shibConfig.php');
14 require_once('./Services/AuthShibboleth/classes/ServerData/class.shibServerData.php');
15 require_once('./Services/AuthShibboleth/classes/User/class.shibUser.php');
16 
21 class ilAuthProviderShibboleth extends ilAuthProvider implements ilAuthProviderInterface
22 {
23  private $migration_account = '';
24 
25 
30  public function __construct(\ilAuthCredentials $credentials)
31  {
32  parent::__construct($credentials);
33 
34  }
35 
40  public function doAuthentication(\ilAuthStatus $status)
41  {
42  global $DIC; // for backword compatibility of hook environment variables
43  $ilias = $DIC['ilias'];
44  $ilSetting = $DIC['ilSetting'];
45  $shibServerData = shibServerData::getInstance();
46 
47  //$this->getLogger()->dump($shibServerData);
48 
49  if ($shibServerData->getLogin()) {
50  $shibUser = shibUser::buildInstance($shibServerData);
51  // for backword compatibility of hook environment variables
52  $userObj =& $shibUser; // For shib_data_conv included Script
53  $newUser = $shibUser->isNew(); // For shib_data_conv included Script
54  if ($shibUser->isNew()) {
55  $shibUser->createFields();
56  $shibUser->setPref('hits_per_page', $ilSetting->get('hits_per_page'));
57 
58  // Modify user data before creating the user
59  // Include custom code that can be used to further modify
60  // certain Shibboleth user attributes
61  if ($ilias->getSetting('shib_data_conv') AND $ilias->getSetting('shib_data_conv') != ''
62  AND is_readable($ilias->getSetting('shib_data_conv'))
63  ) {
64  include($ilias->getSetting('shib_data_conv'));
65  }
66  $shibUser = ilShibbolethPluginWrapper::getInstance()->beforeCreateUser($shibUser);
67  $shibUser->create();
68  $shibUser->updateOwner();
69  $shibUser->saveAsNew();
70  $shibUser->writePrefs();
71  $shibUser = ilShibbolethPluginWrapper::getInstance()->afterCreateUser($shibUser);
72  ilShibbolethRoleAssignmentRules::doAssignments($shibUser->getId(), $_SERVER);
73  } else {
74  $shibUser->updateFields();
75  // Include custom code that can be used to further modify
76  // certain Shibboleth user attributes
77  if ($ilias->getSetting('shib_data_conv') AND $ilias->getSetting('shib_data_conv') != ''
78  AND is_readable($ilias->getSetting('shib_data_conv'))
79  ) {
80  include($ilias->getSetting('shib_data_conv'));
81  }
82  // $shibUser->update();
83  $shibUser = ilShibbolethPluginWrapper::getInstance()->beforeUpdateUser($shibUser);
84  $shibUser->update();
85  $shibUser = ilShibbolethPluginWrapper::getInstance()->afterUpdateUser($shibUser);
86  ilShibbolethRoleAssignmentRules::updateAssignments($shibUser->getId(), $_SERVER);
87  }
88 
89  $status->setStatus(ilAuthStatus::STATUS_AUTHENTICATED);
90  $status->setAuthenticatedUserId(ilObjUser::_lookupId($shibUser->getLogin()));
91 
92 
93 
94  #$this->setAuth($shibUser->getLogin(), $shibUser);
95  #ilObjUser::_updateLastLogin($shibUser->getId());
96  #if ($_GET['target'] != '') {
97  # ilUtil::redirect('goto.php?target=' . $_GET['target'] . '&client_id=' . CLIENT_ID);
98  #}
99  }
100  else
101  {
102  $this->getLogger()->info('Shibboleth authentication failed.');
103  $this->handleAuthenticationFail($status, 'err_wrong_login');
104  return false;
105  }
106 
107  }
108 }
109 ?>
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54
ilAuthCredentials
Interface of auth credentials.
Definition: interface.ilAuthCredentials.php:11
ilAuthProviderShibboleth\__construct
__construct(\ilAuthCredentials $credentials)
Constructor.
Definition: class.ilAuthProviderShibboleth.php:30
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:787
ilAuthProviderShibboleth\doAuthentication
doAuthentication(\ilAuthStatus $status)
Do apache auth.
Definition: class.ilAuthProviderShibboleth.php:40
ilAuthStatus\setAuthenticatedUserId
setAuthenticatedUserId($a_id)
Definition: class.ilAuthStatus.php:118
ilAuthProvider
Base class for authentication providers (radius, ldap, apache, ...)
Definition: class.ilAuthProvider.php:11
ilAuthProviderInterface
Standard interface for auth provider implementations.
Definition: interface.ilAuthProviderInterface.php:11
ilAuthStatus\setStatus
setStatus($a_status)
Set auth status.
Definition: class.ilAuthStatus.php:64
shibUser\buildInstance
static buildInstance(shibServerData $shibServerData)
Definition: class.shibUser.php:23
ilAuthProvider\getLogger
getLogger()
Get logger.
Definition: class.ilAuthProvider.php:38
$ilSetting
global $ilSetting
Definition: privfeed.php:17
ilAuthProviderShibboleth
Shibboleth authentication provider.
Definition: class.ilAuthProviderShibboleth.php:21
ilAuthProvider\handleAuthenticationFail
handleAuthenticationFail(ilAuthStatus $status, $a_reason)
Handle failed authentication.
Definition: class.ilAuthProvider.php:55
$DIC
global $DIC
Definition: imagemanager.php:32
ilAuthStatus
Auth status implementation.
Definition: class.ilAuthStatus.php:11