ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
class.ilAuthContainerSOAP.php
Go to the documentation of this file.
1<?php
2/*
3 +-----------------------------------------------------------------------------+
4 | ILIAS open source |
5 +-----------------------------------------------------------------------------+
6 | Copyright (c) 1998-2001 ILIAS open source, University of Cologne |
7 | |
8 | This program is free software; you can redistribute it and/or |
9 | modify it under the terms of the GNU General Public License |
10 | as published by the Free Software Foundation; either version 2 |
11 | of the License, or (at your option) any later version. |
12 | |
13 | This program is distributed in the hope that it will be useful, |
14 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | GNU General Public License for more details. |
17 | |
18 | You should have received a copy of the GNU General Public License |
19 | along with this program; if not, write to the Free Software |
20 | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21 +-----------------------------------------------------------------------------+
22*/
23
24include_once 'Auth/Container/LDAP.php';
25include_once("./webservice/soap/lib/nusoap.php");
26
35class ilAuthContainerSOAP extends Auth_Container
36{
37 protected $server_host = null;
38 protected $server_port = null;
39 protected $server_uri = null;
40 protected $server_https = null;
41 protected $server_nms = null;
42 protected $use_dot_net = null;
43
44 protected $uri = null;
45
46 protected $client = null;
47 protected $response = null;
48
52 public function __construct()
53 {
54 $_POST['username'] = $_GET['ext_uid'];
55 $_POST['password'] = $_GET['soap_pw'];
56
57 parent::__construct();
58 $this->initClient();
59 }
60
65 public function initClient()
66 {
67 global $ilSetting;
68
69 $this->server_host = $ilSetting->get('soap_auth_server');
70 $this->server_port = $ilSetting->get('soap_auth_port');
71 $this->server_uri = $ilSetting->get('soap_auth_uri');
72 $this->server_https = $ilSetting->get('soap_auth_use_https');
73 $this->server_nms = $ilSetting->get('soap_auth_namespace');
74 $this->use_dot_net = $ilSetting->get('use_dotnet');
75
76 $this->uri = $this->server_https ? 'https://' : 'http://';
77 $this->uri .= $this->server_host;
78
79 if ($this->server_port > 0) {
80 $this->uri .= (':' . $this->server_port);
81 }
82 if ($this->server_uri) {
83 $this->uri .= ('/' . $this->server_uri);
84 }
85 $this->client = new nusoap_client($this->uri);
86 }
87
95 public function fetchData($a_username, $a_password, $isChallengeResponse = false)
96 {
97 $GLOBALS['ilLog']->write(__METHOD__ . ': Soap auth fetch data');
98
99 // check whether external user exists in ILIAS database
100 $local_user = ilObjUser::_checkExternalAuthAccount("soap", $a_username);
101
102 if ($local_user == "") {
103 $new_user = true;
104 } else {
105 $new_user = false;
106 }
107
108 $soapAction = "";
109 $nspref = "";
110 if ($this->use_dotnet) {
111 $soapAction = $this->server_nms . "/isValidSession";
112 $nspref = "ns1:";
113 }
114 $valid = $this->client->call(
115 'isValidSession',
116 array($nspref . 'ext_uid' => $a_username,
117 $nspref . 'soap_pw' => $a_password,
118 $nspref . 'new_user' => $new_user),
119 $this->server_nms,
120 $soapAction
121 );
122 //echo "<br>== Request ==";
123 //echo '<br><pre>' . htmlspecialchars($this->soap_client->request, ENT_QUOTES) . '</pre><br>';
124 //echo "<br>== Response ==";
125 //echo "<br>Valid: -".$valid["valid"]."-";
126 //echo '<br><pre>' . htmlspecialchars($this->soap_client->response, ENT_QUOTES) . '</pre>';
127
128 if (trim($valid["valid"]) == "false") {
129 $valid["valid"] = false;
130 }
131
132 // to do check SOAP error!?
