ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
class.ilAuthUtils.php
Go to the documentation of this file.
1 <?php
2 
3 /* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
4 
5 
6 // define auth modes
7 define("AUTH_LOCAL", 1);
8 define("AUTH_LDAP", 2);
9 define("AUTH_RADIUS", 3);
10 define("AUTH_SCRIPT", 4);
11 define("AUTH_SHIBBOLETH", 5);
12 define("AUTH_CAS", 6);
13 define("AUTH_SOAP", 7);
14 // BEGIN WebDAV: Add support for HTTP authentication
15 define("AUTH_HTTP", 8);
16 // END WebDAV: Add support for HTTP authentication
17 define("AUTH_ECS", 9);
18 
19 define("AUTH_APACHE", 11);
20 define("AUTH_SAML", 12);
21 
22 define('AUTH_OPENID_CONNECT', 15);
23 
24 define("AUTH_INACTIVE", 18);
25 
26 define('AUTH_MULTIPLE', 20);
27 
28 define('AUTH_SESSION', 21);
29 
30 define('AUTH_PROVIDER_LTI', 22);
31 
32 define('AUTH_SOAP_NO_ILIAS_USER', -100);
33 define('AUTH_LDAP_NO_ILIAS_USER', -200);
34 define('AUTH_RADIUS_NO_ILIAS_USER', -300);
35 
36 // apache auhtentication failed...
37 // maybe no (valid) certificate or
38 // username could not be extracted
39 define('AUTH_APACHE_FAILED', -500);
40 define('AUTH_SAML_FAILED', -501);
41 
42 define('AUTH_MODE_INACTIVE', -1000);
43 
44 // an external user cannot be found in ilias, but his email address
45 // matches one or more ILIAS users
46 define('AUTH_SOAP_NO_ILIAS_USER_BUT_EMAIL', -101);
47 define('AUTH_CAS_NO_ILIAS_USER', -90);
48 
49 // ilUser validation (no login)
50 define('AUTH_USER_WRONG_IP', -600);
51 define('AUTH_USER_INACTIVE', -601);
52 define('AUTH_USER_TIME_LIMIT_EXCEEDED', -602);
53 define('AUTH_USER_SIMULTANEOUS_LOGIN', -603);
54 define('AUTH_CAPTCHA_INVALID', -604);
55 
56 
57 include_once './Services/Authentication/classes/class.ilAuthFactory.php';
58 require_once('Services/Authentication/classes/class.ilSessionControl.php');
59 
60 
68 class ilAuthUtils
69 {
70  const LOCAL_PWV_FULL = 1;
71  const LOCAL_PWV_NO = 2;
72  const LOCAL_PWV_USER = 3;
73 
74 
78  public static function initSession()
79  {
80  }
81 
85  public static function isAuthenticationForced()
86  {
87  if (isset($_GET['ecs_hash']) or isset($_GET['ecs_hash_url'])) {
88  return true;
89  }
90  return false;
91  }
92 
93  public static function handleForcedAuthentication()
94  {
95  if (isset($_GET['ecs_hash']) or isset($_GET['ecs_hash_url'])) {
96  include_once './Services/Authentication/classes/Frontend/class.ilAuthFrontendCredentials.php';
97  $credentials = new ilAuthFrontendCredentials();
98  $credentials->setUsername($_GET['ecs_login']);
99  $credentials->setAuthMode(AUTH_ECS);
100 
101  include_once './Services/Authentication/classes/Provider/class.ilAuthProviderFactory.php';
102  $provider_factory = new ilAuthProviderFactory();
103  $providers = $provider_factory->getProviders($credentials);
104 
105  include_once './Services/Authentication/classes/class.ilAuthStatus.php';
106  $status = ilAuthStatus::getInstance();
107 
108  include_once './Services/Authentication/classes/Frontend/class.ilAuthFrontendFactory.php';
109  $frontend_factory = new ilAuthFrontendFactory();
110  $frontend_factory->setContext(ilAuthFrontendFactory::CONTEXT_STANDARD_FORM);
111  $frontend = $frontend_factory->getFrontend(
112  $GLOBALS['DIC']['ilAuthSession'],
113  $status,
114  $credentials,
115  $providers
116  );
117 
118  $frontend->authenticate();
119 
120  switch ($status->getStatus()) {
121  case ilAuthStatus::STATUS_AUTHENTICATED:
122  return;
123 
124  case ilAuthStatus::STATUS_AUTHENTICATION_FAILED:
125  ilInitialisation::goToPublicSection();
126  return;
127  }
128  }
129  }
130 
131 
132 
133  public static function _getAuthModeOfUser($a_username, $a_password, $a_db_handler = '')
134  {
135  global $DIC;
136 
137  $ilDB = $DIC['ilDB'];
138 
139  if (isset($_GET['ecs_hash']) or isset($_GET['ecs_hash_url'])) {
140  ilAuthFactory::setContext(ilAuthFactory::CONTEXT_ECS);
141  return AUTH_ECS;
142  }
143  if (isset($_POST['auth_mode'])) {
144  // begin-patch ldap_multiple
145  return $_POST['auth_mode'];
146  // end-patch ldap_multiple
147  }
148 
149  include_once('./Services/Authentication/classes/class.ilAuthModeDetermination.php');
150  $det = ilAuthModeDetermination::_getInstance();
151 
152  if (!$det->isManualSelection() and $det->getCountActiveAuthModes() > 1) {
153  ilLoggerFactory::getLogger('auth')->debug('Using AUTH_MULTIPLE');
154  return AUTH_MULTIPLE;
155  }
156 
157 
158  $db = &$ilDB;
159 
160  if ($a_db_handler != '') {
161  $db = &$a_db_handler;
162  }
163 
164  // Is it really necessary to check the auth mode with password ?
165  // Changed: smeyer
166  $q = "SELECT auth_mode FROM usr_data WHERE " .
167  "login = " . $ilDB->quote($a_username);
168  //"passwd = ".$ilDB->quote(md5($a_password))."";
169 
170 
171  $r = $db->query($q);
172  $row = $r->fetchRow(ilDBConstants::FETCHMODE_OBJECT);
173  //echo "+".$row->auth_mode."+";
174 
175 
176  $auth_mode = self::_getAuthMode($row->auth_mode, $db);
177 
178  return in_array($auth_mode, self::_getActiveAuthModes()) ? $auth_mode : AUTH_INACTIVE;
179  }
180 
181  public static function _getAuthMode($a_auth_mode, $a_db_handler = '')
182  {
183  global $DIC;
184 
185  $ilDB = $DIC['ilDB'];
186  $ilSetting = $DIC['ilSetting'];
187 
188  $db = &$ilDB;
189 
190  if ($a_db_handler != '') {
191  $db = &$a_db_handler;
192  }
193 
194  // begin-patch ldap_multiple
195  if (strpos($a_auth_mode, '_') !== false) {
196  $auth_arr = explode('_', $a_auth_mode);
197  $auth_switch = $auth_arr[0];
198  } else {
199  $auth_switch = $a_auth_mode;
200  }
201  switch ($auth_switch) {
202  case "local":
203  return AUTH_LOCAL;
204  break;
205 
206  case "ldap":
207  // begin-patch ldap_multiple
208  include_once './Services/LDAP/classes/class.ilLDAPServer.php';
209  return ilLDAPServer::getKeyByAuthMode($a_auth_mode);
210  // end-patch ldap_multiple
211 
212  case 'lti':
213  include_once './Services/LTI/classes/InternalProvider/class.ilAuthProviderLTI.php';
214  return ilAuthProviderLTI::getKeyByAuthMode($a_auth_mode);
215 
216  case "radius":
217  return AUTH_RADIUS;
218  break;
219 
220  case "script":
221  return AUTH_SCRIPT;
222  break;
223 
224  case "shibboleth":
225  return AUTH_SHIBBOLETH;
226  break;
227 
228  case 'oidc':
229  return AUTH_OPENID_CONNECT;
230  break;
231 
232  case 'saml':
233  require_once 'Services/Saml/classes/class.ilSamlIdp.php';
234  return ilSamlIdp::getKeyByAuthMode($a_auth_mode);
235 
236  case "cas":
237  return AUTH_CAS;
238  break;
239 
240  case "soap":
241  return AUTH_SOAP;
242  break;
243 
244  case 'ecs':
245  return AUTH_ECS;
246 
247  case 'apache':
248  return AUTH_APACHE;
249 
250  default:
251  return $ilSetting->get("auth_mode");
252  break;
253  }
254  }
255 
256  public static function _getAuthModeName($a_auth_key)
257  {
258  global $DIC;
259 
260  $ilias = $DIC['ilias'];
261 
262  // begin-patch ldap_multiple
263  switch ((int) $a_auth_key) {
264  case AUTH_LOCAL:
265  return "local";
266  break;
267 
268  case AUTH_LDAP:
269  // begin-patch ldap_multiple
270  include_once './Services/LDAP/classes/class.ilLDAPServer.php';
271  return ilLDAPServer::getAuthModeByKey($a_auth_key);
272  // end-patch ldap_multiple
273 
274  case AUTH_PROVIDER_LTI:
275  include_once './Services/LTI/classes/InternalProvider/class.ilAuthProviderLTI.php';
276  return ilAuthProviderLTI::getAuthModeByKey($a_auth_key);
277 
278  case AUTH_RADIUS:
279  return "radius";
280  break;
281 
282  case AUTH_CAS:
283  return "cas";
284  break;
285 
286  case AUTH_SCRIPT:
287  return "script";
288  break;
289 
290  case AUTH_SHIBBOLETH:
291  return "shibboleth";
292  break;
293 
294  case AUTH_SAML:
295  require_once 'Services/Saml/classes/class.ilSamlIdp.php';
296  return ilSamlIdp::getAuthModeByKey($a_auth_key);
297 
298  case AUTH_SOAP:
299  return "soap";
300  break;
301 
302  case AUTH_ECS:
303  return 'ecs';
304 
305  case AUTH_APACHE:
306  return 'apache';
307 
308  case AUTH_PROVIDER_LTI:
309  return "lti";
310  break;
311 
312  case AUTH_OPENID_CONNECT:
313  return 'oidc';
314  break;
315 
316  default:
317  return "default";
318  break;
319  }
320  }
321 
322  public static function _getActiveAuthModes()
323  {
324  global $DIC;
325 
326  $ilias = $DIC['ilias'];
327  $ilSetting = $DIC['ilSetting'];
328 
329  $modes = array(
330  'default' => $ilSetting->get("auth_mode"),
331  'local' => AUTH_LOCAL
332  );
333  include_once('Services/LDAP/classes/class.ilLDAPServer.php');
334  foreach (ilLDAPServer::_getActiveServerList() as $sid) {
335  $modes['ldap_' . $sid] = (AUTH_LDAP . '_' . $sid);
336  }
337 
338  include_once './Services/LTI/classes/InternalProvider/class.ilAuthProviderLTI.php';
339  foreach (ilAuthProviderLTI::getAuthModes() as $sid) {
340  $modes['lti_' . $sid] = (AUTH_PROVIDER_LTI . '_' . $sid);
341  }
342 
343  if (ilOpenIdConnectSettings::getInstance()->getActive()) {
344  $modes['oidc'] = AUTH_OPENID_CONNECT;
345  }
346 
347  if ($ilSetting->get("radius_active")) {
348  $modes['radius'] = AUTH_RADIUS;
349  }
350  if ($ilSetting->get("shib_active")) {
351  $modes['shibboleth'] = AUTH_SHIBBOLETH;
352  }
353  if ($ilSetting->get("script_active")) {
354  $modes['script'] = AUTH_SCRIPT;
355  }
356  if ($ilSetting->get("cas_active")) {
357  $modes['cas'] = AUTH_CAS;
358  }
359  if ($ilSetting->get("soap_auth_active")) {
360  $modes['soap'] = AUTH_SOAP;
361  }
362  if ($ilSetting->get("apache_active")) {
363  $modes['apache'] = AUTH_APACHE;
364  }
365 
366  include_once './Services/WebServices/ECS/classes/class.ilECSServerSettings.php';
367  if (ilECSServerSettings::getInstance()->activeServerExists()) {
368  $modes['ecs'] = AUTH_ECS;
369  }
370 
371  require_once 'Services/Saml/classes/class.ilSamlIdp.php';
372  foreach (ilSamlIdp::getActiveIdpList() as $idp) {
373  $modes['saml_' . $idp->getIdpId()] = AUTH_SAML . '_' . $idp->getIdpId();
374  }
375 
376  // begin-path auth_plugin
377  foreach (self::getAuthPlugins() as $pl) {
378  foreach ($pl->getAuthIds() as $auth_id) {
379  if ($pl->isAuthActive($auth_id)) {
380  $modes[$pl->getAuthName($auth_id)] = $auth_id;
381  }
382  }
383  }
384  // end-path auth_plugin
385  return $modes;
386  }
387 
388  public static function _getAllAuthModes()
389  {
390  $modes = array(
391  AUTH_LOCAL,
392  AUTH_LDAP,
393  AUTH_SHIBBOLETH,
394  AUTH_SAML,
395  AUTH_CAS,
396  AUTH_SOAP,
397  AUTH_RADIUS,
398  AUTH_ECS,
399  AUTH_PROVIDER_LTI,
400  AUTH_OPENID_CONNECT,
401  AUTH_APACHE
402  );
403  $ret = array();
404  foreach ($modes as $mode) {
405  if ($mode == AUTH_PROVIDER_LTI) {
406  include_once './Services/LTI/classes/InternalProvider/class.ilAuthProviderLTI.php';
407  foreach (ilAuthProviderLTI::getAuthModes() as $sid) {
408  $id = AUTH_PROVIDER_LTI . '_' . $sid;
409  $ret[$id] = ilAuthUtils::_getAuthModeName($id);
410  }
411  continue;
412  }
413 
414  // multi ldap implementation
415  if ($mode == AUTH_LDAP) {
416  foreach (ilLDAPServer::_getServerList() as $ldap_id) {
417  $id = AUTH_LDAP . '_' . $ldap_id;
418  $ret[$id] = ilAuthUtils::_getAuthModeName($id);
419  }
420  continue;
421  } elseif ($mode == AUTH_SAML) {
422  require_once 'Services/Saml/classes/class.ilSamlIdp.php';
423  foreach (ilSamlIdp::getAllIdps() as $idp) {
424  $id = AUTH_SAML . '_' . $idp->getIdpId();
425  $ret[$id] = ilAuthUtils::_getAuthModeName($id);
426  }
427  continue;
428  }
429  $ret[$mode] = ilAuthUtils::_getAuthModeName($mode);
430  }
431  return $ret;
432  }
433 
438  public static function _generateLogin($a_login)
439  {
440  global $DIC;
441 
442  $ilDB = $DIC['ilDB'];
443 
444  // Check if username already exists
445  $found = false;
446  $postfix = 0;
447  $c_login = $a_login;
448  while (!$found) {
449  $r = $ilDB->query("SELECT login FROM usr_data WHERE login = " .
450  $ilDB->quote($c_login));
451  if ($r->numRows() > 0) {
452  $postfix++;
453  $c_login = $a_login . $postfix;
454  } else {
455  $found = true;
456  }
457  }
458 
459  return $c_login;
460  }
461 
462  public static function _hasMultipleAuthenticationMethods()
463  {
464  include_once('Services/Radius/classes/class.ilRadiusSettings.php');
465 
466  $rad_settings = ilRadiusSettings::_getInstance();
467  if ($rad_settings->isActive()) {
468  return true;
469  }
470  include_once('Services/LDAP/classes/class.ilLDAPServer.php');
471 
472  if (count(ilLDAPServer::_getActiveServerList())) {
473  return true;
474  }
475 
476  global $DIC;
477 
478  $ilSetting = $DIC['ilSetting'];
479 
480  if ($ilSetting->get('apache_active')) {
481  return true;
482  }
483 
484  // begin-patch auth_plugin
485  foreach (ilAuthUtils::getAuthPlugins() as $pl) {
486  foreach ($pl->getAuthIds() as $auth_id) {
487  if ($pl->getMultipleAuthModeOptions($auth_id)) {
488  return true;
489  }
490  }
491  }
492  // end-patch auth_plugin
493 
494 
495  return false;
496  }
497 
498  public static function _getMultipleAuthModeOptions($lng)
499  {
500  global $DIC;
501 
502  $ilSetting = $DIC['ilSetting'];
503 
504  // in the moment only ldap is activated as additional authentication method
505  include_once('Services/LDAP/classes/class.ilLDAPServer.php');
506 
507  $options[AUTH_LOCAL]['txt'] = $lng->txt('authenticate_ilias');
508 
509 
510  // begin-patch ldap_multiple
511  foreach (ilLDAPServer::_getActiveServerList() as $sid) {
512  $server = ilLDAPServer::getInstanceByServerId($sid);
513  $options[AUTH_LDAP . '_' . $sid]['txt'] = $server->getName();
514  }
515  // end-patch ldap_multiple
516 
517  include_once('Services/Radius/classes/class.ilRadiusSettings.php');
518  $rad_settings = ilRadiusSettings::_getInstance();
519  if ($rad_settings->isActive()) {
520  $options[AUTH_RADIUS]['txt'] = $rad_settings->getName();
521  }
522 
523  if ($ilSetting->get('apache_active')) {
524  global $DIC;
525 
526  $lng = $DIC['lng'];
527  $apache_settings = new ilSetting('apache_auth');
528  $options[AUTH_APACHE]['txt'] = $apache_settings->get('name', $lng->txt('apache_auth'));
529  $options[AUTH_APACHE]['hide_in_ui'] = true;
530  }
531 
532  if ($ilSetting->get('auth_mode', AUTH_LOCAL) == AUTH_LDAP) {
533  $default = AUTH_LDAP;
534  } elseif ($ilSetting->get('auth_mode', AUTH_LOCAL) == AUTH_RADIUS) {
535  $default = AUTH_RADIUS;
536  } else {
537  $default = AUTH_LOCAL;
538  }
539 
540  $default = $ilSetting->get('default_auth_mode', $default);
541  $default = (int) $_REQUEST['auth_mode'] ? (int) $_REQUEST['auth_mode'] : $default;
542 
543 
544  // begin-patch auth_plugin
545  $pls = ilAuthUtils::getAuthPlugins();
546  foreach ($pls as $pl) {
547  $auths = $pl->getAuthIds();
548  foreach ($auths as $auth_id) {
549  $pl_auth_option = $pl->getMultipleAuthModeOptions($auth_id);
550  if ($pl_auth_option) {
551  $options = $options + $pl_auth_option;
552  }
553  }
554  }
555  // end-patch auth_plugins
556 
557  if (array_key_exists($default, $options)) {
558  $options[$default]['checked'] = true;
559  }
560 
561  return $options ? $options : array();
562  }
563 
573  public static function _isExternalAccountEnabled()
574  {
575  global $DIC;
576 
577  $ilSetting = $DIC['ilSetting'];
578 
579  if ($ilSetting->get("cas_active")) {
580  return true;
581  }
582  if ($ilSetting->get("soap_auth_active")) {
583  return true;
584  }
585  if ($ilSetting->get("shib_active")) {
586  return true;
587  }
588  if ($ilSetting->get('radius_active')) {
589  return true;
590  }
591  include_once('Services/LDAP/classes/class.ilLDAPServer.php');
592  if (count(ilLDAPServer::_getActiveServerList())) {
593  return true;
594  }
595 
596  include_once './Services/LTI/classes/InternalProvider/class.ilAuthProviderLTI.php';
597  if (count(ilAuthProviderLTI::getActiveAuthModes())) {
598  return true;
599  }
600 
601  require_once 'Services/Saml/classes/class.ilSamlIdp.php';
602  if (count(ilSamlIdp::getActiveIdpList()) > 0) {
603  return true;
604  }
605 
606  if (ilOpenIdConnectSettings::getInstance()->getActive()) {
607  return true;
608  }
609 
610  // begin-path auth_plugin
611  foreach (self::getAuthPlugins() as $pl) {
612  foreach ($pl->getAuthIds() as $auth_id) {
613  if ($pl->isAuthActive($auth_id) and $pl->isExternalAccountNameRequired($auth_id)) {
614  return true;
615  }
616  }
617  }
618  // end-path auth_plugin
619 
620  return false;
621  }
622 
631  public static function _allowPasswordModificationByAuthMode($a_auth_mode)
632  {
633  switch ((int) $a_auth_mode) {
634  case AUTH_LDAP:
635  case AUTH_RADIUS:
636  case AUTH_ECS:
637  case AUTH_PROVIDER_LTI:
638  case AUTH_OPENID_CONNECT:
639  return false;
640  default:
641  return true;
642  }
643  }
644 
653  public static function _needsExternalAccountByAuthMode($a_auth_mode)
654  {
655  switch ($a_auth_mode) {
656  case AUTH_LOCAL:
657  case AUTH_APACHE:
658  return false;
659  default:
660  return true;
661  }
662  }
663 
667  public static function isPasswordModificationHidden()
668  {
670  global $DIC;
671 
672  $ilSetting = $DIC['ilSetting'];
673 
674  if ($ilSetting->get('usr_settings_hide_password') || $ilSetting->get('usr_settings_disable_password')) {
675  return true;
676  }
677 
678  return false;
679  }
680 
686  public static function isLocalPasswordEnabledForAuthMode($a_authmode)
687  {
688  global $DIC;
689 
690  $ilSetting = $DIC->settings();
691 
692  switch ((int) $a_authmode) {
693  // always enabled
694  case AUTH_LOCAL:
695  case AUTH_APACHE:
696  return true;
697 
698  // No local passwords for these auth modes
699  case AUTH_LDAP:
700  case AUTH_RADIUS:
701  case AUTH_ECS:
702  case AUTH_SCRIPT:
703  case AUTH_PROVIDER_LTI:
704  case AUTH_OPENID_CONNECT:
705  return false;
706 
707  case AUTH_SAML:
708  require_once 'Services/Saml/classes/class.ilSamlIdp.php';
709  $idp = ilSamlIdp::getInstanceByIdpId(ilSamlIdp::getIdpIdByAuthMode($a_authmode));
710  return $idp->isActive() && $idp->allowLocalAuthentication();
711 
712  case AUTH_SHIBBOLETH:
713  return $ilSetting->get("shib_auth_allow_local");
714  case AUTH_SOAP:
715  return $ilSetting->get("soap_auth_allow_local");
716  case AUTH_CAS:
717  return $ilSetting->get("cas_allow_local");
718 
719  }
720  return false;
721  }
722 
723 
724 
730  public static function isPasswordModificationEnabled($a_authmode)
731  {
732  global $DIC;
733 
734  $ilSetting = $DIC['ilSetting'];
735 
736  if (self::isPasswordModificationHidden()) {
737  return false;
738  }
739 
740  // begin-patch ldap_multiple
741  // cast to int
742  switch ((int) $a_authmode) {
743  // No local passwords for these auth modes
744  case AUTH_LDAP:
745  case AUTH_RADIUS:
746  case AUTH_ECS:
747  case AUTH_SCRIPT:
748  case AUTH_PROVIDER_LTI:
749  case AUTH_OPENID_CONNECT:
750  return false;
751 
752  case AUTH_SAML:
753  require_once 'Services/Saml/classes/class.ilSamlIdp.php';
754  $idp = ilSamlIdp::getInstanceByIdpId(ilSamlIdp::getIdpIdByAuthMode($a_authmode));
755  return $idp->isActive() && $idp->allowLocalAuthentication();
756 
757  // Always for and local
758  case AUTH_LOCAL:
759  case AUTH_APACHE:
760  return true;
761 
762  // Read setting:
763  case AUTH_SHIBBOLETH:
764  return $ilSetting->get("shib_auth_allow_local");
765  case AUTH_SOAP:
766  return $ilSetting->get("soap_auth_allow_local");
767  case AUTH_CAS:
768  return $ilSetting->get("cas_allow_local");
769  }
770  }
771 
777  public static function supportsLocalPasswordValidation($a_authmode)
778  {
779  // begin-patch ldap_multiple
780  // cast to int
781  switch ((int) $a_authmode) {
782  case AUTH_LDAP:
783  case AUTH_LOCAL:
784  case AUTH_RADIUS:
785  return ilAuthUtils::LOCAL_PWV_FULL;
786 
787  case AUTH_SHIBBOLETH:
788  case AUTH_OPENID_CONNECT:
789  case AUTH_SAML:
790  case AUTH_SOAP:
791  case AUTH_CAS:
792  if (!ilAuthUtils::isPasswordModificationEnabled($a_authmode)) {
793  return ilAuthUtils::LOCAL_PWV_NO;
794  }
795  return ilAuthUtils::LOCAL_PWV_USER;
796 
797  case AUTH_PROVIDER_LTI:
798  case AUTH_ECS:
799  case AUTH_SCRIPT:
800  case AUTH_APACHE:
801  default:
802  return ilAuthUtils::LOCAL_PWV_USER;
803  }
804  }
805 
806  // begin-patch auth_plugin
811  public static function getAuthPlugins()
812  {
813  $pls = $GLOBALS['DIC']['ilPluginAdmin']->getActivePluginsForSlot(
814  IL_COMP_SERVICE,
815  'Authentication',
816  'authhk'
817  );
818  $pl_objs = array();
819  foreach ($pls as $pl) {
820  $pl_objs[] = $GLOBALS['DIC']['ilPluginAdmin']->getPluginObject(
821  IL_COMP_SERVICE,
822  'Authentication',
823  'authhk',
824  $pl
825  );
826  }
827  return $pl_objs;
828  }
829  // end-patch auth_plugins
830 
835  public static function getAuthModeTranslation($a_auth_key, $auth_name = '')
836  {
837  global $DIC;
838 
839  $lng = $DIC['lng'];
840 
841  switch ((int) $a_auth_key) {
842  case AUTH_LDAP:
843  include_once './Services/LDAP/classes/class.ilLDAPServer.php';
844  $sid = ilLDAPServer::getServerIdByAuthMode($a_auth_key);
845  $server = ilLDAPServer::getInstanceByServerId($sid);
846  return $server->getName();
847 
848  case AUTH_PROVIDER_LTI:
849  include_once './Services/LTI/classes/InternalProvider/class.ilAuthProviderLTI.php';
850  $sid = ilAuthProviderLTI::getServerIdByAuthMode($a_auth_key);
851  return ilAuthProviderLTI::lookupConsumer($sid);
852 
853 
854  case AUTH_SAML:
855  require_once 'Services/Saml/classes/class.ilSamlIdp.php';
856  $idp_id = ilSamlIdp::getIdpIdByAuthMode($a_auth_key);
857  $idp = ilSamlIdp::getInstanceByIdpId($idp_id);
858  return $idp->getEntityId();
859 
860  default:
861  $lng->loadLanguageModule('auth');
862  if (!empty($auth_name)) {
863  return $lng->txt('auth_' . $auth_name);
864  } else {
865  return $lng->txt('auth_' . self::_getAuthModeName($a_auth_key));
866  }
867  }
868  }
869 }
ilSamlIdp\getIdpIdByAuthMode
static getIdpIdByAuthMode($a_auth_mode)
Definition: class.ilSamlIdp.php:243
AUTH_INACTIVE
const AUTH_INACTIVE
Definition: class.ilAuthUtils.php:24
AUTH_MULTIPLE
const AUTH_MULTIPLE
Definition: class.ilAuthUtils.php:26
ilAuthUtils\_hasMultipleAuthenticationMethods
static _hasMultipleAuthenticationMethods()
Definition: class.ilAuthUtils.php:462
ilLDAPServer\_getServerList
static _getServerList()
Get list of all configured servers.
Definition: class.ilLDAPServer.php:206
ilAuthProviderLTI\getKeyByAuthMode
static getKeyByAuthMode($a_auth_mode)
Get auth id by auth mode.
Definition: class.ilAuthProviderLTI.php:380
$DIC
global $DIC
Definition: saml.php:7
ilAuthProviderLTI\getServerIdByAuthMode
static getServerIdByAuthMode($a_auth_mode)
Get auth id by auth mode.
Definition: class.ilAuthProviderLTI.php:442
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
ilAuthStatus\STATUS_AUTHENTICATION_FAILED
const STATUS_AUTHENTICATION_FAILED
Definition: class.ilAuthStatus.php:19
ilECSServerSettings\getInstance
static getInstance()
Get singleton instance.
Definition: class.ilECSServerSettings.php:54
ilLDAPServer\getAuthModeByKey
static getAuthModeByKey($a_auth_key)
get auth mode by key
Definition: class.ilLDAPServer.php:413
AUTH_LDAP
const AUTH_LDAP
Definition: class.ilAuthUtils.php:8
AUTH_OPENID_CONNECT
const AUTH_OPENID_CONNECT
Definition: class.ilAuthUtils.php:22
ilAuthUtils\initSession
static initSession()
Initialize session.
Definition: class.ilAuthUtils.php:78
ilAuthFrontendFactory
Factory for auth frontend classes.
Definition: class.ilAuthFrontendFactory.php:11
ilAuthUtils\_generateLogin
static _generateLogin($a_login)
generate free login by starting with a default string and adding postfix numbers
Definition: class.ilAuthUtils.php:438
AUTH_CAS
const AUTH_CAS
Definition: class.ilAuthUtils.php:12
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14
AUTH_SHIBBOLETH
const AUTH_SHIBBOLETH
Definition: class.ilAuthUtils.php:11
ilAuthUtils\isAuthenticationForced
static isAuthenticationForced()
Check if authentication is should be forced.
Definition: class.ilAuthUtils.php:85
ilSamlIdp\getInstanceByIdpId
static getInstanceByIdpId($a_idp_id)
Definition: class.ilSamlIdp.php:102
ilAuthProviderLTI\lookupConsumer
static lookupConsumer($a_sid)
Lookup consumer title.
Definition: class.ilAuthProviderLTI.php:428
ilInitialisation\goToPublicSection
static goToPublicSection()
go to public section
Definition: class.ilInitialisation.php:782
ilAuthUtils\supportsLocalPasswordValidation
static supportsLocalPasswordValidation($a_authmode)
Check if local password validation is supported.
Definition: class.ilAuthUtils.php:777
ilAuthUtils\_getActiveAuthModes
static _getActiveAuthModes()
Definition: class.ilAuthUtils.php:322
ilLDAPServer\_getActiveServerList
static _getActiveServerList()
Get active server list.
Definition: class.ilLDAPServer.php:109
AUTH_APACHE
const AUTH_APACHE
Definition: class.ilAuthUtils.php:19
ilAuthUtils\getAuthModeTranslation
static getAuthModeTranslation($a_auth_key, $auth_name='')
Definition: class.ilAuthUtils.php:835
ilAuthUtils\_needsExternalAccountByAuthMode
static _needsExternalAccountByAuthMode($a_auth_mode)
Check if chosen auth mode needs an external account entry.
Definition: class.ilAuthUtils.php:653
$server
$server
Definition: sabredav.php:48
AUTH_SAML
const AUTH_SAML
Definition: class.ilAuthUtils.php:20
ilAuthUtils\_getAuthMode
static _getAuthMode($a_auth_mode, $a_db_handler='')
Definition: class.ilAuthUtils.php:181
ilAuthUtils\_getAuthModeName
static _getAuthModeName($a_auth_key)
Definition: class.ilAuthUtils.php:256
ilLDAPServer\getInstanceByServerId
static getInstanceByServerId($a_server_id)
Get instance by server id.
Definition: class.ilLDAPServer.php:62
ilOpenIdConnectSettings\getInstance
static getInstance()
Get singleton instance.
Definition: class.ilOpenIdConnectSettings.php:146
ilAuthUtils\_allowPasswordModificationByAuthMode
static _allowPasswordModificationByAuthMode($a_auth_mode)
Allow password modification.
Definition: class.ilAuthUtils.php:631
ilAuthUtils
static utility functions used to manage authentication modes
Definition: class.ilAuthUtils.php:68
ilAuthUtils\getAuthPlugins
static getAuthPlugins()
Get active enabled auth plugins.
Definition: class.ilAuthUtils.php:811
ilAuthUtils\handleForcedAuthentication
static handleForcedAuthentication()
Definition: class.ilAuthUtils.php:93
ilAuthProviderLTI\getActiveAuthModes
static getActiveAuthModes()
get all active authmode server ids
Definition: class.ilAuthProviderLTI.php:393
$r
$r
Definition: example_031.php:79
$lng
$lng
Definition: save_question_post_data.php:23
AUTH_SCRIPT
const AUTH_SCRIPT
Definition: class.ilAuthUtils.php:10
ilAuthUtils\_getMultipleAuthModeOptions
static _getMultipleAuthModeOptions($lng)
Definition: class.ilAuthUtils.php:498
AUTH_ECS
const AUTH_ECS
Definition: class.ilAuthUtils.php:17
ilRadiusSettings\_getInstance
static _getInstance()
singleton get instance
Definition: class.ilRadiusSettings.php:74
ilAuthFactory\setContext
static setContext($a_context)
set context
Definition: class.ilAuthFactory.php:95
AUTH_LOCAL
const AUTH_LOCAL
Definition: class.ilAuthUtils.php:7
ilAuthUtils\_isExternalAccountEnabled
static _isExternalAccountEnabled()
Check if an external account name is required.
Definition: class.ilAuthUtils.php:573
ilSamlIdp\getAllIdps
static getAllIdps()
Definition: class.ilSamlIdp.php:287
ilLDAPServer\getServerIdByAuthMode
static getServerIdByAuthMode($a_auth_mode)
Get auth id by auth mode.
Definition: class.ilLDAPServer.php:400
$default
$default
Definition: build.php:20
$row
$row
Definition: migrateto20.php:360
AUTH_SOAP
const AUTH_SOAP
Definition: class.ilAuthUtils.php:13
ilLDAPServer\getKeyByAuthMode
static getKeyByAuthMode($a_auth_mode)
Get auth id by auth mode.
Definition: class.ilLDAPServer.php:427
ilAuthUtils\isLocalPasswordEnabledForAuthMode
static isLocalPasswordEnabledForAuthMode($a_authmode)
Check if local password validation is enabled for a specific auth_mode.
Definition: class.ilAuthUtils.php:686
ilAuthUtils\_getAllAuthModes
static _getAllAuthModes()
Definition: class.ilAuthUtils.php:388
ilAuthUtils\_getAuthModeOfUser
static _getAuthModeOfUser($a_username, $a_password, $a_db_handler='')
Definition: class.ilAuthUtils.php:133
ilAuthProviderLTI\getAuthModeByKey
static getAuthModeByKey($a_auth_key)
Get auth mode by key.
Definition: class.ilAuthProviderLTI.php:366
ilSamlIdp\getKeyByAuthMode
static getKeyByAuthMode($a_auth_mode)
Definition: class.ilSamlIdp.php:322
$idp
$idp
Definition: prp.php:13
ilSamlIdp\getAuthModeByKey
static getAuthModeByKey($a_auth_key)
Definition: class.ilSamlIdp.php:308
ilAuthStatus\getInstance
static getInstance()
Get status instance.
Definition: class.ilAuthStatus.php:42
$ilSetting
global $ilSetting
Definition: privfeed.php:17
$ilDB
global $ilDB
Definition: storeScorm2004.php:16
$ret
$ret
Definition: parser.php:6
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:74
ilSamlIdp\getActiveIdpList
static getActiveIdpList()
Definition: class.ilSamlIdp.php:271
ilAuthUtils\isPasswordModificationEnabled
static isPasswordModificationEnabled($a_authmode)
Check if password modification is enabled.
Definition: class.ilAuthUtils.php:730
AUTH_PROVIDER_LTI
const AUTH_PROVIDER_LTI
Definition: class.ilAuthUtils.php:30
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
IL_COMP_SERVICE
const IL_COMP_SERVICE
Definition: class.ilComponent.php:6
$GLOBALS
$GLOBALS['JPEG_Segment_Names']
Global Variable: XMP_tag_captions.
Definition: module.tag.xmp.php:702
AUTH_RADIUS
const AUTH_RADIUS
Definition: class.ilAuthUtils.php:9