ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
Public Member Functions
ilCASAuth Class Reference

Class CASAuth. More...

+ Inheritance diagram for ilCASAuth:
+ Collaboration diagram for ilCASAuth:

Public Member Functions

 __construct ($a_params)
 Constructor @access public. More...
 
 checkCASAuth ()
 check cas autehntication More...
 
 forceCASAuth ()
 
 getCASUser ()
 
 login ()
 Checks if the current user is authenticated yet @access public. More...
 
 logout ()
 Register variable in a session telling that the user has logged in successfully. More...
 

Additional Inherited Members

- Static Public Member Functions inherited from SimpleSAML\Utils\Auth
static getAdminLoginURL ($returnTo=null)
 Retrieve a admin login URL. More...
 
static isAdmin ()
 Check whether the current user is admin. More...
 
static requireAdmin ()
 Require admin access to the current page. More...
 

Detailed Description

Class CASAuth.

CAS Authentication class.

Definition at line 37 of file class.ilCASAuth.php.

Constructor & Destructor Documentation

◆ __construct()

ilCASAuth::__construct (   $a_params)

Constructor @access public.

Definition at line 43 of file class.ilCASAuth.php.

44 {
45 if ($a_params["sessionName"] != "") {
46 parent::__construct("", array("sessionName" => $a_params["sessionName"]));
47 } else {
48 parent::__construct("");
49 }
50
51 include_once("./Services/CAS/lib/CAS.php");
52 $this->server_version = CAS_VERSION_2_0;
53 $this->server_hostname = $a_params["server_hostname"];
54 $this->server_port = (int) $a_params["server_port"];
55 $this->server_uri = $a_params["server_uri"];
56
57 //phpCAS::setDebug();
58 //echo "-".$_GET['ticket']."-"; exit;
59 phpCAS::client(
60 $this->server_version,
61 $this->server_hostname,
62 $this->server_port,
63 (string) $this->server_uri
64 );
65 }
phpCAS\client
static client($server_version, $server_hostname, $server_port, $server_uri, $changeSessionID=true)
phpCAS client initializer.
Definition: CAS.php:338
CAS_VERSION_2_0
const CAS_VERSION_2_0
Definition: CAS.php:78

References CAS_VERSION_2_0, and phpCAS\client().

+ Here is the call graph for this function:

Member Function Documentation

◆ checkCASAuth()

ilCASAuth::checkCASAuth ( )

check cas autehntication

can be called before forceAuthentication, but forceAuthentication must be called afterwards

Definition at line 73 of file class.ilCASAuth.php.

74 {
75 global $PHPCAS_CLIENT;
76
77 return $PHPCAS_CLIENT->isAuthenticated();
78 }

◆ forceCASAuth()

ilCASAuth::forceCASAuth ( )

Definition at line 80 of file class.ilCASAuth.php.

81 {
82 phpCAS::forceAuthentication();
83 }
phpCAS\forceAuthentication
static forceAuthentication()
This method is called to force authentication if the user was not already authenticated.
Definition: CAS.php:1094

References phpCAS\forceAuthentication().

+ Here is the call graph for this function:

◆ getCASUser()

ilCASAuth::getCASUser ( )

Definition at line 85 of file class.ilCASAuth.php.

86 {
87 return phpCAS::getUser();
88 }
phpCAS\getUser
static getUser()
This method returns the CAS user's login name.
Definition: CAS.php:1175

References phpCAS\getUser().

+ Here is the call graph for this function:

◆ login()

ilCASAuth::login ( )

Checks if the current user is authenticated yet @access public.

Returns
boolean true if user is authenticated Set the maximum idle time
Parameters
integertime in seconds
booladd time to current maximum idle time or not
Returns
void @access public Set the maximum expire time
Parameters
integertime in seconds
booladd time to current expire time or not
Returns
void @access public Checks if there is a session with valid auth information.

@access private

Returns
boolean Whether or not the user is authenticated. Start new auth session

@access public

Returns
void Login function

@access private

Returns
void

Definition at line 214 of file class.ilCASAuth.php.

215 {
216 global $ilias, $rbacadmin, $ilSetting;
217
218 if (phpCAS::getUser() != "") {
219 $username = phpCAS::getUser();
220
221 // Authorize this user
222 include_once('./Services/User/classes/class.ilObjUser.php');
223 $local_user = ilObjUser::_checkExternalAuthAccount("cas", $username);
224
225 if ($local_user != "") {
226 $this->setAuth($local_user);
227 } else {
228 if (!$ilSetting->get("cas_create_users")) {
229 $this->status = AUTH_CAS_NO_ILIAS_USER;
230 $this->logout();
231 return;
232 }
233
234 $userObj = new ilObjUser();
235
236 $local_user = ilAuthUtils::_generateLogin($username);
237
238 $newUser["firstname"] = $local_user;
239 $newUser["lastname"] = "";
240
241 $newUser["login"] = $local_user;
242
243 // set "plain md5" password (= no valid password)
244 $newUser["passwd"] = "";
245 $newUser["passwd_type"] = IL_PASSWD_CRYPTED;
246
247 //$newUser["gender"] = "m";
248 $newUser["auth_mode"] = "cas";
249 $newUser["ext_account"] = $username;
250 $newUser["profile_incomplete"] = 1;
251
252 // system data
253 $userObj->assignData($newUser);
254 $userObj->setTitle($userObj->getFullname());
255 $userObj->setDescription($userObj->getEmail());
256
257 // set user language to system language
258 $userObj->setLanguage($ilSetting->get("language"));
259
260 // Time limit
261 $userObj->setTimeLimitOwner(7);
262 $userObj->setTimeLimitUnlimited(1);
263 $userObj->setTimeLimitFrom(time());
264 $userObj->setTimeLimitUntil(time());
265
266 // Create user in DB
267 $userObj->setOwner(0);
268 $userObj->create();
269 $userObj->setActive(1);
270
271 $userObj->updateOwner();
272
273 //insert user data in table user_data
274 $userObj->saveAsNew();
275
276 // setup user preferences
277 $userObj->writePrefs();
278
279 // to do: test this
280 $rbacadmin->assignUser($ilSetting->get('cas_user_default_role'), $userObj->getId(), true);
281
282 unset($userObj);
283
284 $this->setAuth($local_user);
285 }
286 } else {
287 // This should never occur unless CAS is not configured properly
288 $this->status = AUTH_WRONG_LOGIN;
289 }
290 }
AUTH_CAS_NO_ILIAS_USER
const AUTH_CAS_NO_ILIAS_USER
Definition: class.ilAuthUtils.php:45
IL_PASSWD_CRYPTED
const IL_PASSWD_CRYPTED
Definition: class.ilObjUser.php:5
ilAuthUtils\_generateLogin
static _generateLogin($a_login)
generate free login by starting with a default string and adding postfix numbers
Definition: class.ilAuthUtils.php:415
ilCASAuth\logout
logout()
Register variable in a session telling that the user has logged in successfully.
Definition: class.ilCASAuth.php:334
ilObjUser\_checkExternalAuthAccount
static _checkExternalAuthAccount($a_auth, $a_account, $tryFallback=true)
check whether external account and authentication method matches with a user
Definition: class.ilObjUser.php:3692
$ilSetting
global $ilSetting
Definition: privfeed.php:17

References $ilSetting, ilObjUser\_checkExternalAuthAccount(), ilAuthUtils\_generateLogin(), AUTH_CAS_NO_ILIAS_USER, phpCAS\getUser(), IL_PASSWD_CRYPTED, and logout().

+ Here is the call graph for this function:

◆ logout()

ilCASAuth::logout ( )

Register variable in a session telling that the user has logged in successfully.

@access public

Parameters
stringUsername
Returns
void Logout function

This function clears any auth tokens in the currently active session and executes the logout callback function, if any

@access public

Returns
void

Definition at line 334 of file class.ilCASAuth.php.

335 {
336 parent::logout();
337 //PHPCAS::logout(); // CAS logout should be provided separately
338 // maybe on ILISA login screen
339 }

Referenced by login().

+ Here is the caller graph for this function:
The documentation for this class was generated from the following file: