ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
Public Member Functions
sspmod_authYubiKey_Auth_Process_OTP2YubiPrefix Class Reference

A processing filter to replace the 'otp' attribute with an attribute 'yubiPrefix' that contains the static YubiKey prefix. More...

+ Inheritance diagram for sspmod_authYubiKey_Auth_Process_OTP2YubiPrefix:
+ Collaboration diagram for sspmod_authYubiKey_Auth_Process_OTP2YubiPrefix:

Public Member Functions

 process (&$state)
 Filter out YubiKey 'otp' attribute and replace it with a 'yubiPrefix' attribute that leaves out the dynamic part. More...
 
- Public Member Functions inherited from SimpleSAML_Auth_ProcessingFilter
 __construct (&$config, $reserved)
 Constructor for a processing filter. More...
 
 process (&$request)
 Process a request. More...
 

Additional Inherited Members

- Data Fields inherited from SimpleSAML_Auth_ProcessingFilter
 $priority = 50
 Priority of this filter. More...
 

Detailed Description

A processing filter to replace the 'otp' attribute with an attribute 'yubiPrefix' that contains the static YubiKey prefix.

Before: otp=ekhgjhbctrgnubeeklijcibbgjnbtjlffdnjbhjluvur

After: otp undefined yubiPrefix=ekhgjhbctrgn

You use it by adding it as an authentication filter in config.php: 

    'authproc.idp' => array(

... 90 => 'authYubiKey:OTP2YubiPrefix', ... );

Definition at line 45 of file OTP2YubiPrefix.php.

Member Function Documentation

◆ process()

sspmod_authYubiKey_Auth_Process_OTP2YubiPrefix::process ( $state)

Filter out YubiKey 'otp' attribute and replace it with a 'yubiPrefix' attribute that leaves out the dynamic part.

Parameters
array&$stateThe state we should update.

Definition at line 54 of file OTP2YubiPrefix.php.

References $attributes, $state, SimpleSAML\Logger\debug(), and SimpleSAML\Logger\info().

54  {
55  assert(is_array($state));
56  assert(array_key_exists('Attributes', $state));
57  $attributes = $state['Attributes'];
58 
59  SimpleSAML\Logger::debug('OTP2YubiPrefix: enter with attributes: ' . implode(',', array_keys($attributes)));
60 
61  $otps = $attributes['otp'];
62  $otp = $otps['0'];
63 
64  $token_size = 32;
65  $identity = substr ($otp, 0, strlen ($otp) - $token_size);
66 
67  $attributes['yubiPrefix'] = array($identity);
68 
69  SimpleSAML\Logger::info('OTP2YubiPrefix: otp: ' . $otp . ' identity: ' . $identity . ' (otp keys: ' . implode(',', array_keys($otps)) . ')');
70 
71  unset($attributes['otp']);
72 
73  SimpleSAML\Logger::debug('OTP2YubiPrefix: leaving with attributes: ' . implode(',', array_keys($attributes)));
74  }
SimpleSAML\Logger\debug
static debug($string)
Definition: Logger.php:211
$state
if(!array_key_exists('stateid', $_REQUEST)) $state
Handle linkback() response from LinkedIn.
Definition: linkback.php:10
SimpleSAML\Logger\info
static info($string)
Definition: Logger.php:199
$attributes
if(array_key_exists('yes', $_REQUEST)) $attributes
Definition: getconsent.php:85
+ Here is the call graph for this function:
The documentation for this class was generated from the following file: