ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
class.ilAuthUtils.php
Go to the documentation of this file.
1<?php
2
3/* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
4
5
6// define auth modes
7define("AUTH_LOCAL", 1);
8define("AUTH_LDAP", 2);
9define("AUTH_RADIUS", 3);
10define("AUTH_SCRIPT", 4);
11define("AUTH_SHIBBOLETH", 5);
12define("AUTH_CAS", 6);
13define("AUTH_SOAP", 7);
14// BEGIN WebDAV: Add support for HTTP authentication
15define("AUTH_HTTP", 8);
16// END WebDAV: Add support for HTTP authentication
17define("AUTH_ECS", 9);
18
19define("AUTH_APACHE", 11);
20define("AUTH_SAML", 12);
21
22define('AUTH_OPENID_CONNECT', 15);
23
24define("AUTH_INACTIVE", 18);
25
26define('AUTH_MULTIPLE', 20);
27
28define('AUTH_SESSION', 21);
29
30define('AUTH_PROVIDER_LTI', 22);
31
32define('AUTH_SOAP_NO_ILIAS_USER', -100);
33define('AUTH_LDAP_NO_ILIAS_USER', -200);
34define('AUTH_RADIUS_NO_ILIAS_USER', -300);
35
36// apache auhtentication failed...
37// maybe no (valid) certificate or
38// username could not be extracted
39define('AUTH_APACHE_FAILED', -500);
40define('AUTH_SAML_FAILED', -501);
41
42define('AUTH_MODE_INACTIVE', -1000);
43
44// an external user cannot be found in ilias, but his email address
45// matches one or more ILIAS users
46define('AUTH_SOAP_NO_ILIAS_USER_BUT_EMAIL', -101);
47define('AUTH_CAS_NO_ILIAS_USER', -90);
48
49// ilUser validation (no login)
50define('AUTH_USER_WRONG_IP', -600);
51define('AUTH_USER_INACTIVE', -601);
52define('AUTH_USER_TIME_LIMIT_EXCEEDED', -602);
53define('AUTH_USER_SIMULTANEOUS_LOGIN', -603);
54define('AUTH_CAPTCHA_INVALID', -604);
55
56
57include_once './Services/Authentication/classes/class.ilAuthFactory.php';
58require_once('Services/Authentication/classes/class.ilSessionControl.php');
59
60
68class ilAuthUtils
69{
70 const LOCAL_PWV_FULL = 1;
71 const LOCAL_PWV_NO = 2;
72 const LOCAL_PWV_USER = 3;
73
74
78 public static function initSession()
79 {
80 }
81
85 public static function isAuthenticationForced()
86 {
87 if (isset($_GET['ecs_hash']) or isset($_GET['ecs_hash_url'])) {
88 return true;
89 }
90 return false;
91 }
92
93 public static function handleForcedAuthentication()
94 {
95 if (isset($_GET['ecs_hash']) or isset($_GET['ecs_hash_url'])) {
96 include_once './Services/Authentication/classes/Frontend/class.ilAuthFrontendCredentials.php';
97 $credentials = new ilAuthFrontendCredentials();
98 $credentials->setUsername($_GET['ecs_login']);
99 $credentials->setAuthMode(AUTH_ECS);
100
101 include_once './Services/Authentication/classes/Provider/class.ilAuthProviderFactory.php';
102 $provider_factory = new ilAuthProviderFactory();
103 $providers = $provider_factory->getProviders($credentials);
104
105 include_once './Services/Authentication/classes/class.ilAuthStatus.php';
106 $status = ilAuthStatus::getInstance();
107
108 include_once './Services/Authentication/classes/Frontend/class.ilAuthFrontendFactory.php';
109 $frontend_factory = new ilAuthFrontendFactory();
110 $frontend_factory->setContext(ilAuthFrontendFactory::CONTEXT_STANDARD_FORM);
111 $frontend = $frontend_factory->getFrontend(
112 $GLOBALS['DIC']['ilAuthSession'],
113 $status,
114 $credentials,
115 $providers
116 );
117
118 $frontend->authenticate();
119
120 switch ($status->getStatus()) {
121 case ilAuthStatus::STATUS_AUTHENTICATED:
122 return;
123
124 case ilAuthStatus::STATUS_AUTHENTICATION_FAILED:
125 ilInitialisation::goToPublicSection();
126 return;
127 }
128 }
129 }
130
131
132
133 public static function _getAuthModeOfUser($a_username, $a_password, $a_db_handler = '')
134 {
135 global $DIC;
136
137 $ilDB = $DIC['ilDB'];
138
139 if (isset($_GET['ecs_hash']) or isset($_GET['ecs_hash_url'])) {
140 ilAuthFactory::setContext(ilAuthFactory::CONTEXT_ECS);
141 return AUTH_ECS;
142 }
143 if (isset($_POST['auth_mode'])) {
144 // begin-patch ldap_multiple
145 return $_POST['auth_mode'];
146 // end-patch ldap_multiple
147 }
148
149 include_once('./Services/Authentication/classes/class.ilAuthModeDetermination.php');
150 $det = ilAuthModeDetermination::_getInstance();
151
152 if (!$det->isManualSelection() and $det->getCountActiveAuthModes() > 1) {
153 ilLoggerFactory::getLogger('auth')->debug('Using AUTH_MULTIPLE');
154 return AUTH_MULTIPLE;
155 }
156
157
158 $db = &$ilDB;
159
160 if ($a_db_handler != '') {
161 $db = &$a_db_handler;
162 }
163
164 // Is it really necessary to check the auth mode with password ?
165 // Changed: smeyer
166 $q = "SELECT auth_mode FROM usr_data WHERE " .
167 "login = " . $ilDB->quote($a_username);
168 //"passwd = ".$ilDB->quote(md5($a_password))."";
169
170
171 $r = $db->query($q);
172 $row = $r->fetchRow(ilDBConstants::FETCHMODE_OBJECT);
173 //echo "+".$row->auth_mode."+";
174
175
176 $auth_mode = self::_getAuthMode($row->auth_mode, $db);
177
178 return in_array($auth_mode, self::_getActiveAuthModes()) ? $auth_mode : AUTH_INACTIVE;
179 }
180
181 public static function _getAuthMode($a_auth_mode, $a_db_handler = '')
182 {
183 global $DIC;
184
185 $ilDB = $DIC['ilDB'];
186 $ilSetting = $DIC['ilSetting'];
187
188 $db = &$ilDB;
189
190 if ($a_db_handler != '') {
191 $db = &$a_db_handler;
192 }
193
194 // begin-patch ldap_multiple
195 if (strpos($a_auth_mode, '_') !== false) {
196 $auth_arr = explode('_', $a_auth_mode);
197 $auth_switch = $auth_arr[0];
198 } else {
199 $auth_switch = $a_auth_mode;
200 }
201 switch ($auth_switch) {
202 case "local":
203 return AUTH_LOCAL;
204 break;
205
206 case "ldap":
207 // begin-patch ldap_multiple
208 include_once './Services/LDAP/classes/class.ilLDAPServer.php';
209 return ilLDAPServer::getKeyByAuthMode($a_auth_mode);
210 // end-patch ldap_multiple
211
212 case 'lti':
213 include_once './Services/LTI/classes/InternalProvider/class.ilAuthProviderLTI.php';
214 return ilAuthProviderLTI::getKeyByAuthMode($a_auth_mode);
215
216 case "radius":
217 return AUTH_RADIUS;
218 break;
219
220 case "script":
221 return AUTH_SCRIPT;
222 break;
223
224 case "shibboleth":
225 return AUTH_SHIBBOLETH;
226 break;
227
228 case 'oidc':
229 return AUTH_OPENID_CONNECT;
230 break;
231
232 case 'saml':
233 require_once 'Services/Saml/classes/class.ilSamlIdp.php';
234 return ilSamlIdp::getKeyByAuthMode($a_auth_mode);
235
236 case "cas":
237 return AUTH_CAS;
238 break;
239
240 case "soap":
241 return AUTH_SOAP;
242 break;
243
244 case 'ecs':
245 return AUTH_ECS;
246
247 case 'apache':
248 return AUTH_APACHE;
249
250 default:
251 return $ilSetting->get("auth_mode");
252 break;
253 }
254 }
255
256 public static function _getAuthModeName($a_auth_key)
257 {
258 global $DIC;
259
260 $ilias = $DIC['ilias'];
261
262 // begin-patch ldap_multiple
263 switch ((int) $a_auth_key) {
264 case AUTH_LOCAL:
265 return "local";
266 break;
267
268 case AUTH_LDAP:
269 // begin-patch ldap_multiple
270 include_once './Services/LDAP/classes/class.ilLDAPServer.php';
271 return ilLDAPServer::getAuthModeByKey($a_auth_key);
272 // end-patch ldap_multiple
273
274 case AUTH_PROVIDER_LTI:
275 include_once './Services/LTI/classes/InternalProvider/class.ilAuthProviderLTI.php';
276 return ilAuthProviderLTI::getAuthModeByKey($a_auth_key);
277
278 case AUTH_RADIUS:
279 return "radius";
280 break;
281
282 case AUTH_CAS:
283 return "cas";
284 break;
285
286 case AUTH_SCRIPT:
287 return "script";
288 break;
289
290 case AUTH_SHIBBOLETH:
291 return "shibboleth";
292 break;
293
294 case AUTH_SAML:
295 require_once 'Services/Saml/classes/class.ilSamlIdp.php';
296 return ilSamlIdp::getAuthModeByKey($a_auth_key);
297
298 case AUTH_SOAP:
299 return "soap";
300 break;
301
302 case AUTH_ECS:
303 return 'ecs';
304
305 case AUTH_APACHE:
306 return 'apache';
307
308 case AUTH_PROVIDER_LTI:
309 return "lti";
310 break;
311
312 case AUTH_OPENID_CONNECT:
313 return 'oidc';
314 break;
315
316 default:
317 return "default";
318 break;
319 }
320 }
321
322 public static function _getActiveAuthModes()
323 {
324 global $DIC;
325
326 $ilias = $DIC['ilias'];
327 $ilSetting = $DIC['ilSetting'];
328
329 $modes = array(
330 'default' => $ilSetting->get("auth_mode"),
331 'local' => AUTH_LOCAL
332 );
333 include_once('Services/LDAP/classes/class.ilLDAPServer.php');
334 foreach (ilLDAPServer::_getActiveServerList() as $sid) {
335 $modes['ldap_' . $sid] = (AUTH_LDAP . '_' . $sid);
336 }
337
338 include_once './Services/LTI/classes/InternalProvider/class.ilAuthProviderLTI.php';
339 foreach (ilAuthProviderLTI::getAuthModes() as $sid) {
340 $modes['lti_' . $sid] = (AUTH_PROVIDER_LTI . '_' . $sid);
341 }
342
343 if (ilOpenIdConnectSettings::getInstance()->getActive()) {
344 $modes['oidc'] = AUTH_OPENID_CONNECT;
345 }
346
347 if ($ilSetting->get("radius_active")) {
348 $modes['radius'] = AUTH_RADIUS;
349 }
350 if ($ilSetting->get("shib_active")) {
351 $modes['shibboleth'] = AUTH_SHIBBOLETH;
352 }
353 if ($ilSetting->get("script_active")) {
354 $modes['script'] = AUTH_SCRIPT;
355 }
356 if ($ilSetting->get("cas_active")) {
357 $modes['cas'] = AUTH_CAS;
358 }
359 if ($ilSetting->get("soap_auth_active")) {
360 $modes['soap'] = AUTH_SOAP;
361 }
362 if ($ilSetting->get("apache_active")) {
363 $modes['apache'] = AUTH_APACHE;
364 }
365
366 include_once './Services/WebServices/ECS/classes/class.ilECSServerSettings.php';
367 if (ilECSServerSettings::getInstance()->activeServerExists()) {
368 $modes['ecs'] = AUTH_ECS;
369 }
370
371 require_once 'Services/Saml/classes/class.ilSamlIdp.php';
372 foreach (ilSamlIdp::getActiveIdpList() as $idp) {
373 $modes['saml_' . $idp->getIdpId()] = AUTH_SAML . '_' . $idp->getIdpId();
374 }
375
376 // begin-path auth_plugin
377 foreach (self::getAuthPlugins() as $pl) {
378 foreach ($pl->getAuthIds() as $auth_id) {
379 if ($pl->isAuthActive($auth_id)) {
380 $modes[$pl->getAuthName($auth_id)] = $auth_id;
381 }
382 }
383 }
384 // end-path auth_plugin
385 return $modes;
386 }
387
388 public static function _getAllAuthModes()
389 {
390 $modes = array(
391 AUTH_LOCAL,
392 AUTH_LDAP,
393 AUTH_SHIBBOLETH,
394 AUTH_SAML,
395 AUTH_CAS,
396 AUTH_SOAP,
397 AUTH_RADIUS,
398 AUTH_ECS,
399 AUTH_PROVIDER_LTI,
400 AUTH_OPENID_CONNECT,
401 AUTH_APACHE
402 );
403 $ret = array();
404 foreach ($modes as $mode) {
405 if ($mode == AUTH_PROVIDER_LTI) {
406 include_once './Services/LTI/classes/InternalProvider/class.ilAuthProviderLTI.php';
407 foreach (ilAuthProviderLTI::getAuthModes() as $sid) {
408 $id = AUTH_PROVIDER_LTI . '_' . $sid;
409 $ret[$id] = ilAuthUtils::_getAuthModeName($id);
410 }
411 continue;
412 }
413
414 // multi ldap implementation
415 if ($mode == AUTH_LDAP) {
416 foreach (ilLDAPServer::_getServerList() as $ldap_id) {
417 $id = AUTH_LDAP . '_' . $ldap_id;
418 $ret[$id] = ilAuthUtils::_getAuthModeName($id);
419 }
420 continue;
421 } elseif ($mode == AUTH_SAML) {
422 require_once 'Services/Saml/classes/class.ilSamlIdp.php';
423 foreach (ilSamlIdp::getAllIdps() as $idp) {
424 $id = AUTH_SAML . '_' . $idp->getIdpId();
425 $ret[$id] = ilAuthUtils::_getAuthModeName($id);
426 }
427 continue;
428 }
429 $ret[$mode] = ilAuthUtils::_getAuthModeName($mode);
430 }
431 return $ret;
432 }
433
438 public static function _generateLogin($a_login)
439 {
440 global $DIC;
441
442 $ilDB = $DIC['ilDB'];
443
444 // Check if username already exists
445 $found = false;
446 $postfix = 0;
447 $c_login = $a_login;
448 while (!$found) {
449 $r = $ilDB->query("SELECT login FROM usr_data WHERE login = " .
450 $ilDB->quote($c_login));
451 if ($r->numRows() > 0) {
452 $postfix++;
453 $c_login = $a_login . $postfix;
454 } else {
455 $found = true;
456 }
457 }
458
459 return $c_login;
460 }
461
462 public static function _hasMultipleAuthenticationMethods()
463 {
464 include_once('Services/Radius/classes/class.ilRadiusSettings.php');
465
466 $rad_settings = ilRadiusSettings::_getInstance();
467 if ($rad_settings->isActive()) {
468 return true;
469 }
470 include_once('Services/LDAP/classes/class.ilLDAPServer.php');
471
472 if (count(ilLDAPServer::_getActiveServerList())) {
473 return true;
474 }
475
476 global $DIC;
477
478 $ilSetting = $DIC['ilSetting'];
479
480 if ($ilSetting->get('apache_active')) {
481 return true;
482 }
483
484 // begin-patch auth_plugin
485 foreach (ilAuthUtils::getAuthPlugins() as $pl) {
486 foreach ($pl->getAuthIds() as $auth_id) {
487 if ($pl->getMultipleAuthModeOptions($auth_id)) {
488 return true;
489 }
490 }
491 }
492 // end-patch auth_plugin
493
494
495 return false;
496 }
497
498 public static function _getMultipleAuthModeOptions($lng)
499 {
500 global $DIC;
501
502 $ilSetting = $DIC['ilSetting'];
503
504 // in the moment only ldap is activated as additional authentication method
505 include_once('Services/LDAP/classes/class.ilLDAPServer.php');
506
507 $options[AUTH_LOCAL]['txt'] = $lng->txt('authenticate_ilias');
508
509
510 // begin-patch ldap_multiple
511 foreach (ilLDAPServer::_getActiveServerList() as $sid) {
512 $server = ilLDAPServer::getInstanceByServerId($sid);
513 $options[AUTH_LDAP . '_' . $sid]['txt'] = $server->getName();
514 }
515 // end-patch ldap_multiple
516
517 include_once('Services/Radius/classes/class.ilRadiusSettings.php');
518 $rad_settings = ilRadiusSettings::_getInstance();
519 if ($rad_settings->isActive()) {
520 $options[AUTH_RADIUS]['txt'] = $rad_settings->getName();
521 }
522
523 if ($ilSetting->get('apache_active')) {
524 global $DIC;
525
526 $lng = $DIC['lng'];
527 $apache_settings = new ilSetting('apache_auth');
528 $options[AUTH_APACHE]['txt'] = $apache_settings->get('name', $lng->txt('apache_auth'));
529 $options[AUTH_APACHE]['hide_in_ui'] = true;
530 }
531
532 if ($ilSetting->get('auth_mode', AUTH_LOCAL) == AUTH_LDAP) {
533 $default = AUTH_LDAP;
534 } elseif ($ilSetting->get('auth_mode', AUTH_LOCAL) == AUTH_RADIUS) {
535 $default = AUTH_RADIUS;
536 } else {
537 $default = AUTH_LOCAL;
538 }
539
540 $default = $ilSetting->get('default_auth_mode', $default);
541 $default = (int) $_REQUEST['auth_mode'] ? (int) $_REQUEST['auth_mode'] : $default;
542
543
544 // begin-patch auth_plugin
545 $pls = ilAuthUtils::getAuthPlugins();
546 foreach ($pls as $pl) {
547 $auths = $pl->getAuthIds();
548 foreach ($auths as $auth_id) {
549 $pl_auth_option = $pl->getMultipleAuthModeOptions($auth_id);
550 if ($pl_auth_option) {
551 $options = $options + $pl_auth_option;
552 }
553 }
554 }
555 // end-patch auth_plugins
556
557 if (array_key_exists($default, $options)) {
558 $options[$default]['checked'] = true;
559 }
560
561 return $options ? $options : array();
562 }
563
573 public static function _isExternalAccountEnabled()
574 {
575 global $DIC;
576
577 $ilSetting = $DIC['ilSetting'];
578
579 if ($ilSetting->get("cas_active")) {
580 return true;
581 }
582 if ($ilSetting->get("soap_auth_active")) {
583 return true;
584 }
585 if ($ilSetting->get("shib_active")) {
586 return true;
587 }
588 if ($ilSetting->get('radius_active')) {
589 return true;
590 }
591 include_once('Services/LDAP/classes/class.ilLDAPServer.php');
592 if (count(ilLDAPServer::_getActiveServerList())) {
593 return true;
594 }
595
596 include_once './Services/LTI/classes/InternalProvider/class.ilAuthProviderLTI.php';
597 if (count(ilAuthProviderLTI::getActiveAuthModes())) {
598 return true;
599 }
600
601 require_once 'Services/Saml/classes/class.ilSamlIdp.php';
602 if (count(ilSamlIdp::getActiveIdpList()) > 0) {
603 return true;
604 }
605
606 if (ilOpenIdConnectSettings::getInstance()->getActive()) {
607 return true;
608 }
609
610 // begin-path auth_plugin
611 foreach (self::getAuthPlugins() as $pl) {
612 foreach ($pl->getAuthIds() as $auth_id) {
613 if ($pl->isAuthActive($auth_id) and $pl->isExternalAccountNameRequired($auth_id)) {
614 return true;
615 }
616 }
617 }
618 // end-path auth_plugin
619
620 return false;
621 }
622
631 public static function _allowPasswordModificationByAuthMode($a_auth_mode)
632 {
633 switch ((int) $a_auth_mode) {
634 case AUTH_LDAP:
635 case AUTH_RADIUS:
636 case AUTH_ECS:
637 case AUTH_PROVIDER_LTI:
638 case AUTH_OPENID_CONNECT:
639 return false;
640 default:
641 return true;
642 }
643 }
644
653 public static function _needsExternalAccountByAuthMode($a_auth_mode)
654 {
655 switch ($a_auth_mode) {
656 case AUTH_LOCAL:
657 case AUTH_APACHE:
658 return false;
659 default:
660 return true;
661 }
662 }
663
667 public static function isPasswordModificationHidden()
668 {
670 global $DIC;
671
672 $ilSetting = $DIC['ilSetting'];
673
674 if ($ilSetting->get('usr_settings_hide_password') || $ilSetting->get('usr_settings_disable_password')) {
675 return true;
676 }
677
678 return false;
679 }
680
686 public static function isLocalPasswordEnabledForAuthMode($a_authmode)
687 {
688 global $DIC;
689
690 $ilSetting = $DIC->settings();
691
692 switch ((int) $a_authmode) {
693 // always enabled
694 case AUTH_LOCAL:
695 case AUTH_APACHE:
696 return true;
697
698 // No local passwords for these auth modes
699 case AUTH_LDAP:
700 case AUTH_RADIUS:
701 case AUTH_ECS:
702 case AUTH_SCRIPT:
703 case AUTH_PROVIDER_LTI:
704 case AUTH_OPENID_CONNECT:
705 return false;
706
707 case AUTH_SAML:
708 require_once 'Services/Saml/classes/class.ilSamlIdp.php';
709 $idp = ilSamlIdp::getInstanceByIdpId(ilSamlIdp::getIdpIdByAuthMode($a_authmode));
710 return $idp->isActive() && $idp->allowLocalAuthentication();
711
712 case AUTH_SHIBBOLETH:
713 return $ilSetting->get("shib_auth_allow_local");
714 case AUTH_SOAP:
715 return $ilSetting->get("soap_auth_allow_local");
716 case AUTH_CAS:
717 return $ilSetting->get("cas_allow_local");
718
719 }
720 return false;
721 }
722
723
724
730 public static function isPasswordModificationEnabled($a_authmode)
731 {
732 global $DIC;
733
734 $ilSetting = $DIC['ilSetting'];
735
736 if (self::isPasswordModificationHidden()) {
737 return false;
738 }
739
740 // begin-patch ldap_multiple
741 // cast to int
742 switch ((int) $a_authmode) {
743 // No local passwords for these auth modes
744 case AUTH_LDAP:
745 case AUTH_RADIUS:
746 case AUTH_ECS:
747 case AUTH_SCRIPT:
748 case AUTH_PROVIDER_LTI:
749 case AUTH_OPENID_CONNECT:
750 return false;
751
752 case AUTH_SAML:
753 require_once 'Services/Saml/classes/class.ilSamlIdp.php';
754 $idp = ilSamlIdp::getInstanceByIdpId(ilSamlIdp::getIdpIdByAuthMode($a_authmode));
755 return $idp->isActive() && $idp->allowLocalAuthentication();
756
757 // Always for and local
758 case AUTH_LOCAL:
759 case AUTH_APACHE:
760 return true;
761
762 // Read setting:
763 case AUTH_SHIBBOLETH:
764 return $ilSetting->get("shib_auth_allow_local");
765 case AUTH_SOAP:
766 return $ilSetting->get("soap_auth_allow_local");
767 case AUTH_CAS:
768 return $ilSetting->get("cas_allow_local");
769 }
770 }
771
777 public static function supportsLocalPasswordValidation($a_authmode)
778 {
779 // begin-patch ldap_multiple
780 // cast to int
781 switch ((int) $a_authmode) {
782 case AUTH_LDAP:
783 case AUTH_LOCAL:
784 case AUTH_RADIUS:
785 return ilAuthUtils::LOCAL_PWV_FULL;
786
787 case AUTH_SHIBBOLETH:
788 case AUTH_OPENID_CONNECT:
789 case AUTH_SAML:
790 case AUTH_SOAP:
791 case AUTH_CAS:
792 if (!ilAuthUtils::isPasswordModificationEnabled($a_authmode)) {
793 return ilAuthUtils::LOCAL_PWV_NO;
794 }
795 return ilAuthUtils::LOCAL_PWV_USER;
796
797 case AUTH_PROVIDER_LTI:
798 case AUTH_ECS:
799 case AUTH_SCRIPT:
800 case AUTH_APACHE:
801 default:
802 return ilAuthUtils::LOCAL_PWV_USER;
803 }
804 }
805
806 // begin-patch auth_plugin
811 public static function getAuthPlugins()
812 {
813 $pls = $GLOBALS['DIC']['ilPluginAdmin']->getActivePluginsForSlot(
814 IL_COMP_SERVICE,
815 'Authentication',
816 'authhk'
817 );
818 $pl_objs = array();
819 foreach ($pls as $pl) {
820 $pl_objs[] = $GLOBALS['DIC']['ilPluginAdmin']->getPluginObject(
821 IL_COMP_SERVICE,
822 'Authentication',
823 'authhk',
824 $pl
825 );
826 }
827 return $pl_objs;
828 }
829 // end-patch auth_plugins
830
835 public static function getAuthModeTranslation($a_auth_key, $auth_name = '')
836 {
837 global $DIC;
838
839 $lng = $DIC['lng'];
840
841 switch ((int) $a_auth_key) {
842 case AUTH_LDAP:
843 include_once './Services/LDAP/classes/class.ilLDAPServer.php';
844 $sid = ilLDAPServer::getServerIdByAuthMode($a_auth_key);
845 $server = ilLDAPServer::getInstanceByServerId($sid);
846 return $server->getName();
847
848 case AUTH_PROVIDER_LTI:
849 include_once './Services/LTI/classes/InternalProvider/class.ilAuthProviderLTI.php';
850 $sid = ilAuthProviderLTI::getServerIdByAuthMode($a_auth_key);
851 return ilAuthProviderLTI::lookupConsumer($sid);
852
853
854 case AUTH_SAML:
855 require_once 'Services/Saml/classes/class.ilSamlIdp.php';
856 $idp_id = ilSamlIdp::getIdpIdByAuthMode($a_auth_key);
857 $idp = ilSamlIdp::getInstanceByIdpId($idp_id);
858 return $idp->getEntityId();
859
860 default:
861 $lng->loadLanguageModule('auth');
862 if (!empty($auth_name)) {
863 return $lng->txt('auth_' . $auth_name);
864 } else {
865 return $lng->txt('auth_' . self::_getAuthModeName($a_auth_key));
866 }
867 }
868 }
869}
$default
$default
Definition: build.php:20
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
php
An exception for terminatinating execution or to throw for unit testing.
AUTH_SHIBBOLETH
const AUTH_SHIBBOLETH
Definition: class.ilAuthUtils.php:11
AUTH_APACHE
const AUTH_APACHE
Definition: class.ilAuthUtils.php:19
AUTH_OPENID_CONNECT
const AUTH_OPENID_CONNECT
Definition: class.ilAuthUtils.php:22
AUTH_ECS
const AUTH_ECS
Definition: class.ilAuthUtils.php:17
AUTH_SAML
const AUTH_SAML
Definition: class.ilAuthUtils.php:20
AUTH_LDAP
const AUTH_LDAP
Definition: class.ilAuthUtils.php:8
AUTH_MULTIPLE
const AUTH_MULTIPLE
Definition: class.ilAuthUtils.php:26
AUTH_LOCAL
const AUTH_LOCAL
Definition: class.ilAuthUtils.php:7
AUTH_SCRIPT
const AUTH_SCRIPT
Definition: class.ilAuthUtils.php:10
AUTH_RADIUS
const AUTH_RADIUS
Definition: class.ilAuthUtils.php:9
AUTH_CAS
const AUTH_CAS
Definition: class.ilAuthUtils.php:12
AUTH_INACTIVE
const AUTH_INACTIVE
Definition: class.ilAuthUtils.php:24
AUTH_PROVIDER_LTI
const AUTH_PROVIDER_LTI
Definition: class.ilAuthUtils.php:30
AUTH_SOAP
const AUTH_SOAP
Definition: class.ilAuthUtils.php:13
IL_COMP_SERVICE
const IL_COMP_SERVICE
Definition: class.ilComponent.php:6
ilAuthFactory\setContext
static setContext($a_context)
set context
Definition: class.ilAuthFactory.php:95
ilAuthFrontendFactory
Factory for auth frontend classes.
Definition: class.ilAuthFrontendFactory.php:12
ilAuthProviderLTI\getActiveAuthModes
static getActiveAuthModes()
get all active authmode server ids
Definition: class.ilAuthProviderLTI.php:393
ilAuthProviderLTI\getKeyByAuthMode
static getKeyByAuthMode($a_auth_mode)
Get auth id by auth mode.
Definition: class.ilAuthProviderLTI.php:380
ilAuthProviderLTI\lookupConsumer
static lookupConsumer($a_sid)
Lookup consumer title.
Definition: class.ilAuthProviderLTI.php:428
ilAuthProviderLTI\getServerIdByAuthMode
static getServerIdByAuthMode($a_auth_mode)
Get auth id by auth mode.
Definition: class.ilAuthProviderLTI.php:442
ilAuthProviderLTI\getAuthModeByKey
static getAuthModeByKey($a_auth_key)
Get auth mode by key.
Definition: class.ilAuthProviderLTI.php:366
ilAuthStatus\getInstance
static getInstance()
Get status instance.
Definition: class.ilAuthStatus.php:42
ilAuthStatus\STATUS_AUTHENTICATION_FAILED
const STATUS_AUTHENTICATION_FAILED
Definition: class.ilAuthStatus.php:19
ilAuthUtils
static utility functions used to manage authentication modes
Definition: class.ilAuthUtils.php:69
ilAuthUtils\getAuthModeTranslation
static getAuthModeTranslation($a_auth_key, $auth_name='')
Definition: class.ilAuthUtils.php:835
ilAuthUtils\_allowPasswordModificationByAuthMode
static _allowPasswordModificationByAuthMode($a_auth_mode)
Allow password modification.
Definition: class.ilAuthUtils.php:631
ilAuthUtils\isAuthenticationForced
static isAuthenticationForced()
Check if authentication is should be forced.
Definition: class.ilAuthUtils.php:85
ilAuthUtils\_getAuthMode
static _getAuthMode($a_auth_mode, $a_db_handler='')
Definition: class.ilAuthUtils.php:181
ilAuthUtils\_getActiveAuthModes
static _getActiveAuthModes()
Definition: class.ilAuthUtils.php:322
ilAuthUtils\initSession
static initSession()
Initialize session.
Definition: class.ilAuthUtils.php:78
ilAuthUtils\supportsLocalPasswordValidation
static supportsLocalPasswordValidation($a_authmode)
Check if local password validation is supported.
Definition: class.ilAuthUtils.php:777
ilAuthUtils\isLocalPasswordEnabledForAuthMode
static isLocalPasswordEnabledForAuthMode($a_authmode)
Check if local password validation is enabled for a specific auth_mode.
Definition: class.ilAuthUtils.php:686
ilAuthUtils\_getAuthModeOfUser
static _getAuthModeOfUser($a_username, $a_password, $a_db_handler='')
Definition: class.ilAuthUtils.php:133
ilAuthUtils\_getMultipleAuthModeOptions
static _getMultipleAuthModeOptions($lng)
Definition: class.ilAuthUtils.php:498
ilAuthUtils\_isExternalAccountEnabled
static _isExternalAccountEnabled()
Check if an external account name is required.
Definition: class.ilAuthUtils.php:573
ilAuthUtils\getAuthPlugins
static getAuthPlugins()
Get active enabled auth plugins.
Definition: class.ilAuthUtils.php:811
ilAuthUtils\_hasMultipleAuthenticationMethods
static _hasMultipleAuthenticationMethods()
Definition: class.ilAuthUtils.php:462
ilAuthUtils\isPasswordModificationEnabled
static isPasswordModificationEnabled($a_authmode)
Check if password modification is enabled.
Definition: class.ilAuthUtils.php:730
ilAuthUtils\_generateLogin
static _generateLogin($a_login)
generate free login by starting with a default string and adding postfix numbers
Definition: class.ilAuthUtils.php:438
ilAuthUtils\_needsExternalAccountByAuthMode
static _needsExternalAccountByAuthMode($a_auth_mode)
Check if chosen auth mode needs an external account entry.
Definition: class.ilAuthUtils.php:653
ilAuthUtils\handleForcedAuthentication
static handleForcedAuthentication()
Definition: class.ilAuthUtils.php:93
ilAuthUtils\_getAllAuthModes
static _getAllAuthModes()
Definition: class.ilAuthUtils.php:388
ilAuthUtils\_getAuthModeName
static _getAuthModeName($a_auth_key)
Definition: class.ilAuthUtils.php:256
ilECSServerSettings\getInstance
static getInstance()
Get singleton instance.
Definition: class.ilECSServerSettings.php:54
ilInitialisation\goToPublicSection
static goToPublicSection()
go to public section
Definition: class.ilInitialisation.php:782
ilLDAPServer\getServerIdByAuthMode
static getServerIdByAuthMode($a_auth_mode)
Get auth id by auth mode.
Definition: class.ilLDAPServer.php:400
ilLDAPServer\_getServerList
static _getServerList()
Get list of all configured servers.
Definition: class.ilLDAPServer.php:206
ilLDAPServer\getInstanceByServerId
static getInstanceByServerId($a_server_id)
Get instance by server id.
Definition: class.ilLDAPServer.php:62
ilLDAPServer\_getActiveServerList
static _getActiveServerList()
Get active server list.
Definition: class.ilLDAPServer.php:109
ilLDAPServer\getAuthModeByKey
static getAuthModeByKey($a_auth_key)
get auth mode by key
Definition: class.ilLDAPServer.php:413
ilLDAPServer\getKeyByAuthMode
static getKeyByAuthMode($a_auth_mode)
Get auth id by auth mode.
Definition: class.ilLDAPServer.php:427
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:74
ilOpenIdConnectSettings\getInstance
static getInstance()
Get singleton instance.
Definition: class.ilOpenIdConnectSettings.php:146
ilRadiusSettings\_getInstance
static _getInstance()
singleton get instance
Definition: class.ilRadiusSettings.php:74
ilSamlIdp\getKeyByAuthMode
static getKeyByAuthMode($a_auth_mode)
Definition: class.ilSamlIdp.php:322
ilSamlIdp\getActiveIdpList
static getActiveIdpList()
Definition: class.ilSamlIdp.php:271
ilSamlIdp\getInstanceByIdpId
static getInstanceByIdpId($a_idp_id)
Definition: class.ilSamlIdp.php:102
ilSamlIdp\getIdpIdByAuthMode
static getIdpIdByAuthMode($a_auth_mode)
Definition: class.ilSamlIdp.php:243
ilSamlIdp\getAuthModeByKey
static getAuthModeByKey($a_auth_key)
Definition: class.ilSamlIdp.php:308
ilSamlIdp\getAllIdps
static getAllIdps()
Definition: class.ilSamlIdp.php:287
ilSetting
ILIAS Setting Class.
Definition: class.ilSetting.php:33
$r
$r
Definition: example_031.php:79
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14
$row
$row
Definition: migrateto20.php:360
$GLOBALS
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
Definition: module.tag.xmp.php:702
$ret
$ret
Definition: parser.php:6
$ilSetting
global $ilSetting
Definition: privfeed.php:17
$idp
$idp
Definition: prp.php:13
$server
$server
Definition: sabredav.php:48
$DIC
global $DIC
Definition: saml.php:7
$lng
$lng
Definition: save_question_post_data.php:23
$ilDB
global $ilDB
Definition: storeScorm2004.php:19