ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
class.ilAuthContainerECS.php
Go to the documentation of this file.
1<?php
2/*
3 +-----------------------------------------------------------------------------+
4 | ILIAS open source |
5 +-----------------------------------------------------------------------------+
6 | Copyright (c) 1998-2006 ILIAS open source, University of Cologne |
7 | |
8 | This program is free software; you can redistribute it and/or |
9 | modify it under the terms of the GNU General Public License |
10 | as published by the Free Software Foundation; either version 2 |
11 | of the License, or (at your option) any later version. |
12 | |
13 | This program is distributed in the hope that it will be useful, |
14 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | GNU General Public License for more details. |
17 | |
18 | You should have received a copy of the GNU General Public License |
19 | along with this program; if not, write to the Free Software |
20 | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21 +-----------------------------------------------------------------------------+
22*/
23
24include_once('Auth/Container.php');
25
35{
36 protected $mid = null;
37 protected $abreviation = null;
38
39 protected $currentServer = null;
40 protected $servers = null;
41
42 protected $log;
43
51 public function __construct($a_params = array())
52 {
53 parent::__construct($a_params);
54
55 $this->initECSServices();
56
57 $this->log = $GLOBALS['DIC']['ilLog'];
58 }
59
67 public function getAbreviation()
68 {
69 return $this->abreviation;
70 }
71
77 public function getMID()
78 {
79 return $this->mid;
80 }
81
82 public function setMID($a_mid)
83 {
84 $this->mid = $a_mid;
85 }
86
91 public function setCurrentServer(ilECSSetting $server = null)
92 {
93 $this->currentServer = $server;
94 }
95
100 public function getCurrentServer()
101 {
103 }
104
109 public function getServerSettings()
110 {
111 return $this->servers;
112 }
113
119 public function fetchData($a_username, $a_pass)
120 {
121 global $DIC;
122
123 $ilLog = $DIC['ilLog'];
124
125 $ilLog->write(__METHOD__ . ': Starting ECS authentication.');
126
127 if (!$this->getServerSettings()->activeServerExists()) {
128 $GLOBALS['DIC']['ilLog']->write(__METHOD__ . ': no active ecs server found. Aborting');
129 return false;
130 }
131
132 // Iterate through all active ecs instances
133 include_once './Services/WebServices/ECS/classes/class.ilECSServerSettings.php';
134 foreach ($this->getServerSettings()->getServers() as $server) {
135 $this->setCurrentServer($server);
136 if ($this->validateHash()) {
137 return true;
138 }
139 }
140 $GLOBALS['DIC']['ilLog']->write(__METHOD__ . ': Could not validate ecs hash for any server');
141 return false;
142 }
143
144
153 public function validateHash()
154 {
155 global $DIC;
156
157 $ilLog = $DIC['ilLog'];
158
159 // fetch hash
160 if (isset($_GET['ecs_hash']) and strlen($_GET['ecs_hash'])) {
161 $hash = $_GET['ecs_hash'];
162 }
163 if (isset($_GET['ecs_hash_url'])) {
164 $hashurl = urldecode($_GET['ecs_hash_url']);
165 $hash = basename(parse_url($hashurl, PHP_URL_PATH));
166 //$hash = urldecode($_GET['ecs_hash_url']);
167 }
168
169 $GLOBALS['DIC']['ilLog']->write(__METHOD__ . ': Using ecs hash ' . $hash);
170
171 // Check if hash is valid ...
172 try {
173 include_once('./Services/WebServices/ECS/classes/class.ilECSConnector.php');
174 $connector = new ilECSConnector($this->getCurrentServer());
175 $res = $connector->getAuth($hash);
176 $auths = $res->getResult();
177
178 $GLOBALS['DIC']['ilLog']->write(__METHOD__ . ': Auths: ' . print_r($auths, true));
179
180 if ($auths->pid) {
181 try {
182 include_once './Services/WebServices/ECS/classes/class.ilECSCommunityReader.php';
184 $part = $reader->getParticipantByMID($auths->pid);
185
186 if (is_object($part) and is_object($part->getOrganisation())) {
187 $this->abreviation = $part->getOrganisation()->getAbbreviation();
188 } else {
189 $this->abreviation = $auths->abbr;
190 }
191 } catch (Exception $e) {
192 $ilLog->write(__METHOD__ . ': Authentication failed with message: ' . $e->getMessage());
193 return false;
194 }
195 } else {
196 $this->abreviation = $auths->abbr;
197 }
198
199 $ilLog->write(__METHOD__ . ': Got abr: ' . $this->abreviation);
200 } catch (ilECSConnectorException $e) {
201 $ilLog->write(__METHOD__ . ': Authentication failed with message: ' . $e->getMessage());
202 return false;
203 }
204
205 // read current mid
206 try {
207 include_once('./Services/WebServices/ECS/classes/class.ilECSConnector.php');
208 $connector = new ilECSConnector($this->getCurrentServer());
209 $details = $connector->getAuth($hash, true);
210
211 $GLOBALS['DIC']['ilLog']->write(__METHOD__ . ': ' . print_r($details, true));
212 $GLOBALS['DIC']['ilLog']->write(__METHOD__ . ': Token created for mid ' . $details->getFirstSender());
213
214 $this->setMID($details->getFirstSender());
215 } catch (ilECSConnectorException $e) {
216 $ilLog->write(__METHOD__ . ': Receiving mid failed with message: ' . $e->getMessage());
217 return false;
218 }
219 return true;
220 }
221
227 public function loginObserver($a_username, $a_auth)
228 {
229 include_once('./Services/WebServices/ECS/classes/class.ilECSUser.php');
230
231 $user = new ilECSUser($_GET);
232
233 if (!$usr_id = ilObject::_lookupObjIdByImportId($user->getImportId())) {
234 $username = $this->createUser($user);
235 } else {
236 $username = $this->updateUser($user, $usr_id);
237 }
238
239 // set user imported
240 include_once './Services/WebServices/ECS/classes/class.ilECSImport.php';
241 $import = new ilECSImport($this->getCurrentServer()->getServerId(), $usr_id);
242 $import->save();
243
244 // Store remote user data
245 include_once './Services/WebServices/ECS/classes/class.ilECSRemoteUser.php';
246 $remote = new ilECSRemoteUser();
247 $remote->setServerId($this->getCurrentServer()->getServerId());
248 $remote->setMid($this->getMID());
249 $remote->setRemoteUserId($user->getImportId());
250 $remote->setUserId(ilObjUser::_lookupId($username));
251
252 $GLOBALS['DIC']['ilLog']->write(__METHOD__ . ': Current username ' . $username);
253
254 if (!$remote->exists()) {
255 $remote->create();
256 }
257
258 $a_auth->setAuth($username);
259 $this->log->write(__METHOD__ . ': Login succesesful');
260 return true;
261 }
262
268 public function failedLoginObserver()
269 {
270 $this->log->write(__METHOD__ . ': Login failed');
271 return false;
272 }
273
274
275
281 protected function createUser(ilECSUser $user)
282 {
283 global $DIC;
284
285 $ilClientIniFile = $DIC['ilClientIniFile'];
286 $ilSetting = $DIC['ilSetting'];
287 $rbacadmin = $DIC['rbacadmin'];
288 $ilLog = $DIC['ilLog'];
289
290 $userObj = new ilObjUser();
291 $userObj->setOwner(SYSTEM_USER_ID);
292
293 include_once('./Services/Authentication/classes/class.ilAuthUtils.php');
294 $local_user = ilAuthUtils::_generateLogin($this->getAbreviation() . '_' . $user->getLogin());
295
296 $newUser["login"] = $local_user;
297 $newUser["firstname"] = $user->getFirstname();
298 $newUser["lastname"] = $user->getLastname();
299 $newUser['email'] = $user->getEmail();
300 $newUser['institution'] = $user->getInstitution();
301
302 // set "plain md5" password (= no valid password)
303 $newUser["passwd"] = "";
304 $newUser["passwd_type"] = IL_PASSWD_CRYPTED;
305
306 $newUser["auth_mode"] = "ecs";
307 $newUser["profile_incomplete"] = 0;
308
309 // system data
310 $userObj->assignData($newUser);
311 $userObj->setTitle($userObj->getFullname());
312 $userObj->setDescription($userObj->getEmail());
313
314 // set user language to system language
315 $userObj->setLanguage($ilSetting->get("language"));
316
317 // Time limit
318 $userObj->setTimeLimitOwner(7);
319 $userObj->setTimeLimitUnlimited(0);
320 $userObj->setTimeLimitFrom(time() - 5);
321 $userObj->setTimeLimitUntil(time() + $ilClientIniFile->readVariable("session", "expire"));
322
323 #$now = new ilDateTime(time(), IL_CAL_UNIX);
324 #$userObj->setAgreeDate($now->get(IL_CAL_DATETIME));
325
326 // Create user in DB
327 $userObj->setOwner(6);
328 $userObj->create();
329 $userObj->setActive(1);
330 $userObj->updateOwner();
331 $userObj->saveAsNew();
332 $userObj->writePrefs();
333
334 if ($global_role = $this->getCurrentServer()->getGlobalRole()) {
335 $rbacadmin->assignUser($this->getCurrentServer()->getGlobalRole(), $userObj->getId(), true);
336 }
337 ilObject::_writeImportId($userObj->getId(), $user->getImportId());
338
339 $ilLog->write(__METHOD__ . ': Created new remote user with usr_id: ' . $user->getImportId());
340
341 // Send Mail
342 #$this->sendNotification($userObj);
343 $this->resetMailOptions($userObj->getId());
344
345 return $userObj->getLogin();
346 }
347
353 protected function updateUser(ilECSUser $user, $a_local_user_id)
354 {
355 global $DIC;
356
357 $ilClientIniFile = $DIC['ilClientIniFile'];
358 $ilLog = $DIC['ilLog'];
359 $rbacadmin = $DIC['rbacadmin'];
360
361 $user_obj = new ilObjUser($a_local_user_id);
362 $user_obj->setFirstname($user->getFirstname());
363 $user_obj->setLastname($user->getLastname());
364 $user_obj->setEmail($user->getEmail());
365 $user_obj->setInstitution($user->getInstitution());
366 $user_obj->setActive(true);
367
368 $until = $user_obj->getTimeLimitUntil();
369
370 if ($until < (time() + $ilClientIniFile->readVariable('session', 'expire'))) {
371 $user_obj->setTimeLimitFrom(time() - 60);
372 $user_obj->setTimeLimitUntil(time() + $ilClientIniFile->readVariable("session", "expire"));
373 }
374 $user_obj->update();
375 $user_obj->refreshLogin();
376
377 if ($global_role = $this->getCurrentServer()->getGlobalRole()) {
378 $rbacadmin->assignUser(
379 $this->getCurrentServer()->getGlobalRole(),
380 $user_obj->getId(),
381 true
382 );
383 }
384
385 $this->resetMailOptions($a_local_user_id);
386
387 $ilLog->write(__METHOD__ . ': Finished update of remote user with usr_id: ' . $user->getImportId());
388 return $user_obj->getLogin();
389 }
390
395 protected function resetMailOptions($a_usr_id)
396 {
397 include_once './Services/Mail/classes/class.ilMailOptions.php';
398 $options = new ilMailOptions($a_usr_id);
399 $options->setIncomingType(ilMailOptions::INCOMING_LOCAL);
400 $options->updateOptions();
401 }
402
403
410 private function initECSServices()
411 {
412 include_once './Services/WebServices/ECS/classes/class.ilECSServerSettings.php';
413 $this->servers = ilECSServerSettings::getInstance();
414 }
415
423 private function sendNotification($user_obj)
424 {
425 if (!count($this->getCurrentServer()->getUserRecipients())) {
426 return true;
427 }
428
429 include_once('./Services/Language/classes/class.ilLanguageFactory.php');
430 include_once './Services/Language/classes/class.ilLanguage.php';
432 $GLOBALS['DIC']['lng'] = $lang;
433 $GLOBALS['DIC']['ilUser'] = $user_obj;
434 $lang->loadLanguageModule('ecs');
435
436 include_once('./Services/Mail/classes/class.ilMail.php');
437 $mail = new ilMail(6);
438 $mail->enableSoap(false);
439 $subject = $lang->txt('ecs_new_user_subject');
440
441 // build body
442 $body = $lang->txt('ecs_new_user_body') . "\n\n";
443 $body .= $lang->txt('ecs_new_user_profile') . "\n\n";
444 $body .= $user_obj->getProfileAsString($lang) . "\n\n";
446
447 $mail->sendMail(
448 $this->getCurrentServer()->getUserRecipientsAsString(),
449 "",
450 "",
451 $subject,
452 $body,
453 array(),
454 array("normal")
455 );
456 }
457}
$_GET["client_id"]
An exception for terminatinating execution or to throw for unit testing.
const IL_PASSWD_CRYPTED
Custom PEAR Auth Container for ECS auth checks.
resetMailOptions($a_usr_id)
Reset mail options to "local only".
loginObserver($a_username, $a_auth)
Called from base class after successful login.
validateHash()
Validate ECS hash.
fetchData($a_username, $a_pass)
Check for valid ecs_hash.
__construct($a_params=array())
Constructor.
getServerSettings()
Get server settings.
setCurrentServer(ilECSSetting $server=null)
Set current server.
failedLoginObserver()
Called from base class after failed login.
initECSServices()
Init ECS Services @access private.
getCurrentServer()
Get current server.
createUser(ilECSUser $user)
create new user
updateUser(ilECSUser $user, $a_local_user_id)
update existing user
sendNotification($user_obj)
Send notification.
getAbreviation()
get abbreviation
static _generateLogin($a_login)
generate free login by starting with a default string and adding postfix numbers
static getInstanceByServerId($a_server_id)
Get instance by server id.
Storage of ECS imported objects.
Storage of ecs remote user.
static getInstance()
Get singleton instance.
Stores relevant user data.
getLogin()
get login
static _getLanguage($a_lang_key='')
Get langauge object.
Class ilMailOptions this class handles user mails.
static _getAutoGeneratedMessageString(ilLanguage $lang=null)
Get auto generated info string.
static _lookupId($a_user_str)
Lookup id by login.
static _writeImportId($a_obj_id, $a_import_id)
write import id to db (static)
static _lookupObjIdByImportId($a_import_id)
for($i=1; $i<=count($kw_cases_sel); $i+=1) $lang
Definition: langwiz.php:349
$user
Definition: migrateto20.php:57
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
global $ilSetting
Definition: privfeed.php:17
$server
Definition: sabredav.php:48
global $DIC
Definition: saml.php:7
foreach($_POST as $key=> $value) $res