ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
Public Member Functions
ilCASAuth Class Reference

Class CASAuth. More...

+ Inheritance diagram for ilCASAuth:
+ Collaboration diagram for ilCASAuth:

Public Member Functions

 __construct ($a_params)
 Constructor public. More...
 
 checkCASAuth ()
 check cas autehntication More...
 
 forceCASAuth ()
 
 getCASUser ()
 
 login ()
 Checks if the current user is authenticated yet public. More...
 
 logout ()
 Register variable in a session telling that the user has logged in successfully. More...
 

Additional Inherited Members

- Static Public Member Functions inherited from SimpleSAML\Utils\Auth
static getAdminLoginURL ($returnTo=null)
 Retrieve a admin login URL. More...
 
static isAdmin ()
 Check whether the current user is admin. More...
 
static requireAdmin ()
 Require admin access to the current page. More...
 

Detailed Description

Class CASAuth.

CAS Authentication class.

Definition at line 37 of file class.ilCASAuth.php.

Constructor & Destructor Documentation

◆ __construct()

ilCASAuth::__construct (   $a_params)

Constructor public.

Definition at line 43 of file class.ilCASAuth.php.

References array, CAS_VERSION_2_0, and phpCAS\client().

44  {
45  if ($a_params["sessionName"] != "") {
46  parent::__construct("", array("sessionName" => $a_params["sessionName"]));
47  } else {
48  parent::__construct("");
49  }
50 
51  include_once("./Services/CAS/lib/CAS.php");
52  $this->server_version = CAS_VERSION_2_0;
53  $this->server_hostname = $a_params["server_hostname"];
54  $this->server_port = (int) $a_params["server_port"];
55  $this->server_uri = $a_params["server_uri"];
56 
57  //phpCAS::setDebug();
58  //echo "-".$_GET['ticket']."-"; exit;
59  phpCAS::client(
60  $this->server_version,
61  $this->server_hostname,
62  $this->server_port,
63  (string) $this->server_uri
64  );
65  }
CAS_VERSION_2_0
const CAS_VERSION_2_0
Definition: CAS.php:78
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
phpCAS\client
static client($server_version, $server_hostname, $server_port, $server_uri, $changeSessionID=true)
phpCAS client initializer.
Definition: CAS.php:338
+ Here is the call graph for this function:

Member Function Documentation

◆ checkCASAuth()

ilCASAuth::checkCASAuth ( )

check cas autehntication

can be called before forceAuthentication, but forceAuthentication must be called afterwards

Definition at line 73 of file class.ilCASAuth.php.

74  {
75  global $PHPCAS_CLIENT;
76 
77  return $PHPCAS_CLIENT->isAuthenticated();
78  }

◆ forceCASAuth()

ilCASAuth::forceCASAuth ( )

Definition at line 80 of file class.ilCASAuth.php.

References phpCAS\forceAuthentication().

81  {
82  phpCAS::forceAuthentication();
83  }
phpCAS\forceAuthentication
static forceAuthentication()
This method is called to force authentication if the user was not already authenticated.
Definition: CAS.php:1094
+ Here is the call graph for this function:

◆ getCASUser()

ilCASAuth::getCASUser ( )

Definition at line 85 of file class.ilCASAuth.php.

References phpCAS\getUser().

86  {
87  return phpCAS::getUser();
88  }
phpCAS\getUser
static getUser()
This method returns the CAS user's login name.
Definition: CAS.php:1175
+ Here is the call graph for this function:

◆ login()

ilCASAuth::login ( )

Checks if the current user is authenticated yet public.

Returns
boolean true if user is authenticated Set the maximum idle time
Parameters
integertime in seconds
booladd time to current maximum idle time or not
Returns
void public Set the maximum expire time
Parameters
integertime in seconds
booladd time to current expire time or not
Returns
void public Checks if there is a session with valid auth information.

private

Returns
boolean Whether or not the user is authenticated. Start new auth session

public

Returns
void Login function

private

Returns
void

Definition at line 214 of file class.ilCASAuth.php.

References $ilSetting, ilObjUser\_checkExternalAuthAccount(), ilAuthUtils\_generateLogin(), AUTH_CAS_NO_ILIAS_USER, phpCAS\getUser(), IL_PASSWD_CRYPTED, logout(), and time.

215  {
216  global $ilias, $rbacadmin, $ilSetting;
217 
218  if (phpCAS::getUser() != "") {
219  $username = phpCAS::getUser();
220 
221  // Authorize this user
222  include_once('./Services/User/classes/class.ilObjUser.php');
223  $local_user = ilObjUser::_checkExternalAuthAccount("cas", $username);
224 
225  if ($local_user != "") {
226  $this->setAuth($local_user);
227  } else {
228  if (!$ilSetting->get("cas_create_users")) {
229  $this->status = AUTH_CAS_NO_ILIAS_USER;
230  $this->logout();
231  return;
232  }
233 
234  $userObj = new ilObjUser();
235 
236  $local_user = ilAuthUtils::_generateLogin($username);
237 
238  $newUser["firstname"] = $local_user;
239  $newUser["lastname"] = "";
240 
241  $newUser["login"] = $local_user;
242 
243  // set "plain md5" password (= no valid password)
244  $newUser["passwd"] = "";
245  $newUser["passwd_type"] = IL_PASSWD_CRYPTED;
246 
247  //$newUser["gender"] = "m";
248  $newUser["auth_mode"] = "cas";
249  $newUser["ext_account"] = $username;
250  $newUser["profile_incomplete"] = 1;
251 
252  // system data
253  $userObj->assignData($newUser);
254  $userObj->setTitle($userObj->getFullname());
255  $userObj->setDescription($userObj->getEmail());
256 
257  // set user language to system language
258  $userObj->setLanguage($ilSetting->get("language"));
259 
260  // Time limit
261  $userObj->setTimeLimitOwner(7);
262  $userObj->setTimeLimitUnlimited(1);
263  $userObj->setTimeLimitFrom(time());
264  $userObj->setTimeLimitUntil(time());
265 
266  // Create user in DB
267  $userObj->setOwner(0);
268  $userObj->create();
269  $userObj->setActive(1);
270 
271  $userObj->updateOwner();
272 
273  //insert user data in table user_data
274  $userObj->saveAsNew();
275 
276  // setup user preferences
277  $userObj->writePrefs();
278 
279  // to do: test this
280  $rbacadmin->assignUser($ilSetting->get('cas_user_default_role'), $userObj->getId(), true);
281 
282  unset($userObj);
283 
284  $this->setAuth($local_user);
285  }
286  } else {
287  // This should never occur unless CAS is not configured properly
288  $this->status = AUTH_WRONG_LOGIN;
289  }
290  }
ilCASAuth\logout
logout()
Register variable in a session telling that the user has logged in successfully.
Definition: class.ilCASAuth.php:334
phpCAS\getUser
static getUser()
This method returns the CAS user's login name.
Definition: CAS.php:1175
IL_PASSWD_CRYPTED
const IL_PASSWD_CRYPTED
Definition: class.ilObjUser.php:5
ilAuthUtils\_generateLogin
static _generateLogin($a_login)
generate free login by starting with a default string and adding postfix numbers
Definition: class.ilAuthUtils.php:415
AUTH_CAS_NO_ILIAS_USER
const AUTH_CAS_NO_ILIAS_USER
Definition: class.ilAuthUtils.php:45
ilObjUser\_checkExternalAuthAccount
static _checkExternalAuthAccount($a_auth, $a_account, $tryFallback=true)
check whether external account and authentication method matches with a user
Definition: class.ilObjUser.php:3692
$ilSetting
global $ilSetting
Definition: privfeed.php:17
time
Add data(end) time
Method that wraps PHPs time in order to allow simulations with the workflow.
Definition: 40duplicateStyle.php:39
+ Here is the call graph for this function:

◆ logout()

ilCASAuth::logout ( )

Register variable in a session telling that the user has logged in successfully.

public

Parameters
stringUsername
Returns
void Logout function

This function clears any auth tokens in the currently active session and executes the logout callback function, if any

public

Returns
void

Definition at line 334 of file class.ilCASAuth.php.

Referenced by login().

335  {
336  parent::logout();
337  //PHPCAS::logout(); // CAS logout should be provided separately
338  // maybe on ILISA login screen
339  }
+ Here is the caller graph for this function:
The documentation for this class was generated from the following file: