ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
Public Member Functions | Static Public Member Functions | Protected Member Functions | Protected Attributes
SimpleSAML\Auth\Simple Class Reference
+ Collaboration diagram for SimpleSAML\Auth\Simple:

Public Member Functions

 __construct ($authSource)
 Create an instance with the specified authsource. More...
 
 getAuthSource ()
 Retrieve the implementing authentication source. More...
 
 isAuthenticated ()
 Check if the user is authenticated. More...
 
 requireAuth (array $params=array())
 Require the user to be authenticated. More...
 
 login (array $params=array())
 Start an authentication process. More...
 
 logout ($params=null)
 Log the user out. More...
 
 getAttributes ()
 Retrieve attributes of the current user. More...
 
 getAuthData ($name)
 Retrieve authentication data. More...
 
 getAuthDataArray ()
 Retrieve all authentication data. More...
 
 getLoginURL ($returnTo=null)
 Retrieve a URL that can be used to log the user in. More...
 
 getLogoutURL ($returnTo=null)
 Retrieve a URL that can be used to log the user out. More...
 

Static Public Member Functions

static logoutCompleted ($state)
 Called when logout operation completes. More...
 

Protected Member Functions

 getProcessedURL ($url=null)
 Process a URL and modify it according to the application/baseURL configuration option, if present. More...
 

Protected Attributes

 $authSource
 
 $app_config
 

Detailed Description

Definition at line 18 of file Simple.php.

Constructor & Destructor Documentation

◆ __construct()

SimpleSAML\Auth\Simple::__construct (   $authSource)

Create an instance with the specified authsource.

Parameters
string$authSourceThe id of the authentication source.

Definition at line 38 of file Simple.php.

39 {
40 assert('is_string($authSource)');
41
42 $this->authSource = $authSource;
43 $this->app_config = Configuration::getInstance()->getConfigItem('application', null);
44 }

References SimpleSAML\Auth\Simple\$authSource.

Member Function Documentation

◆ getAttributes()

SimpleSAML\Auth\Simple::getAttributes ( )

Retrieve attributes of the current user.

This function will retrieve the attributes of the current user if the user is authenticated. If the user isn't authenticated, it will return an empty array.

Returns
array The users attributes.

Definition at line 258 of file Simple.php.

259 {
260
261 if (!$this->isAuthenticated()) {
262 // Not authenticated
263 return array();
264 }
265
266 // Authenticated
267 $session = Session::getSessionFromRequest();
268 return $session->getAuthData($this->authSource, 'Attributes');
269 }
SimpleSAML\Auth\Simple\isAuthenticated
isAuthenticated()
Check if the user is authenticated.
Definition: Simple.php:72
$session
$session
Definition: proxy_ylocal.php:32

References $session, and SimpleSAML\Auth\Simple\isAuthenticated().

+ Here is the call graph for this function:

◆ getAuthData()

SimpleSAML\Auth\Simple::getAuthData (   $name)

Retrieve authentication data.

Parameters
string$nameThe name of the parameter, e.g. 'Attributes', 'Expire' or 'saml:sp:IdP'.
Returns
mixed|null The value of the parameter, or null if it isn't found or we are unauthenticated.

Definition at line 279 of file Simple.php.

280 {
281 assert('is_string($name)');
282
283 if (!$this->isAuthenticated()) {
284 return null;
285 }
286
287 $session = Session::getSessionFromRequest();
288 return $session->getAuthData($this->authSource, $name);
289 }
$name
if($format !==null) $name
Definition: metadata.php:146

References $name, $session, and SimpleSAML\Auth\Simple\isAuthenticated().

+ Here is the call graph for this function:

◆ getAuthDataArray()

SimpleSAML\Auth\Simple::getAuthDataArray ( )

Retrieve all authentication data.

Returns
array|null All persistent authentication data, or null if we aren't authenticated.

Definition at line 297 of file Simple.php.

298 {
299
300 if (!$this->isAuthenticated()) {
301 return null;
302 }
303
304 $session = Session::getSessionFromRequest();
305 return $session->getAuthState($this->authSource);
306 }

References $session, and SimpleSAML\Auth\Simple\isAuthenticated().

+ Here is the call graph for this function:

◆ getAuthSource()

SimpleSAML\Auth\Simple::getAuthSource ( )

Retrieve the implementing authentication source.

Returns
\SimpleSAML_Auth_Source The authentication source.
Exceptions

SimpleSAML_Error_AuthSource If the requested auth source is unknown.

Definition at line 54 of file Simple.php.