133 $valid["local_user"] = $local_user;
134 $this->response = $valid;
135 return $valid['valid'] == true;
136 }
137
144 public function loginObserver($a_username, $a_auth)
145 {
146 global $ilias, $rbacadmin, $lng, $ilSetting;
147
148 $GLOBALS['ilLog']->write(__METHOD__ . ': SOAP login observer called');
149
150
151 // TODO: handle passed credentials via GET
152 /*
153 if (empty($_GET["ext_uid"]) || empty($_GET["soap_pw"]))
154 {
155 $this->status = AUTH_WRONG_LOGIN;
156 return;
157 }
158 */
159
160 // Not required anymore
161 /*
162 $validation_data = $this->validateSoapUser($_GET["ext_uid"], $_GET["soap_pw"]);
163
164 if (!$validation_data["valid"])
165 {
166 $this->status = AUTH_WRONG_LOGIN;
167 return;
168 }
169 */
170
171 $local_user = $this->response["local_user"];
172 if ($local_user != "") {
173 // to do: handle update of user
174 $a_auth->setAuth($local_user);
175 return true;
176 }
177 if (!$ilSetting->get("soap_auth_create_users")) {
178 $a_auth->status = AUTH_SOAP_NO_ILIAS_USER;
179 $a_auth->logout();
180 return false;
181 }
182
183 $userObj = new ilObjUser();
184 $local_user = ilAuthUtils::_generateLogin($a_username);
185
186 $newUser["firstname"] = $this->response["firstname"];
187 $newUser["lastname"] = $this->response["lastname"];
188 $newUser["email"] = $this->response["email"];
189
190 $newUser["login"] = $local_user;
191
192 // to do: set valid password and send mail
193 $newUser["passwd"] = "";
194 $newUser["passwd_type"] = IL_PASSWD_CRYPTED;
195
196 // generate password, if local authentication is allowed
197 // and account mail is activated
198 $pw = "";
199
200 if ($ilSetting->get("soap_auth_allow_local") &&
201 $ilSetting->get("soap_auth_account_mail")) {
202 $pw = ilUtil::generatePasswords(1);
203 $pw = $pw[0];
204 $newUser["passwd"] = $pw;
205 $newUser["passwd_type"] = IL_PASSWD_PLAIN;
206 }
207
208 //$newUser["gender"] = "m";
209 $newUser["auth_mode"] = "soap";
210 $newUser["ext_account"] = $a_username;
211 $newUser["profile_incomplete"] = 1;
212
213 // system data
214 $userObj->assignData($newUser);
215 $userObj->setTitle($userObj->getFullname());
216 $userObj->setDescription($userObj->getEmail());
217
218 // set user language to system language
219 $userObj->setLanguage($lng->lang_default);
220
221 // Time limit
222 $userObj->setTimeLimitOwner(7);
223 $userObj->setTimeLimitUnlimited(1);
224 $userObj->setTimeLimitFrom(time());
225 $userObj->setTimeLimitUntil(time());
226
227 // Create user in DB
228 $userObj->setOwner(0);
229 $userObj->create();
230 $userObj->setActive(1);
231
232 $userObj->updateOwner();
233
234 //insert user data in table user_data
235 $userObj->saveAsNew(false);
236
237 // setup user preferences
238 $userObj->writePrefs();
239
240 // to do: test this
241 $rbacadmin->assignUser($ilSetting->get('soap_auth_user_default_role'), $userObj->getId(), true);
242
243 // send account mail
244 if ($ilSetting->get("soap_auth_account_mail")) {
245 include_once('./Services/User/classes/class.ilObjUserFolder.php');
246 $amail = ilObjUserFolder::_lookupNewAccountMail($ilSetting->get("language"));
247 if (trim($amail["body"]) != "" && trim($amail["subject"]) != "") {
248 include_once("Services/Mail/classes/class.ilAccountMail.php");
249 $acc_mail = new ilAccountMail();
250
251 if ($pw != "") {
252 $acc_mail->setUserPassword($pw);
253 }
254 $acc_mail->setUser($userObj);
255 $acc_mail->send();
256 }
257 }
258
259 unset($userObj);
260 $a_auth->setAuth($local_user);
261 return true;
262 }
263}
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
Auth_Container
php
An exception for terminatinating execution or to throw for unit testing.
AUTH_SOAP_NO_ILIAS_USER
const AUTH_SOAP_NO_ILIAS_USER
Definition: class.ilAuthUtils.php:32
IL_PASSWD_PLAIN
const IL_PASSWD_PLAIN
Definition: class.ilObjUser.php:4
IL_PASSWD_CRYPTED
const IL_PASSWD_CRYPTED
Definition: class.ilObjUser.php:5
ilAccountMail
Class ilAccountMail.
Definition: class.ilAccountMail.php:14
ilAuthContainerSOAP
@classDescription Authentication against external SOAP server
Definition: class.ilAuthContainerSOAP.php:36
ilAuthContainerSOAP\loginObserver
loginObserver($a_username, $a_auth)
Called after login and successful call of fetch data.
Definition: class.ilAuthContainerSOAP.php:144
ilAuthContainerSOAP\fetchData
fetchData($a_username, $a_password, $isChallengeResponse=false)
Call is isValidSession of soap server.
Definition: class.ilAuthContainerSOAP.php:95
ilAuthUtils\_generateLogin
static _generateLogin($a_login)
generate free login by starting with a default string and adding postfix numbers
Definition: class.ilAuthUtils.php:438
ilObjUserFolder\_lookupNewAccountMail
static _lookupNewAccountMail($a_lang)
Definition: class.ilObjUserFolder.php:617
ilObjUser\_checkExternalAuthAccount
static _checkExternalAuthAccount($a_auth, $a_account, $tryFallback=true)
check whether external account and authentication method matches with a user
Definition: class.ilObjUser.php:3909
ilUtil\generatePasswords
static generatePasswords($a_number)
Generate a number of passwords.
Definition: class.ilUtil.php:3661
nusoap_client
[nu]soapclient higher level class for easy usage.
Definition: nusoap.php:7072
$valid
$valid
Definition: dummy_client.php:52
$new_user
$new_user
Definition: dummy_client.php:24
$GLOBALS
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
Definition: module.tag.xmp.php:702
$ilSetting
global $ilSetting
Definition: privfeed.php:17
$lng
$lng
Definition: save_question_post_data.php:23