Inheritance diagram for sspmod_authwindowslive_Auth_Source_LiveID:

Collaboration diagram for sspmod_authwindowslive_Auth_Source_LiveID:

Public Member Functions
	__construct ($info, $config)
	Constructor for this authentication source. More...

	authenticate (&$state)
	Log-in using LiveID platform. More...

	finalStep (&$state)

Public Member Functions inherited from SimpleSAML_Auth_Source
	__construct ($info, &$config)
	Constructor for an authentication source. More...

	getAuthId ()
	Retrieve the ID of this authentication source. More...

	authenticate (&$state)
	Process a request. More...

	reauthenticate (array &$state)
	Reauthenticate an user. More...

	initLogin ($return, $errorURL=null, array $params=array())
	Start authentication. More...

	logout (&$state)
	Log out from this authentication source. More...

Data Fields
const	STAGE_INIT = 'authwindowslive:init'
	The string used to identify our states. More...

const	AUTHID = 'authwindowslive:AuthId'
	The key of the AuthId field in the state. More...

Private Attributes
	$key

	$secret

Additional Inherited Members
Static Public Member Functions inherited from SimpleSAML_Auth_Source
static	getSourcesOfType ($type)
	Get sources of a specific type. More...

static	completeAuth (&$state)
	Complete authentication. More...

static	loginCompleted ($state)
	Called when a login operation has finished. More...

static	completeLogout (&$state)
	Complete logout. More...

static	getById ($authId, $type=null)
	Retrieve authentication source. More...

static	logoutCallback ($state)
	Called when the authentication source receives an external logout request. More...

static	getSources ()
	Retrieve list of authentication sources. More...

Protected Member Functions inherited from SimpleSAML_Auth_Source
	addLogoutCallback ($assoc, $state)
	Add a logout callback association. More...

	callLogoutCallback ($assoc)
	Call a logout callback based on association. More...

Static Protected Member Functions inherited from SimpleSAML_Auth_Source
static	validateSource ($source, $id)
	Make sure that the first element of an auth source is its identifier. More...

Protected Attributes inherited from SimpleSAML_Auth_Source
	$authId

Detailed Description

Definition at line 10 of file LiveID.php.

Constructor & Destructor Documentation

◆ __construct()

sspmod_authwindowslive_Auth_Source_LiveID::__construct	(	$info,
		$config
	)

Constructor for this authentication source.

Parameters

array	$info	Information about this authentication source.
array	$config	Configuration.

Exceptions

Exception In case of misconfiguration.

Definition at line 35 of file LiveID.php.

References $config, and $info.

     {
         assert('is_array($info)');
         assert('is_array($config)');
 
         // Call the parent constructor first, as required by the interface
         parent::__construct($info, $config);
 
         if (!array_key_exists('key', $config)) {
             throw new Exception('LiveID authentication source is not properly configured: missing [key]');
         }
 
         $this->key = $config['key'];
 
         if (!array_key_exists('secret', $config)) {
             throw new Exception('LiveID authentication source is not properly configured: missing [secret]');
         }
 
         $this->secret = $config['secret'];
     }

Member Function Documentation

◆ authenticate()

sspmod_authwindowslive_Auth_Source_LiveID::authenticate ( & $state )

Log-in using LiveID platform.

Parameters

array &$state Information about the current authentication.

Definition at line 62 of file LiveID.php.

References SimpleSAML_Auth_Source\$authId, $state, SimpleSAML\Logger\debug(), SimpleSAML\Utils\HTTP\redirectTrustedURL(), and SimpleSAML_Auth_State\saveState().

     {
         assert('is_array($state)');
 
         // we are going to need the authId in order to retrieve this authentication source later
         $state[self::AUTHID] = $this->authId;
 
         $stateID = SimpleSAML_Auth_State::saveState($state, self::STAGE_INIT);
 
         SimpleSAML\Logger::debug('authwindowslive auth state id = ' . $stateID);
 
         // authenticate the user
         // documentation at:
         // https://azure.microsoft.com/en-us/documentation/articles/active-directory-v2-protocols-oauth-code/
         $authorizeURL = 'https://login.microsoftonline.com/common/oauth2/v2.0/authorize'
                 . '?client_id=' . $this->key
                 . '&response_type=code'
                 . '&response_mode=query'
                 . '&redirect_uri=' . urlencode(SimpleSAML\Module::getModuleUrl('authwindowslive') . '/linkback.php')
                 . '&state=' . urlencode($stateID)
                 . '&scope=' . urlencode('openid https://graph.microsoft.com/user.read')
         ;
 
         \SimpleSAML\Utils\HTTP::redirectTrustedURL($authorizeURL);
     }

Here is the call graph for this function:

◆ finalStep()

sspmod_authwindowslive_Auth_Source_LiveID::finalStep ( & $state )

Parameters

$state

Exceptions

Exception

Definition at line 94 of file LiveID.php.

References $attributes, $data, $key, $postData, $response, $result, $state, $userdata, array, SimpleSAML\Logger\debug(), and SimpleSAML\Utils\HTTP\fetch().

     {
         SimpleSAML\Logger::debug(
             "authwindowslive oauth: Using this verification code [".$state['authwindowslive:verification_code']."]"
         );
 
         // retrieve Access Token
         // documentation at:
         // https://azure.microsoft.com/en-us/documentation/articles/active-directory-v2-protocols-oauth-code/#request-an-access-token
         $postData = 'client_id=' . urlencode($this->key)
                 . '&client_secret=' . urlencode($this->secret)
                 . '&scope=' . urlencode('https://graph.microsoft.com/user.read')
                 . '&grant_type=authorization_code'
                 . '&redirect_uri=' . urlencode(SimpleSAML\Module::getModuleUrl('authwindowslive') . '/linkback.php')
                 . '&code=' . urlencode($state['authwindowslive:verification_code']);
 
         $context = array(
             'http' => array(
                 'method'  => 'POST',
                 'header'  => 'Content-type: application/x-www-form-urlencoded',
                 'content' => $postData,
             ),
         );
 
         $result = \SimpleSAML\Utils\HTTP::fetch('https://login.microsoftonline.com/common/oauth2/v2.0/token', $context);
 
         $response = json_decode($result, true);
 
         // error checking of $response to make sure we can proceed
         if (!array_key_exists('access_token', $response)) {
             throw new Exception(
                 '['.$response['error'].'] '.$response['error_description'].
                 "\r\nNo access_token returned - cannot proceed\r\n" . implode(', ', $response['error_codes'])
             );
         }
 
         SimpleSAML\Logger::debug(
             "authwindowslive: Got an access token from the OAuth service provider [".$response['access_token']."]"
         );
 
         // documentation at: http://graph.microsoft.io/en-us/docs/overview/call_api
         $opts = array('http' => array('header' => "Accept: application/json\r\nAuthorization: Bearer ".
                         $response['access_token']."\r\n"));
         $data = \SimpleSAML\Utils\HTTP::fetch('https://graph.microsoft.com/v1.0/me', $opts);
         $userdata = json_decode($data, true);
 
         // this is the simplest case
         if (!array_key_exists('@odata.context', $userdata) || array_key_exists('error', $userdata)) {
             throw new Exception(
                 'Unable to retrieve userdata from Microsoft Graph ['.$userdata['error']['code'].'] '.
                 $userdata['error']['message']
             );
         }
         $attributes = array();
         $attributes['windowslive_targetedID'] = array(
             'https://graph.microsoft.com!'.(!empty($userdata['id']) ? $userdata['id'] : 'unknown')
         );
         foreach ($userdata as $key => $value) {
             if (is_string($value)) {
                 $attributes['windowslive.' . $key] = array((string)$value);
             }
         }
 
 
         SimpleSAML\Logger::debug('LiveID Returned Attributes: '. implode(", ", array_keys($attributes)));
 
         $state['Attributes'] = $attributes;
     }

Here is the call graph for this function:

Field Documentation

◆ $key

sspmod_authwindowslive_Auth_Source_LiveID::$key

private

Definition at line 23 of file LiveID.php.

Referenced by finalStep().

◆ $secret

sspmod_authwindowslive_Auth_Source_LiveID::$secret

private

Definition at line 24 of file LiveID.php.

◆ AUTHID

const sspmod_authwindowslive_Auth_Source_LiveID::AUTHID = 'authwindowslive:AuthId'

The key of the AuthId field in the state.

Definition at line 21 of file LiveID.php.

◆ STAGE_INIT

const sspmod_authwindowslive_Auth_Source_LiveID::STAGE_INIT = 'authwindowslive:init'

The string used to identify our states.

Definition at line 16 of file LiveID.php.

The documentation for this class was generated from the following file:

libs/composer/vendor/simplesamlphp/simplesamlphp/modules/authwindowslive/lib/Auth/Source/LiveID.php

Public Member Functions

Data Fields

Private Attributes

Additional Inherited Members

Detailed Description

Constructor & Destructor Documentation

◆ __construct()

Member Function Documentation

◆ authenticate()

◆ finalStep()

Field Documentation

◆ $key

◆ $secret

◆ AUTHID

◆ STAGE_INIT