55 {
56 $as = Source::getById($this->authSource);
57 if ($as === null) {
58 throw new AuthSourceError($this->authSource, 'Unknown authentication source.');
59 }
60 return $as;
61 }
$as
$as
Definition: consentAdmin.php:73

References $as.

Referenced by SimpleSAML\Auth\Simple\login().

+ Here is the caller graph for this function:

◆ getLoginURL()

SimpleSAML\Auth\Simple::getLoginURL (   $returnTo = null)

Retrieve a URL that can be used to log the user in.

Parameters
string | null$returnToThe page the user should be returned to afterwards. If this parameter is null, the user will be returned to the current page.
Returns
string A URL which is suitable for use in link-elements.

Definition at line 317 of file Simple.php.

318 {
319 assert('is_null($returnTo) || is_string($returnTo)');
320
321 if ($returnTo === null) {
322 $returnTo = HTTP::getSelfURL();
323 }
324
325 $login = Module::getModuleURL('core/as_login.php', array(
326 'AuthId' => $this->authSource,
327 'ReturnTo' => $returnTo,
328 ));
329
330 return $login;
331 }
$returnTo
if(!isset($_REQUEST['ReturnTo'])) $returnTo
Definition: authpage.php:16
SimpleSAML\Module\getModuleURL
static getModuleURL($resource, array $parameters=array())
Get absolute URL to a specified module resource.
Definition: Module.php:303

References $returnTo, and SimpleSAML\Module\getModuleURL().

Referenced by SimpleSAML\Auth\Simple\login().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getLogoutURL()

SimpleSAML\Auth\Simple::getLogoutURL (   $returnTo = null)

Retrieve a URL that can be used to log the user out.

Parameters
string | null$returnToThe page the user should be returned to afterwards. If this parameter is null, the user will be returned to the current page.
Returns
string A URL which is suitable for use in link-elements.

Definition at line 342 of file Simple.php.

343 {
344 assert('is_null($returnTo) || is_string($returnTo)');
345
346 if ($returnTo === null) {
347 $returnTo = HTTP::getSelfURL();
348 }
349
350 $logout = Module::getModuleURL('core/as_logout.php', array(
351 'AuthId' => $this->authSource,
352 'ReturnTo' => $returnTo,
353 ));
354
355 return $logout;
356 }

References $returnTo, and SimpleSAML\Module\getModuleURL().

+ Here is the call graph for this function:

◆ getProcessedURL()

SimpleSAML\Auth\Simple::getProcessedURL (   $url = null)
protected

Process a URL and modify it according to the application/baseURL configuration option, if present.

Parameters
string | null$urlThe URL to process, or null if we want to use the current URL. Both partial and full URLs can be used as a parameter. The maximum precedence is given to the application/baseURL configuration option, then the URL specified (if it specifies scheme, host and port) and finally the environment observed in the server.
Returns
string The URL modified according to the precedence rules.

Definition at line 369 of file Simple.php.

370 {
371 if ($url === null) {
372 $url = HTTP::getSelfURL();
373 }
374
375 $scheme = parse_url($url, PHP_URL_SCHEME);
376 $host = parse_url($url, PHP_URL_HOST) ?: HTTP::getSelfHost();
377 $port = parse_url($url, PHP_URL_PORT) ?: (
378 $scheme ? '' : trim(HTTP::getServerPort(), ':')
379 );
380 $scheme = $scheme ?: (HTTP::getServerHTTPS() ? 'https' : 'http');
381 $path = parse_url($url, PHP_URL_PATH) ?: '/';
382 $query = parse_url($url, PHP_URL_QUERY) ?: '';
383 $fragment = parse_url($url, PHP_URL_FRAGMENT) ?: '';
384
385 $port = !empty($port) ? ':'.$port : '';
386 if (($scheme === 'http' && $port === ':80') || ($scheme === 'https' && $port === ':443')) {
387 $port = '';
388 }
389
390 if (is_null($this->app_config)) {
391 // nothing more we can do here
392 return $scheme.'://'.$host.$port.$path.($query ? '?'.$query : '').($fragment ? '#'.$fragment : '');
393 }
394
395 $base = trim($this->app_config->getString(
396 'baseURL',
397 $scheme.'://'.$host.$port
398 ), '/');
399 return $base.$path.($query ? '?'.$query : '').($fragment ? '#'.$fragment : '');
400 }
SimpleSAML\Utils\HTTP\getServerPort
static getServerPort()
Retrieve the port number from $_SERVER environment variables.
Definition: HTTP.php:109
SimpleSAML\Utils\HTTP\getSelfHost
static getSelfHost()
Retrieve our own host.
Definition: HTTP.php:699
SimpleSAML\Utils\HTTP\getServerHTTPS
static getServerHTTPS()
Retrieve HTTPS status from $_SERVER environment variables.
Definition: HTTP.php:84
$base
$base
Definition: index.php:4
$query
$query
Definition: proxy_ylocal.php:13
$url
$url
Definition: proxy_ylocal.php:28

References $base, $path, $query, $url, SimpleSAML\Utils\HTTP\getSelfHost(), SimpleSAML\Utils\HTTP\getServerHTTPS(), and SimpleSAML\Utils\HTTP\getServerPort().

