ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
Public Member Functions | Static Public Member Functions | Data Fields | Protected Member Functions | Protected Attributes | Private Attributes
sspmod_core_Auth_UserPassBase Class Reference
+ Inheritance diagram for sspmod_core_Auth_UserPassBase:
+ Collaboration diagram for sspmod_core_Auth_UserPassBase:

Public Member Functions

 __construct ($info, &$config)
 Constructor for this authentication source. More...
 
 setForcedUsername ($forcedUsername)
 Set forced username. More...
 
 getLoginLinks ()
 Return login links from configuration. More...
 
 getRememberUsernameEnabled ()
 Getter for the authsource config option remember.username.enabled. More...
 
 getRememberUsernameChecked ()
 Getter for the authsource config option remember.username.checked. More...
 
 isRememberMeEnabled ()
 Check if the "remember me" feature is enabled. More...
 
 isRememberMeChecked ()
 Check if the "remember me" checkbox should be checked. More...
 
 authenticate (&$state)
 Initialize login. More...
 
- Public Member Functions inherited from SimpleSAML_Auth_Source
 __construct ($info, &$config)
 Constructor for an authentication source. More...
 
 getAuthId ()
 Retrieve the ID of this authentication source. More...
 
 authenticate (&$state)
 Process a request. More...
 
 reauthenticate (array &$state)
 Reauthenticate an user. More...
 
 initLogin ($return, $errorURL=null, array $params=array())
 Start authentication. More...
 
 logout (&$state)
 Log out from this authentication source. More...
 

Static Public Member Functions

static handleLogin ($authStateId, $username, $password)
 Handle login request. More...
 
- Static Public Member Functions inherited from SimpleSAML_Auth_Source
static getSourcesOfType ($type)
 Get sources of a specific type. More...
 
static completeAuth (&$state)
 Complete authentication. More...
 
static loginCompleted ($state)
 Called when a login operation has finished. More...
 
static completeLogout (&$state)
 Complete logout. More...
 
static getById ($authId, $type=null)
 Retrieve authentication source. More...
 
static logoutCallback ($state)
 Called when the authentication source receives an external logout request. More...
 
static getSources ()
 Retrieve list of authentication sources. More...
 

Data Fields

const STAGEID = 'sspmod_core_Auth_UserPassBase.state'
 The string used to identify our states. More...
 
const AUTHID = 'sspmod_core_Auth_UserPassBase.AuthId'
 The key of the AuthId field in the state. More...
 

Protected Member Functions

 login ($username, $password)
 Attempt to log in using the given username and password. More...
 
- Protected Member Functions inherited from SimpleSAML_Auth_Source
 addLogoutCallback ($assoc, $state)
 Add a logout callback association. More...
 
 callLogoutCallback ($assoc)
 Call a logout callback based on association. More...
 

Protected Attributes

 $loginLinks
 Links to pages from login page. More...
 
 $rememberUsernameEnabled = FALSE
 
 $rememberUsernameChecked = FALSE
 
 $rememberMeEnabled = FALSE
 
 $rememberMeChecked = FALSE
 
- Protected Attributes inherited from SimpleSAML_Auth_Source
 $authId
 

Private Attributes

 $forcedUsername
 Username we should force. More...
 

Additional Inherited Members

- Static Protected Member Functions inherited from SimpleSAML_Auth_Source
static validateSource ($source, $id)
 Make sure that the first element of an auth source is its identifier. More...
 

Detailed Description

Definition at line 12 of file UserPassBase.php.

Constructor & Destructor Documentation

◆ __construct()

sspmod_core_Auth_UserPassBase::__construct (   $info,
$config 
)

Constructor for this authentication source.

All subclasses who implement their own constructor must call this constructor before using $config for anything.

Parameters
array$infoInformation about this authentication source.
array&$configConfiguration for this authentication source.

Reimplemented from SimpleSAML_Auth_Source.

Definition at line 84 of file UserPassBase.php.

84 {
85 assert('is_array($info)');
86 assert('is_array($config)');
87
88 if (isset($config['core:loginpage_links'])) {
89 $this->loginLinks = $config['core:loginpage_links'];
90 }
91
92 // Call the parent constructor first, as required by the interface
93 parent::__construct($info, $config);
94
95 // Get the remember username config options
96 if (isset($config['remember.username.enabled'])) {
97 $this->rememberUsernameEnabled = (bool) $config['remember.username.enabled'];
98 unset($config['remember.username.enabled']);
99 }
100 if (isset($config['remember.username.checked'])) {
101 $this->rememberUsernameChecked = (bool) $config['remember.username.checked'];
102 unset($config['remember.username.checked']);
103 }
104
105 // get the "remember me" config options
106 $sspcnf = SimpleSAML_Configuration::getInstance();
107 $this->rememberMeEnabled = $sspcnf->getBoolean('session.rememberme.enable', FALSE);
108 $this->rememberMeChecked = $sspcnf->getBoolean('session.rememberme.checked', FALSE);
109 }
SimpleSAML_Configuration\getInstance
static getInstance($instancename='simplesaml')
Get a configuration file by its instance name.
Definition: Configuration.php:297
$info
$info
Definition: index.php:5

References $config, $info, and SimpleSAML_Configuration\getInstance().

+ Here is the call graph for this function:

Member Function Documentation

◆ authenticate()

sspmod_core_Auth_UserPassBase::authenticate ( $state)

Initialize login.

This function saves the information about the login, and redirects to a login page.

Parameters
array&$stateInformation about the current authentication.

Reimplemented from SimpleSAML_Auth_Source.

Definition at line 169 of file UserPassBase.php.

169 {
170 assert('is_array($state)');
171
172 /*
173 * Save the identifier of this authentication source, so that we can
174 * retrieve it later. This allows us to call the login()-function on
175 * the current object.
176 */
177 $state[self::AUTHID] = $this->authId;
178
179 // What username we should force, if any
180 if ($this->forcedUsername !== NULL) {
181 /*
182 * This is accessed by the login form, to determine if the user
183 * is allowed to change the username.
184 */
185 $state['forcedUsername'] = $this->forcedUsername;
186 }
187
188 /* Save the $state-array, so that we can restore it after a redirect. */
189 $id = SimpleSAML_Auth_State::saveState($state, self::STAGEID);
190
191 /*
192 * Redirect to the login form. We include the identifier of the saved
193 * state array as a parameter to the login form.
194 */
195 $url = SimpleSAML\Module::getModuleURL('core/loginuserpass.php');
196 $params = array('AuthState' => $id);
197 \SimpleSAML\Utils\HTTP::redirectTrustedURL($url, $params);
198
199 /* The previous function never returns, so this code is never executed. */
200 assert('FALSE');
201 }
$state
if(!array_key_exists('stateid', $_REQUEST)) $state
Handle linkback() response from LinkedIn.
Definition: linkback.php:10
SimpleSAML\Module\getModuleURL
static getModuleURL($resource, array $parameters=array())
Get absolute URL to a specified module resource.
Definition: Module.php:303
SimpleSAML\Utils\HTTP\redirectTrustedURL
static redirectTrustedURL($url, $parameters=array())
This function redirects to the specified URL without performing any security checks.
Definition: HTTP.php:962
SimpleSAML_Auth_Source\$authId
$authId
Definition: Source.php:22
SimpleSAML_Auth_State\saveState
static saveState(&$state, $stage, $rawId=false)
Save the state.
Definition: State.php:194
sspmod_core_Auth_UserPassBase\$forcedUsername
$forcedUsername
Username we should force.
Definition: UserPassBase.php:33
sspmod_core_Auth_UserPassBase\AUTHID
const AUTHID
The key of the AuthId field in the state.
Definition: UserPassBase.php:24
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14
$url
$url
Definition: proxy_ylocal.php:28
$params
$params
Definition: disable.php:11

References SimpleSAML_Auth_Source\$authId, $forcedUsername, $id, $params, $state, $url, AUTHID, SimpleSAML\Module\getModuleURL(), SimpleSAML\Utils\HTTP\redirectTrustedURL(), and SimpleSAML_Auth_State\saveState().

+ Here is the call graph for this function:

◆ getLoginLinks()

sspmod_core_Auth_UserPassBase::getLoginLinks ( )

Return login links from configuration.

Definition at line 125 of file UserPassBase.php.

125 {
126 return $this->loginLinks;
127 }
sspmod_core_Auth_UserPassBase\$loginLinks
$loginLinks
Links to pages from login page.
Definition: UserPassBase.php:39

References $loginLinks.

◆ getRememberUsernameChecked()

sspmod_core_Auth_UserPassBase::getRememberUsernameChecked ( )

Getter for the authsource config option remember.username.checked.

Returns
bool

Definition at line 141 of file UserPassBase.php.

141 {
142 return $this->rememberUsernameChecked;
143 }
sspmod_core_Auth_UserPassBase\$rememberUsernameChecked
$rememberUsernameChecked
Definition: UserPassBase.php:55

References $rememberUsernameChecked.

◆ getRememberUsernameEnabled()

sspmod_core_Auth_UserPassBase::getRememberUsernameEnabled ( )

Getter for the authsource config option remember.username.enabled.

Returns
bool

Definition at line 133 of file UserPassBase.php.

133 {
134 return $this->rememberUsernameEnabled;
135 }
sspmod_core_Auth_UserPassBase\$rememberUsernameEnabled
$rememberUsernameEnabled
Definition: UserPassBase.php:47

References $rememberUsernameEnabled.

◆ handleLogin()

static sspmod_core_Auth_UserPassBase::handleLogin (   $authStateId,
  $username,
  $password 
)
static

Handle login request.

This function is used by the login form (core/www/loginuserpass.php) when the user enters a username and password. On success, it will not return. On wrong username/password failure, and other errors, it will throw an exception.

Parameters
string$authStateIdThe identifier of the authentication state.
string$usernameThe username the user wrote.
string$passwordThe password the user wrote.

Definition at line 231 of file UserPassBase.php.

231 {
232 assert('is_string($authStateId)');
233 assert('is_string($username)');
234 assert('is_string($password)');
235
236 /* Here we retrieve the state array we saved in the authenticate-function. */
237 $state = SimpleSAML_Auth_State::loadState($authStateId, self::STAGEID);
238
239 /* Retrieve the authentication source we are executing. */
240 assert('array_key_exists(self::AUTHID, $state)');
241 $source = SimpleSAML_Auth_Source::getById($state[self::AUTHID]);
242 if ($source === NULL) {
243 throw new Exception('Could not find authentication source with id ' . $state[self::AUTHID]);
244 }
245
246 /*
247 * $source now contains the authentication source on which authenticate()
248 * was called. We should call login() on the same authentication source.
249 */
250
251 /* Attempt to log in. */
252 try {
253 $attributes = $source->login($username, $password);
254 } catch (Exception $e) {
255 SimpleSAML\Logger::stats('Unsuccessful login attempt from '.$_SERVER['REMOTE_ADDR'].'.');
256 throw $e;
257 }
258
259 SimpleSAML\Logger::stats('User \''.$username.'\' successfully authenticated from '.$_SERVER['REMOTE_ADDR']);
260
261 /* Save the attributes we received from the login-function in the $state-array. */
262 assert('is_array($attributes)');
263 $state['Attributes'] = $attributes;
264
265 /* Return control to SimpleSAMLphp after successful authentication. */
266 SimpleSAML_Auth_Source::completeAuth($state);
267 }
$source
$source
Definition: linkback.php:22
SimpleSAML\Logger\stats
static stats($string)
Definition: Logger.php:224
SimpleSAML_Auth_Source\getById
static getById($authId, $type=null)
Retrieve authentication source.
Definition: Source.php:324
SimpleSAML_Auth_State\loadState
static loadState($id, $stage, $allowMissing=false)
Retrieve saved state.
Definition: State.php:259
$password
$password
Definition: pwgen.php:17
$attributes
$attributes
Definition: serviceValidate.php:33
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54
$authStateId
if(!array_key_exists('AuthState', $_REQUEST)) $authStateId
Definition: yubikeylogin.php:15

References $_SERVER, $attributes, $authStateId, $password, $source, $state, SimpleSAML_Auth_Source\getById(), SimpleSAML_Auth_State\loadState(), and SimpleSAML\Logger\stats().

+ Here is the call graph for this function:

◆ isRememberMeChecked()

sspmod_core_Auth_UserPassBase::isRememberMeChecked ( )

Check if the "remember me" checkbox should be checked.

Returns
bool TRUE if enabled, FALSE otherwise.

Definition at line 157 of file UserPassBase.php.

157 {
158 return $this->rememberMeChecked;
159 }
sspmod_core_Auth_UserPassBase\$rememberMeChecked
$rememberMeChecked
Definition: UserPassBase.php:73

References $rememberMeChecked.

◆ isRememberMeEnabled()

sspmod_core_Auth_UserPassBase::isRememberMeEnabled ( )

Check if the "remember me" feature is enabled.

Returns
bool TRUE if enabled, FALSE otherwise.

Definition at line 149 of file UserPassBase.php.

149 {
150 return $this->rememberMeEnabled;
151 }
sspmod_core_Auth_UserPassBase\$rememberMeEnabled
$rememberMeEnabled
Definition: UserPassBase.php:65

References $rememberMeEnabled.

◆ login()

sspmod_core_Auth_UserPassBase::login (   $username,
  $password 
)
abstractprotected

Attempt to log in using the given username and password.

On a successful login, this function should return the users attributes. On failure, it should throw an exception/error. If the error was caused by the user entering the wrong username or password, a SimpleSAML_Error_Error('WRONGUSERPASS') should be thrown.

Note that both the username and the password are UTF-8 encoded.

Parameters
string$usernameThe username the user wrote.
string$passwordThe password the user wrote.
Returns
array Associative array with the user's attributes.

Reimplemented in sspmod_authcrypt_Auth_Source_Hash, sspmod_authcrypt_Auth_Source_Htpasswd, sspmod_core_Auth_Source_AdminPassword, sspmod_exampleauth_Auth_Source_UserPass, sspmod_radius_Auth_Source_Radius, and sspmod_sqlauth_Auth_Source_SQL.

◆ setForcedUsername()

sspmod_core_Auth_UserPassBase::setForcedUsername (   $forcedUsername)

Set forced username.

Parameters
string | NULL$forcedUsernameThe forced username.

Definition at line 117 of file UserPassBase.php.

117 {
118 assert('is_string($forcedUsername) || is_null($forcedUsername)');
119 $this->forcedUsername = $forcedUsername;
120 }

References $forcedUsername.

Referenced by sspmod_core_Auth_Source_AdminPassword\__construct().

+ Here is the caller graph for this function:

Field Documentation

◆ $forcedUsername

sspmod_core_Auth_UserPassBase::$forcedUsername
private

Username we should force.

A forced username cannot be changed by the user. If this is NULL, we won't force any username.

Definition at line 33 of file UserPassBase.php.

Referenced by authenticate(), and setForcedUsername().

◆ $loginLinks

sspmod_core_Auth_UserPassBase::$loginLinks
protected

Links to pages from login page.

From configuration

Definition at line 39 of file UserPassBase.php.

Referenced by getLoginLinks().

◆ $rememberMeChecked

sspmod_core_Auth_UserPassBase::$rememberMeChecked = FALSE
protected

Definition at line 73 of file UserPassBase.php.

Referenced by isRememberMeChecked().

◆ $rememberMeEnabled

sspmod_core_Auth_UserPassBase::$rememberMeEnabled = FALSE
protected

Definition at line 65 of file UserPassBase.php.

Referenced by isRememberMeEnabled().

◆ $rememberUsernameChecked

sspmod_core_Auth_UserPassBase::$rememberUsernameChecked = FALSE
protected

Definition at line 55 of file UserPassBase.php.

Referenced by getRememberUsernameChecked().

◆ $rememberUsernameEnabled

sspmod_core_Auth_UserPassBase::$rememberUsernameEnabled = FALSE
protected

Definition at line 47 of file UserPassBase.php.

Referenced by getRememberUsernameEnabled().

◆ AUTHID

const sspmod_core_Auth_UserPassBase::AUTHID = 'sspmod_core_Auth_UserPassBase.AuthId'

The key of the AuthId field in the state.

Definition at line 24 of file UserPassBase.php.

Referenced by authenticate().

◆ STAGEID

const sspmod_core_Auth_UserPassBase::STAGEID = 'sspmod_core_Auth_UserPassBase.state'

The string used to identify our states.

Definition at line 18 of file UserPassBase.php.

The documentation for this class was generated from the following file: