ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
class.ilAuthContainerSOAP.php
Go to the documentation of this file.
1<?php
2/*
3 +-----------------------------------------------------------------------------+
4 | ILIAS open source |
5 +-----------------------------------------------------------------------------+
6 | Copyright (c) 1998-2001 ILIAS open source, University of Cologne |
7 | |
8 | This program is free software; you can redistribute it and/or |
9 | modify it under the terms of the GNU General Public License |
10 | as published by the Free Software Foundation; either version 2 |
11 | of the License, or (at your option) any later version. |
12 | |
13 | This program is distributed in the hope that it will be useful, |
14 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | GNU General Public License for more details. |
17 | |
18 | You should have received a copy of the GNU General Public License |
19 | along with this program; if not, write to the Free Software |
20 | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21 +-----------------------------------------------------------------------------+
22*/
23
24include_once 'Auth/Container/LDAP.php';
25include_once("./webservice/soap/lib/nusoap.php");
26
35class ilAuthContainerSOAP extends Auth_Container
36{
37 protected $server_host = null;
38 protected $server_port = null;
39 protected $server_uri = null;
40 protected $server_https = null;
41 protected $server_nms = null;
42 protected $use_dot_net = null;
43
44 protected $uri = null;
45
46 protected $client = null;
47 protected $response = null;
48
52 public function __construct()
53 {
54 $_POST['username'] = $_GET['ext_uid'];
55 $_POST['password'] = $_GET['soap_pw'];
56
57 parent::__construct();
58 $this->initClient();
59 }
60
65 public function initClient()
66 {
67 global $ilSetting;
68
69 $this->server_host = $ilSetting->get('soap_auth_server');
70 $this->server_port = $ilSetting->get('soap_auth_port');
71 $this->server_uri = $ilSetting->get('soap_auth_uri');
72 $this->server_https = $ilSetting->get('soap_auth_use_https');
73 $this->server_nms = $ilSetting->get('soap_auth_namespace');
74 $this->use_dot_net = $ilSetting->get('use_dotnet');
75
76 $this->uri = $this->server_https ? 'https://' : 'http://';
77 $this->uri .= $this->server_host;
78
79 if($this->server_port > 0)
80 {
81 $this->uri .= (':'.$this->server_port);
82 }
83 if($this->server_uri)
84 {
85 $this->uri .= ('/'.$this->server_uri);
86 }
87 $this->client = new nusoap_client($this->uri);
88 }
89
97 public function fetchData($a_username,$a_password,$isChallengeResponse = false)
98 {
99 $GLOBALS['ilLog']->write(__METHOD__.': Soap auth fetch data');
100
101 // check whether external user exists in ILIAS database
102 $local_user = ilObjUser::_checkExternalAuthAccount("soap", $a_username);
103
104 if ($local_user == "")
105 {
106 $new_user = true;
107 }
108 else
109 {
110 $new_user = false;
111 }
112
113 $soapAction = "";
114 $nspref = "";
115 if ($this->use_dotnet)
116 {
117 $soapAction = $this->server_nms."/isValidSession";
118 $nspref = "ns1:";
119 }
120 $valid = $this->client->call('isValidSession',
121 array($nspref.'ext_uid' => $a_username,
122 $nspref.'soap_pw' => $a_password,
123 $nspref.'new_user' => $new_user),
124 $this->server_nms,
125 $soapAction);
126//echo "<br>== Request ==";
127//echo '<br><pre>' . htmlspecialchars($this->soap_client->request, ENT_QUOTES) . '</pre><br>';
128//echo "<br>== Response ==";
129//echo "<br>Valid: -".$valid["valid"]."-";
130//echo '<br><pre>' . htmlspecialchars($this->soap_client->response, ENT_QUOTES) . '</pre>';
131
132 if (trim($valid["valid"]) == "false")
133 {
134 $valid["valid"] = false;
135 }
136
137 // to do check SOAP error!?
138 $valid["local_user"] = $local_user;
139 $this->response = $valid;
140 return $valid['valid'] == true;
141 }
142
149 public function loginObserver($a_username,$a_auth)
150 {
151 global $ilias, $rbacadmin, $lng, $ilSetting;
152
153 $GLOBALS['ilLog']->write(__METHOD__.': SOAP login observer called');
154
155
156 // TODO: handle passed credentials via GET
157 /*
158 if (empty($_GET["ext_uid"]) || empty($_GET["soap_pw"]))
159 {
160 $this->status = AUTH_WRONG_LOGIN;
161 return;
162 }
163 */
164
165 // Not required anymore
166 /*
167 $validation_data = $this->validateSoapUser($_GET["ext_uid"], $_GET["soap_pw"]);
168
169 if (!$validation_data["valid"])
170 {
171 $this->status = AUTH_WRONG_LOGIN;
172 return;
173 }
174 */
175
176 $local_user = $this->response["local_user"];
177 if ($local_user != "")
178 {
179 // to do: handle update of user
180 $a_auth->setAuth($local_user);
181 return true;
182 }
183 if(!$ilSetting->get("soap_auth_create_users"))
184 {
185 $a_auth->status = AUTH_SOAP_NO_ILIAS_USER;
186 $a_auth->logout();
187 return false;
188 }
189
190 $userObj = new ilObjUser();
191 $local_user = ilAuthUtils::_generateLogin($a_username);
192
193 $newUser["firstname"] = $this->response["firstname"];
194 $newUser["lastname"] = $this->response["lastname"];
195 $newUser["email"] = $this->response["email"];
196
197 $newUser["login"] = $local_user;
198
199 // to do: set valid password and send mail
200 $newUser["passwd"] = "";
201 $newUser["passwd_type"] = IL_PASSWD_CRYPTED;
202
203 // generate password, if local authentication is allowed
204 // and account mail is activated
205 $pw = "";
206
207 if ($ilSetting->get("soap_auth_allow_local") &&
208 $ilSetting->get("soap_auth_account_mail"))
209 {
210 $pw = ilUtil::generatePasswords(1);
211 $pw = $pw[0];
212 $newUser["passwd"] = $pw;
213 $newUser["passwd_type"] = IL_PASSWD_PLAIN;
214 }
215
216 //$newUser["gender"] = "m";
217 $newUser["auth_mode"] = "soap";
218 $newUser["ext_account"] = $a_username;
219 $newUser["profile_incomplete"] = 1;
220
221 // system data
222 $userObj->assignData($newUser);
223 $userObj->setTitle($userObj->getFullname());
224 $userObj->setDescription($userObj->getEmail());
225
226 // set user language to system language
227 $userObj->setLanguage($lng->lang_default);
228
229 // Time limit
230 $userObj->setTimeLimitOwner(7);
231 $userObj->setTimeLimitUnlimited(1);
232 $userObj->setTimeLimitFrom(time());
233 $userObj->setTimeLimitUntil(time());
234
235 // Create user in DB
236 $userObj->setOwner(0);
237 $userObj->create();
238 $userObj->setActive(1);
239
240 $userObj->updateOwner();
241
242 //insert user data in table user_data
243 $userObj->saveAsNew(false);
244
245 // setup user preferences
246 $userObj->writePrefs();
247
248 // to do: test this
249 $rbacadmin->assignUser($ilSetting->get('soap_auth_user_default_role'), $userObj->getId(),true);
250
251 // send account mail
252 if ($ilSetting->get("soap_auth_account_mail"))
253 {
254 include_once('./Services/User/classes/class.ilObjUserFolder.php');
255 $amail = ilObjUserFolder::_lookupNewAccountMail($ilSetting->get("language"));
256 if (trim($amail["body"]) != "" && trim($amail["subject"]) != "")
257 {
258 include_once("Services/Mail/classes/class.ilAccountMail.php");
259 $acc_mail = new ilAccountMail();
260
261 if ($pw != "")
262 {
263 $acc_mail->setUserPassword($pw);
264 }
265 $acc_mail->setUser($userObj);
266 $acc_mail->send();
267 }
268 }
269
270 unset($userObj);
271 $a_auth->setAuth($local_user);
272 return true;
273 }
274}
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
Auth_Container
php
An exception for terminatinating execution or to throw for unit testing.
AUTH_SOAP_NO_ILIAS_USER
const AUTH_SOAP_NO_ILIAS_USER
Definition: class.ilAuthUtils.php:27
IL_PASSWD_PLAIN
const IL_PASSWD_PLAIN
Definition: class.ilObjUser.php:4
IL_PASSWD_CRYPTED
const IL_PASSWD_CRYPTED
Definition: class.ilObjUser.php:5
ilAccountMail
Class ilAccountMail.
Definition: class.ilAccountMail.php:14
ilAuthContainerSOAP
@classDescription Authentication against external SOAP server
Definition: class.ilAuthContainerSOAP.php:36
ilAuthContainerSOAP\loginObserver
loginObserver($a_username, $a_auth)
Called after login and successful call of fetch data.
Definition: class.ilAuthContainerSOAP.php:149
ilAuthContainerSOAP\fetchData
fetchData($a_username, $a_password, $isChallengeResponse=false)
Call is isValidSession of soap server.
Definition: class.ilAuthContainerSOAP.php:97
ilAuthUtils\_generateLogin
static _generateLogin($a_login)
generate free login by starting with a default string and adding postfix numbers
Definition: class.ilAuthUtils.php:611
ilObjUserFolder\_lookupNewAccountMail
static _lookupNewAccountMail($a_lang)
Definition: class.ilObjUserFolder.php:637
ilObjUser\_checkExternalAuthAccount
static _checkExternalAuthAccount($a_auth, $a_account)
check whether external account and authentication method matches with a user
Definition: class.ilObjUser.php:3721
ilUtil\generatePasswords
static generatePasswords($a_number)
Generate a number of passwords.
Definition: class.ilUtil.php:3925
nusoap_client
[nu]soapclient higher level class for easy usage.
Definition: nusoap.php:7059
$valid
$valid
Definition: dummy_client.php:53
$new_user
$new_user
Definition: dummy_client.php:24
$GLOBALS
$GLOBALS['loaded']
Global hash that tracks already loaded includes.
Definition: generate-standalone.php:18
$lng
global $lng
Definition: privfeed.php:17
$ilSetting
global $ilSetting
Definition: privfeed.php:17