+ Here is the call graph for this function:

◆ isAuthenticated()

SimpleSAML\Auth\Simple::isAuthenticated ( )

Check if the user is authenticated.

This function checks if the user is authenticated with the default authentication source selected by the 'default-authsource' option in 'config.php'.

Returns
bool True if the user is authenticated, false if not.

Definition at line 72 of file Simple.php.

73 {
74 $session = Session::getSessionFromRequest();
75
76 return $session->isValid($this->authSource);
77 }

References $session.

Referenced by SimpleSAML\Auth\Simple\getAttributes(), SimpleSAML\Auth\Simple\getAuthData(), and SimpleSAML\Auth\Simple\getAuthDataArray().

+ Here is the caller graph for this function:

◆ login()

SimpleSAML\Auth\Simple::login ( array  $params = array())

Start an authentication process.

This function accepts an array $params, which controls some parts of the authentication. The accepted parameters depends on the authentication source being used. Some parameters are generic:

  • 'ErrorURL': A URL that should receive errors from the authentication.
  • 'KeepPost': If the current request is a POST request, keep the POST data until after the authentication.
  • 'ReturnTo': The URL the user should be returned to after authentication.
  • 'ReturnCallback': The function we should call after the user has finished authentication.

Please note: this function never returns.

Parameters
array$paramsVarious options to the authentication request.

Definition at line 121 of file Simple.php.

122 {
123
124 if (array_key_exists('KeepPost', $params)) {
125 $keepPost = (bool) $params['KeepPost'];
126 } else {
127 $keepPost = true;
128 }
129
130 if (array_key_exists('ReturnTo', $params)) {
131 $returnTo = (string) $params['ReturnTo'];
132 } else {
133 if (array_key_exists('ReturnCallback', $params)) {
134 $returnTo = (array) $params['ReturnCallback'];
135 } else {
136 $returnTo = HTTP::getSelfURL();
137 }
138 }
139
140 if (is_string($returnTo) && $keepPost && $_SERVER['REQUEST_METHOD'] === 'POST') {
141 $returnTo = HTTP::getPOSTRedirectURL($returnTo, $_POST);
142 }
143
144 if (array_key_exists('ErrorURL', $params)) {
145 $errorURL = (string) $params['ErrorURL'];
146 } else {
147 $errorURL = null;
148 }
149
150
151 if (!isset($params[State::RESTART]) && is_string($returnTo)) {
152 /*
153 * A URL to restart the authentication, in case the user bookmarks
154 * something, e.g. the discovery service page.
155 */
156 $restartURL = $this->getLoginURL($returnTo);
157 $params[State::RESTART] = $restartURL;
158 }
159
160 $as = $this->getAuthSource();
161 $as->initLogin($returnTo, $errorURL, $params);
162 assert('false');
163 }
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
SimpleSAML\Auth\Simple\getAuthSource
getAuthSource()
Retrieve the implementing authentication source.
Definition: Simple.php:54
SimpleSAML\Auth\Simple\getLoginURL
getLoginURL($returnTo=null)
Retrieve a URL that can be used to log the user in.
Definition: Simple.php:317
SimpleSAML\Utils\HTTP\getPOSTRedirectURL
static getPOSTRedirectURL($destination, $data)
Create a link which will POST data.
Definition: HTTP.php:668
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54
$params
$params
Definition: disable.php:11

References $_POST, $_SERVER, $as, $params, $returnTo, SimpleSAML\Auth\Simple\getAuthSource(), SimpleSAML\Auth\Simple\getLoginURL(), and SimpleSAML\Utils\HTTP\getPOSTRedirectURL().

Referenced by SimpleSAML\Auth\Simple\requireAuth().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ logout()

SimpleSAML\Auth\Simple::logout (   $params = null)

Log the user out.

This function logs the user out. It will never return. By default, it will cause a redirect to the current page after logging the user out, but a different URL can be given with the $params parameter.

Generic parameters are:

  • 'ReturnTo': The URL the user should be returned to after logout.
  • 'ReturnCallback': The function that should be called after logout.
  • 'ReturnStateParam': The parameter we should return the state in when redirecting.
  • 'ReturnStateStage': The stage the state array should be saved with.
Parameters
string | array | null$paramsEither the URL the user should be redirected to after logging out, or an array with parameters for the logout. If this parameter is null, we will return to the current page.

Definition at line 181 of file Simple.php.

182 {
183 assert('is_array($params) || is_string($params) || is_null($params)');
184
185 if ($params === null) {
186 $params = HTTP::getSelfURL();
187 }
188
189 if (is_string($params)) {
190 $params = array(
191 'ReturnTo' => $params,
192 );
193 }
194
195 assert('is_array($params)');
196 assert('isset($params["ReturnTo"]) || isset($params["ReturnCallback"])');
197
198 if (isset($params['ReturnStateParam']) || isset($params['ReturnStateStage'])) {
199 assert('isset($params["ReturnStateParam"]) && isset($params["ReturnStateStage"])');
200 }
201
202 $session = Session::getSessionFromRequest();
203 if ($session->isValid($this->authSource)) {
204 $state = $session->getAuthData($this->authSource, 'LogoutState');
205 if ($state !== null) {
206 $params = array_merge($state, $params);
207 }
208
209 $session->doLogout($this->authSource);
210
211 $params['LogoutCompletedHandler'] = array(get_class(), 'logoutCompleted');
212
213 $as = Source::getById($this->authSource);
214 if ($as !== null) {
215 $as->logout($params);
216 }
217 }
218
219 self::logoutCompleted($params);
220 }
$state
if(!array_key_exists('stateid', $_REQUEST)) $state
Handle linkback() response from LinkedIn.
Definition: linkback.php:10
SimpleSAML\Auth\Simple\logoutCompleted
static logoutCompleted($state)
Called when logout operation completes.
Definition: Simple.php:230

References $as, $params, $session, $state, and SimpleSAML\Auth\Simple\logoutCompleted().

+ Here is the call graph for this function:

◆ logoutCompleted()

static SimpleSAML\Auth\Simple::logoutCompleted (   $state)
static

Called when logout operation completes.

This function never returns.

Parameters
array$stateThe state after the logout.

Definition at line 230 of file Simple.php.

231 {
232 assert('is_array($state)');
233 assert('isset($state["ReturnTo"]) || isset($state["ReturnCallback"])');
234
235 if (isset($state['ReturnCallback'])) {
236 call_user_func($state['ReturnCallback'], $state);
237 assert('false');
238 } else {
239 $params = array();
240 if (isset($state['ReturnStateParam']) || isset($state['ReturnStateStage'])) {
241 assert('isset($state["ReturnStateParam"]) && isset($state["ReturnStateStage"])');
242 $stateID = State::saveState($state, $state['ReturnStateStage']);
243 $params[$state['ReturnStateParam']] = $stateID;
244 }
245 \SimpleSAML\Utils\HTTP::redirectTrustedURL($state['ReturnTo'], $params);
246 }
247 }
SimpleSAML\Utils\HTTP\redirectTrustedURL
static redirectTrustedURL($url, $parameters=array())
This function redirects to the specified URL without performing any security checks.
Definition: HTTP.php:962

References $params, $state, and SimpleSAML\Utils\HTTP\redirectTrustedURL().

Referenced by SimpleSAML\Auth\Simple\logout().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ requireAuth()

SimpleSAML\Auth\Simple::requireAuth ( array  $params = array())

Require the user to be authenticated.

If the user is authenticated, this function returns immediately.

If the user isn't authenticated, this function will authenticate the user with the authentication source, and then return the user to the current page.

This function accepts an array $params, which controls some parts of the authentication. See the login() method for a description.

Parameters
array$paramsVarious options to the authentication request. See the documentation.

Definition at line 93 of file Simple.php.

94 {
95
96 $session = Session::getSessionFromRequest();
97
98 if ($session->isValid($this->authSource)) {
99 // Already authenticated
100 return;
101 }
102
103 $this->login($params);
104 }
SimpleSAML\Auth\Simple\login
login(array $params=array())
Start an authentication process.
Definition: Simple.php:121

References $params, $session, and SimpleSAML\Auth\Simple\login().

+ Here is the call graph for this function:

Field Documentation

◆ $app_config

SimpleSAML\Auth\Simple::$app_config
protected

Definition at line 31 of file Simple.php.

◆ $authSource

SimpleSAML\Auth\Simple::$authSource
protected

Definition at line 26 of file Simple.php.

Referenced by SimpleSAML\Auth\Simple\__construct().

The documentation for this class was generated from the following file: