ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
Public Member Functions | Static Public Member Functions | Protected Attributes | Static Protected Attributes | Private Member Functions | Static Private Attributes
ilSamlIdp Class Reference

Class ilSamlIdp. More...

+ Collaboration diagram for ilSamlIdp:

Public Member Functions

 __construct ($a_idp_id=0)
 
 persist ()
 
 delete ()
 Deletes an idp with all relvant mapping rules. More...
 
 toArray ()
 
 bindDbRecord (array $record)
 
 getEntityId ()
 
 setEntityId ($entity_id)
 
 isActive ()
 
 setActive ($is_active)
 
 getIdpId ()
 
 setIdpId ($idp_id)
 
 allowLocalAuthentication ()
 
 setLocalLocalAuthenticationStatus ($status)
 
 getDefaultRoleId ()
 
 setDefaultRoleId ($role_id)
 
 setUidClaim ($claim)
 
 getUidClaim ()
 
 setLoginClaim ($claim)
 
 getLoginClaim ()
 
 isSynchronizationEnabled ()
 
 setSynchronizationStatus ($sync)
 
 isAccountMigrationEnabled ()
 
 setAccountMigrationStatus ($status)
 

Static Public Member Functions

static getFirstActiveIdp ()
 
static getInstanceByIdpId ($a_idp_id)
 
static isAuthModeSaml ($a_auth_mode)
 
static getIdpIdByAuthMode ($a_auth_mode)
 
static geIdpIdByEntityId ($entityId)
 
static getActiveIdpList ()
 
static getAllIdps ()
 
static getAuthModeByKey ($a_auth_key)
 
static getKeyByAuthMode ($a_auth_mode)
 

Protected Attributes

 $db
 
 $idp_id
 
 $is_active = false
 
 $allow_local_auth = false
 
 $default_role_id = false
 
 $uid_claim = ''
 
 $login_claim = ''
 
 $sync_status = false
 
 $entity_id = ''
 
 $account_migration_status = false
 

Static Protected Attributes

static $idp_as_data = array()
 

Private Member Functions

 read ()
 

Static Private Attributes

static $instances = array()
 

Detailed Description

Class ilSamlIdp.

Author
Michael Jansen mjans.nosp@m.en@d.nosp@m.ataba.nosp@m.y.de

Definition at line 8 of file class.ilSamlIdp.php.

Constructor & Destructor Documentation

◆ __construct()

ilSamlIdp::__construct (   $a_idp_id = 0)
Parameters
int$a_idp_id

Definition at line 73 of file class.ilSamlIdp.php.

74 {
75 $this->db = $GLOBALS['DIC']->database();
76 $this->idp_id = $a_idp_id;
77
78 if ($this->idp_id > 0) {
79 $this->read();
80 }
81 }
$GLOBALS
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
Definition: module.tag.xmp.php:702

References $GLOBALS, and read().

+ Here is the call graph for this function:

Member Function Documentation

◆ allowLocalAuthentication()

ilSamlIdp::allowLocalAuthentication ( )
Returns
boolean

Definition at line 383 of file class.ilSamlIdp.php.

384 {
385 return (bool) $this->allow_local_auth;
386 }

References $allow_local_auth.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ bindDbRecord()

ilSamlIdp::bindDbRecord ( array  $record)
Parameters
array$record

Definition at line 192 of file class.ilSamlIdp.php.

193 {
194 $this->setIdpId((int) $record['idp_id']);
195 $this->setActive((bool) $record['is_active']);
196 $this->setDefaultRoleId((int) $record['default_role_id']);
197 $this->setUidClaim($record['uid_claim']);
198 $this->setLoginClaim($record['login_claim']);
199 $this->setSynchronizationStatus((bool) $record['sync_status']);
200 $this->setAccountMigrationStatus((bool) $record['account_migr_status']);
201 $this->setLocalLocalAuthenticationStatus((bool) $record['allow_local_auth']);
202 $this->setEntityId($record['entity_id']);
203 }
ilSamlIdp\setActive
setActive($is_active)
Definition: class.ilSamlIdp.php:359
ilSamlIdp\setIdpId
setIdpId($idp_id)
Definition: class.ilSamlIdp.php:375
ilSamlIdp\setLoginClaim
setLoginClaim($claim)
Definition: class.ilSamlIdp.php:431
ilSamlIdp\setDefaultRoleId
setDefaultRoleId($role_id)
Definition: class.ilSamlIdp.php:407
ilSamlIdp\setSynchronizationStatus
setSynchronizationStatus($sync)
Definition: class.ilSamlIdp.php:455
ilSamlIdp\setAccountMigrationStatus
setAccountMigrationStatus($status)
Definition: class.ilSamlIdp.php:471
ilSamlIdp\setLocalLocalAuthenticationStatus
setLocalLocalAuthenticationStatus($status)
Definition: class.ilSamlIdp.php:391
ilSamlIdp\setEntityId
setEntityId($entity_id)
Definition: class.ilSamlIdp.php:343
ilSamlIdp\setUidClaim
setUidClaim($claim)
Definition: class.ilSamlIdp.php:415

References setAccountMigrationStatus(), setActive(), setDefaultRoleId(), setEntityId(), setIdpId(), setLocalLocalAuthenticationStatus(), setLoginClaim(), setSynchronizationStatus(), and setUidClaim().

Referenced by read().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ delete()

ilSamlIdp::delete ( )

Deletes an idp with all relvant mapping rules.

Furthermore the auth_mode of the relevant user accounts will be switched to 'default'

Definition at line 156 of file class.ilSamlIdp.php.

157 {
158 require_once 'Services/Authentication/classes/External/UserAttributeMapping/class.ilExternalAuthUserAttributeMapping.php';
159 $mapping = new ilExternalAuthUserAttributeMapping('saml', $this->getIdpId());
160 $mapping->delete();
161
162 $this->db->manipulateF(
163 'UPDATE usr_data SET auth_mode = %s WHERE auth_mode = %s',
164 array('text', 'text'),
165 array('default', AUTH_SAML . '_' . $this->getIdpId())
166 );
167
168 $this->db->manipulate('DELETE FROM saml_idp_settings WHERE idp_id = ' . $this->db->quote($this->getIdpId(), 'integer'));
169 }
AUTH_SAML
const AUTH_SAML
Definition: class.ilAuthUtils.php:20

References AUTH_SAML, and getIdpId().

+ Here is the call graph for this function:

◆ geIdpIdByEntityId()

static ilSamlIdp::geIdpIdByEntityId (   $entityId)
static
Parameters
string$entityId
Returns
int

Definition at line 257 of file class.ilSamlIdp.php.

258 {
259 foreach (self::getAllIdps() as $idp) {
260 if ($idp->isActive() && $idp->getEntityId() === $entityId) {
261 return $idp->getIdpId();
262 }
263 }
264
265 return 0;
266 }
$entityId
if( $source===null) if(!($source instanceof sspmod_saml_Auth_Source_SP)) $entityId
Definition: metadata.php:22
$idp
$idp
Definition: prp.php:13

References $entityId, and $idp.

Referenced by ilStartUpGUI\doSamlAuthentication().

+ Here is the caller graph for this function:

◆ getActiveIdpList()

static ilSamlIdp::getActiveIdpList ( )
static
Returns
self[]

Definition at line 271 of file class.ilSamlIdp.php.

272 {
273 $idps = array();
274
275 foreach (self::getAllIdps() as $idp) {
276 if ($idp->isActive()) {
277 $idps[] = $idp;
278 }
279 }
280
281 return $idps;
282 }

References $idp.

Referenced by ilAuthUtils\_getActiveAuthModes(), ilAuthUtils\_isExternalAccountEnabled(), ilStartUpGUI\doSamlAuthentication(), getFirstActiveIdp(), ilUserImportParser\importBeginTag(), ilStartUpGUI\showSamlLoginForm(), and ilUserImportParser\verifyBeginTag().

+ Here is the caller graph for this function:

◆ getAllIdps()

static ilSamlIdp::getAllIdps ( )
static
Returns
self[]

Definition at line 287 of file class.ilSamlIdp.php.

288 {
289 global $DIC;
290
291 $res = $DIC->database()->query('SELECT * FROM saml_idp_settings');
292
293 $idps = array();
294 while ($row = $DIC->database()->fetchAssoc($res)) {
295 $idp = new self();
296 $idp->bindDbRecord($row);
297
298 $idps[] = $idp;
299 }
300
301 return $idps;
302 }
$row
$row
Definition: migrateto20.php:360
$DIC
global $DIC
Definition: saml.php:7
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15

References $DIC, $idp, $res, and $row.

Referenced by ilAuthUtils\_getAllAuthModes(), and ilSamlIdpTableGUI\getItems().

+ Here is the caller graph for this function:

◆ getAuthModeByKey()

static ilSamlIdp::getAuthModeByKey (   $a_auth_key)
static
Parameters
string$a_auth_key
Returns
string

Definition at line 308 of file class.ilSamlIdp.php.

309 {
310 $auth_arr = explode('_', $a_auth_key);
311 if (count((array) $auth_arr) > 1) {
312 return 'saml_' . $auth_arr[1];
313 }
314
315 return 'saml';
316 }

Referenced by ilAuthUtils\_getAuthModeName().

+ Here is the caller graph for this function:

◆ getDefaultRoleId()

ilSamlIdp::getDefaultRoleId ( )
Returns
int

Definition at line 399 of file class.ilSamlIdp.php.

400 {
401 return (int) $this->default_role_id;
402 }

References $default_role_id.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ getEntityId()

ilSamlIdp::getEntityId ( )
Returns
string

Definition at line 335 of file class.ilSamlIdp.php.

336 {
337 return $this->entity_id;
338 }

References $entity_id.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ getFirstActiveIdp()

static ilSamlIdp::getFirstActiveIdp ( )
static
Returns
self
Exceptions

ilSamlException

Definition at line 87 of file class.ilSamlIdp.php.

88 {
89 $idps = self::getActiveIdpList();
90 if (count($idps) > 0) {
91 return current($idps);
92 }
93
94 require_once 'Services/Saml/exceptions/class.ilSamlException.php';
95 throw new \ilSamlException('No active SAML IDP found');
96 }
ilSamlIdp\getActiveIdpList
static getActiveIdpList()
Definition: class.ilSamlIdp.php:271

References getActiveIdpList().

Referenced by ilAuthProviderSaml\__construct().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getIdpId()

ilSamlIdp::getIdpId ( )
Returns
int

Definition at line 367 of file class.ilSamlIdp.php.

368 {
369 return (int) $this->idp_id;
370 }

References $idp_id.

Referenced by delete(), persist(), read(), and toArray().

+ Here is the caller graph for this function:

◆ getIdpIdByAuthMode()

static ilSamlIdp::getIdpIdByAuthMode (   $a_auth_mode)
static
Parameters
string$a_auth_mode
Returns
null|int

Definition at line 243 of file class.ilSamlIdp.php.

244 {
245 if (self::isAuthModeSaml($a_auth_mode)) {
246 $auth_arr = explode('_', $a_auth_mode);
247 return $auth_arr[1];
248 }
249
250 return null;
251 }

Referenced by ilObjAuthSettingsGUI\authSettingsObject(), ilAuthUtils\getAuthModeTranslation(), ilAuthProviderFactory\getProviderByAuthMode(), ilAuthUtils\isLocalPasswordEnabledForAuthMode(), and ilAuthUtils\isPasswordModificationEnabled().

+ Here is the caller graph for this function:

◆ getInstanceByIdpId()

static ilSamlIdp::getInstanceByIdpId (   $a_idp_id)
static
Parameters
int$a_idp_id
Returns
self

Definition at line 102 of file class.ilSamlIdp.php.

103 {
104 if (!isset(self::$instances[$a_idp_id]) || !(self::$instances[$a_idp_id] instanceof self)) {
105 self::$instances[$a_idp_id] = new self($a_idp_id);
106 }
107
108 return self::$instances[$a_idp_id];
109 }

Referenced by ilAuthProviderSaml\__construct(), ilObjAuthSettingsGUI\authSettingsObject(), ilAuthUtils\getAuthModeTranslation(), ilSamlSettingsGUI\initIdp(), ilAuthUtils\isLocalPasswordEnabledForAuthMode(), and ilAuthUtils\isPasswordModificationEnabled().

+ Here is the caller graph for this function:

◆ getKeyByAuthMode()

static ilSamlIdp::getKeyByAuthMode (   $a_auth_mode)
static
Parameters
string$a_auth_mode
Returns
int|string

Definition at line 322 of file class.ilSamlIdp.php.

323 {
324 $auth_arr = explode('_', $a_auth_mode);
325 if (count((array) $auth_arr) > 1) {
326 return AUTH_SAML . '_' . $auth_arr[1];
327 }
328
329 return AUTH_SAML;
330 }

References AUTH_SAML.

Referenced by ilAuthUtils\_getAuthMode().

+ Here is the caller graph for this function:

◆ getLoginClaim()

ilSamlIdp::getLoginClaim ( )
Returns
string

Definition at line 439 of file class.ilSamlIdp.php.

440 {
441 return $this->login_claim;
442 }

References $login_claim.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ getUidClaim()

ilSamlIdp::getUidClaim ( )
Returns
string

Definition at line 423 of file class.ilSamlIdp.php.

424 {
425 return $this->uid_claim;
426 }

References $uid_claim.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ isAccountMigrationEnabled()

ilSamlIdp::isAccountMigrationEnabled ( )
Returns
boolean

Definition at line 463 of file class.ilSamlIdp.php.

464 {
465 return (bool) $this->account_migration_status;
466 }

References $account_migration_status.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ isActive()

ilSamlIdp::isActive ( )
Returns
boolean

Definition at line 351 of file class.ilSamlIdp.php.

352 {
353 return (bool) $this->is_active;
354 }

References $is_active.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ isAuthModeSaml()

static ilSamlIdp::isAuthModeSaml (   $a_auth_mode)
static
Parameters
string$a_auth_mode
Returns
bool

Definition at line 228 of file class.ilSamlIdp.php.

229 {
230 if (!$a_auth_mode) {
231 $GLOBALS['DIC']->logger()->auth()->write(__METHOD__ . ': No auth mode given..............');
232 return false;
233 }
234
235 $auth_arr = explode('_', $a_auth_mode);
236 return count($auth_arr) == 2 && $auth_arr[0] == AUTH_SAML && strlen($auth_arr[1]);
237 }

References $GLOBALS, and AUTH_SAML.

Referenced by ilObjAuthSettingsGUI\authSettingsObject().

+ Here is the caller graph for this function:

◆ isSynchronizationEnabled()

ilSamlIdp::isSynchronizationEnabled ( )
Returns
boolean

Definition at line 447 of file class.ilSamlIdp.php.

448 {
449 return (bool) $this->sync_status;
450 }

References $sync_status.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ persist()

ilSamlIdp::persist ( )

Definition at line 129 of file class.ilSamlIdp.php.

130 {
131 if (!$this->getIdpId()) {
132 $this->setIdpId((int) $this->db->nextId('saml_idp_settings'));
133 }
134
135 $this->db->replace(
136 'saml_idp_settings',
137 array(
138 'idp_id' => array('integer', $this->getIdpId())
139 ),
140 array(
141 'is_active' => array('integer', $this->isActive()),
142 'default_role_id' => array('integer', $this->getDefaultRoleId()),
143 'uid_claim' => array('text', $this->getUidClaim()),
144 'login_claim' => array('text', $this->getLoginClaim()),
145 'entity_id' => array('text', $this->getEntityId()),
146 'sync_status' => array('integer', $this->isSynchronizationEnabled()),
147 'allow_local_auth' => array('integer', $this->allowLocalAuthentication()),
148 'account_migr_status' => array('integer', $this->isAccountMigrationEnabled())
149 )
150 );
151 }
ilSamlIdp\isAccountMigrationEnabled
isAccountMigrationEnabled()
Definition: class.ilSamlIdp.php:463
ilSamlIdp\isSynchronizationEnabled
isSynchronizationEnabled()
Definition: class.ilSamlIdp.php:447
ilSamlIdp\allowLocalAuthentication
allowLocalAuthentication()
Definition: class.ilSamlIdp.php:383

References allowLocalAuthentication(), getDefaultRoleId(), getEntityId(), getIdpId(), getLoginClaim(), getUidClaim(), isAccountMigrationEnabled(), isActive(), isSynchronizationEnabled(), and setIdpId().

+ Here is the call graph for this function:

◆ read()

ilSamlIdp::read ( )
private
Exceptions
ilException

Definition at line 114 of file class.ilSamlIdp.php.

115 {
116 $query = 'SELECT * FROM saml_idp_settings WHERE idp_id = ' . $this->db->quote($this->getIdpId(), 'integer');
117 $res = $this->db->query($query);
118 while ($record = $this->db->fetchAssoc($res)) {
119 $this->bindDbRecord($record);
120 return;
121 }
122
123 throw new \ilException('Could not find idp');
124 }
ilSamlIdp\bindDbRecord
bindDbRecord(array $record)
Definition: class.ilSamlIdp.php:192
$query
$query
Definition: proxy_ylocal.php:13

References $query, $res, bindDbRecord(), and getIdpId().

Referenced by __construct().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ setAccountMigrationStatus()

ilSamlIdp::setAccountMigrationStatus (   $status)
Parameters
boolean$status

Definition at line 471 of file class.ilSamlIdp.php.

472 {
473 $this->account_migration_status = (int) $status;
474 }

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ setActive()

ilSamlIdp::setActive (   $is_active)
Parameters
boolean$is_active

Definition at line 359 of file class.ilSamlIdp.php.

360 {
361 $this->is_active = (bool) $is_active;
362 }

References $is_active.

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ setDefaultRoleId()

ilSamlIdp::setDefaultRoleId (   $role_id)
Parameters
int$role_id

Definition at line 407 of file class.ilSamlIdp.php.

408 {
409 $this->default_role_id = (int) $role_id;
410 }

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ setEntityId()

ilSamlIdp::setEntityId (   $entity_id)
Parameters
string$entity_id

Definition at line 343 of file class.ilSamlIdp.php.

344 {
345 $this->entity_id = $entity_id;
346 }

References $entity_id.

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ setIdpId()

ilSamlIdp::setIdpId (   $idp_id)
Parameters
int$idp_id

Definition at line 375 of file class.ilSamlIdp.php.

376 {
377 $this->idp_id = (int) $idp_id;
378 }

References $idp_id.

Referenced by bindDbRecord(), and persist().

+ Here is the caller graph for this function:

◆ setLocalLocalAuthenticationStatus()

ilSamlIdp::setLocalLocalAuthenticationStatus (   $status)
Parameters
$statusboolean

Definition at line 391 of file class.ilSamlIdp.php.

392 {
393 $this->allow_local_auth = (bool) $status;
394 }

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ setLoginClaim()

ilSamlIdp::setLoginClaim (   $claim)
Parameters
$claimstring

Definition at line 431 of file class.ilSamlIdp.php.

432 {
433 $this->login_claim = $claim;
434 }

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ setSynchronizationStatus()

ilSamlIdp::setSynchronizationStatus (   $sync)
Parameters
boolean$sync

Definition at line 455 of file class.ilSamlIdp.php.

456 {
457 $this->sync_status = (bool) $sync;
458 }
$sync
$sync
Definition: memcacheSync.php:62

References $sync.

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ setUidClaim()

ilSamlIdp::setUidClaim (   $claim)
Parameters
$claimstring

Definition at line 415 of file class.ilSamlIdp.php.

416 {
417 $this->uid_claim = $claim;
418 }

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ toArray()

ilSamlIdp::toArray ( )
Returns
array

Definition at line 174 of file class.ilSamlIdp.php.

175 {
176 return array(
177 'idp_id' => $this->getIdpId(),
178 'is_active' => $this->isActive(),
179 'default_role_id' => $this->getDefaultRoleId(),
180 'uid_claim' => $this->getUidClaim(),
181 'login_claim' => $this->getLoginClaim(),
182 'sync_status' => $this->isSynchronizationEnabled(),
183 'account_migr_status' => $this->isAccountMigrationEnabled(),
184 'allow_local_auth' => $this->allowLocalAuthentication(),
185 'entity_id' => $this->getEntityId()
186 );
187 }

References allowLocalAuthentication(), getDefaultRoleId(), getEntityId(), getIdpId(), getLoginClaim(), getUidClaim(), isAccountMigrationEnabled(), isActive(), and isSynchronizationEnabled().

+ Here is the call graph for this function:

Field Documentation

◆ $account_migration_status

ilSamlIdp::$account_migration_status = false
protected

Definition at line 63 of file class.ilSamlIdp.php.

Referenced by isAccountMigrationEnabled().

◆ $allow_local_auth

ilSamlIdp::$allow_local_auth = false
protected

Definition at line 33 of file class.ilSamlIdp.php.

Referenced by allowLocalAuthentication().

◆ $db

ilSamlIdp::$db
protected

Definition at line 13 of file class.ilSamlIdp.php.

◆ $default_role_id

ilSamlIdp::$default_role_id = false
protected

Definition at line 38 of file class.ilSamlIdp.php.

Referenced by getDefaultRoleId().

◆ $entity_id

ilSamlIdp::$entity_id = ''
protected

Definition at line 58 of file class.ilSamlIdp.php.

Referenced by getEntityId(), and setEntityId().

◆ $idp_as_data

ilSamlIdp::$idp_as_data = array()
staticprotected

Definition at line 68 of file class.ilSamlIdp.php.

◆ $idp_id

ilSamlIdp::$idp_id
protected

Definition at line 23 of file class.ilSamlIdp.php.

Referenced by getIdpId(), and setIdpId().

◆ $instances

ilSamlIdp::$instances = array()
staticprivate

Definition at line 18 of file class.ilSamlIdp.php.

◆ $is_active

ilSamlIdp::$is_active = false
protected

Definition at line 28 of file class.ilSamlIdp.php.

Referenced by isActive(), and setActive().

◆ $login_claim

ilSamlIdp::$login_claim = ''
protected

Definition at line 48 of file class.ilSamlIdp.php.

Referenced by getLoginClaim().

◆ $sync_status

ilSamlIdp::$sync_status = false
protected

Definition at line 53 of file class.ilSamlIdp.php.

Referenced by isSynchronizationEnabled().

◆ $uid_claim

ilSamlIdp::$uid_claim = ''
protected

Definition at line 43 of file class.ilSamlIdp.php.

Referenced by getUidClaim().

The documentation for this class was generated from the following file: