ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
Public Member Functions | Static Public Member Functions | Data Fields | Protected Member Functions | Protected Attributes | Private Attributes
sspmod_core_Auth_UserPassBase Class Reference
+ Inheritance diagram for sspmod_core_Auth_UserPassBase:
+ Collaboration diagram for sspmod_core_Auth_UserPassBase:

Public Member Functions

 __construct ($info, &$config)
 Constructor for this authentication source. More...
 
 setForcedUsername ($forcedUsername)
 Set forced username. More...
 
 getLoginLinks ()
 Return login links from configuration. More...
 
 getRememberUsernameEnabled ()
 Getter for the authsource config option remember.username.enabled. More...
 
 getRememberUsernameChecked ()
 Getter for the authsource config option remember.username.checked. More...
 
 isRememberMeEnabled ()
 Check if the "remember me" feature is enabled. More...
 
 isRememberMeChecked ()
 Check if the "remember me" checkbox should be checked. More...
 
 authenticate (&$state)
 Initialize login. More...
 
- Public Member Functions inherited from SimpleSAML_Auth_Source
 __construct ($info, &$config)
 Constructor for an authentication source. More...
 
 getAuthId ()
 Retrieve the ID of this authentication source. More...
 
 authenticate (&$state)
 Process a request. More...
 
 reauthenticate (array &$state)
 Reauthenticate an user. More...
 
 initLogin ($return, $errorURL=null, array $params=array())
 Start authentication. More...
 
 logout (&$state)
 Log out from this authentication source. More...
 

Static Public Member Functions

static handleLogin ($authStateId, $username, $password)
 Handle login request. More...
 
- Static Public Member Functions inherited from SimpleSAML_Auth_Source
static getSourcesOfType ($type)
 Get sources of a specific type. More...
 
static completeAuth (&$state)
 Complete authentication. More...
 
static loginCompleted ($state)
 Called when a login operation has finished. More...
 
static completeLogout (&$state)
 Complete logout. More...
 
static getById ($authId, $type=null)
 Retrieve authentication source. More...
 
static logoutCallback ($state)
 Called when the authentication source receives an external logout request. More...
 
static getSources ()
 Retrieve list of authentication sources. More...
 

Data Fields

const STAGEID = 'sspmod_core_Auth_UserPassBase.state'
 The string used to identify our states. More...
 
const AUTHID = 'sspmod_core_Auth_UserPassBase.AuthId'
 The key of the AuthId field in the state. More...
 

Protected Member Functions

 login ($username, $password)
 Attempt to log in using the given username and password. More...
 
- Protected Member Functions inherited from SimpleSAML_Auth_Source
 addLogoutCallback ($assoc, $state)
 Add a logout callback association. More...
 
 callLogoutCallback ($assoc)
 Call a logout callback based on association. More...
 

Protected Attributes

 $loginLinks
 Links to pages from login page. More...
 
 $rememberUsernameEnabled = FALSE
 
 $rememberUsernameChecked = FALSE
 
 $rememberMeEnabled = FALSE
 
 $rememberMeChecked = FALSE
 
- Protected Attributes inherited from SimpleSAML_Auth_Source
 $authId
 

Private Attributes

 $forcedUsername
 Username we should force. More...
 

Additional Inherited Members

- Static Protected Member Functions inherited from SimpleSAML_Auth_Source
static validateSource ($source, $id)
 Make sure that the first element of an auth source is its identifier. More...
 

Detailed Description

Definition at line 12 of file UserPassBase.php.

Constructor & Destructor Documentation

◆ __construct()

sspmod_core_Auth_UserPassBase::__construct (   $info,
$config 
)

Constructor for this authentication source.

All subclasses who implement their own constructor must call this constructor before using $config for anything.

Parameters
array$infoInformation about this authentication source.
array&$configConfiguration for this authentication source.

Reimplemented from SimpleSAML_Auth_Source.

Definition at line 84 of file UserPassBase.php.

84 {
85 assert(is_array($info));
86 assert(is_array($config));
87
88 if (isset($config['core:loginpage_links'])) {
89 $this->loginLinks = $config['core:loginpage_links'];
90 }
91
92 // Call the parent constructor first, as required by the interface
93 parent::__construct($info, $config);
94
95 // Get the remember username config options
96 if (isset($config['remember.username.enabled'])) {
97 $this->rememberUsernameEnabled = (bool) $config['remember.username.enabled'];
98 unset($config['remember.username.enabled']);
99 }
100 if (isset($config['remember.username.checked'])) {
101 $this->rememberUsernameChecked = (bool) $config['remember.username.checked'];
102 unset($config['remember.username.checked']);
103 }
104
105 // get the "remember me" config options
106 $sspcnf = SimpleSAML_Configuration::getInstance();
107 $this->rememberMeEnabled = $sspcnf->getBoolean('session.rememberme.enable', FALSE);
108 $this->rememberMeChecked = $sspcnf->getBoolean('session.rememberme.checked', FALSE);
109 }
SimpleSAML_Configuration\getInstance
static getInstance($instancename='simplesaml')
Get a configuration file by its instance name.
Definition: Configuration.php:325
$config
$config
Definition: bootstrap.php:15
$info
$info
Definition: index.php:5

References $config, $info, and SimpleSAML_Configuration\getInstance().

+ Here is the call graph for this function:

Member Function Documentation

◆ authenticate()

sspmod_core_Auth_UserPassBase::authenticate ( $state)

Initialize login.

This function saves the information about the login, and redirects to a login page.

Parameters
array&$stateInformation about the current authentication.

Reimplemented from SimpleSAML_Auth_Source.

Definition at line 169 of file UserPassBase.php.

169 {
170 assert(is_array($state));
171
172 /*
173 * Save the identifier of this authentication source, so that we can
174 * retrieve it later. This allows us to call the login()-function on
175 * the current object.
176 */
177 $state[self::AUTHID] = $this->authId;
178
179 // What username we should force, if any
180 if ($this->forcedUsername !== NULL) {
181 /*
182 * This is accessed by the login form, to determine if the user
183 * is allowed to change the username.
184 */
185 $state['forcedUsername'] = $this->forcedUsername;
186 }
187
188 // ECP requests supply authentication credentials with the AUthnRequest
189 // so we validate them now rather than redirecting
190 if (isset($state['core:auth:username']) && isset($state['core:auth:password'])) {
191 $username = $state['core:auth:username'];
192 $password = $state['core:auth:password'];
193
194 if (isset($state['forcedUsername'])) {
195 $username = $state['forcedUsername'];
196 }
197
198 $attributes = $this->login($username, $password);
199 assert(is_array($attributes));
200 $state['Attributes'] = $attributes;
201
202 return;
203 }
204
205 /* Save the $state-array, so that we can restore it after a redirect. */
206 $id = SimpleSAML_Auth_State::saveState($state, self::STAGEID);
207
208 /*
209 * Redirect to the login form. We include the identifier of the saved
210 * state array as a parameter to the login form.
211 */
212 $url = SimpleSAML\Module::getModuleURL('core/loginuserpass.php');
213 $params = array('AuthState' => $id);
214 \SimpleSAML\Utils\HTTP::redirectTrustedURL($url, $params);
215
216 /* The previous function never returns, so this code is never executed. */
217 assert(false);
218 }
$state
if(!array_key_exists('stateid', $_REQUEST)) $state
Handle linkback() response from LinkedIn.
Definition: linkback.php:10
SimpleSAML\Module\getModuleURL
static getModuleURL($resource, array $parameters=array())
Get absolute URL to a specified module resource.
Definition: Module.php:220
SimpleSAML\Utils\HTTP\redirectTrustedURL
static redirectTrustedURL($url, $parameters=array())
This function redirects to the specified URL without performing any security checks.
Definition: HTTP.php:959
SimpleSAML_Auth_Source\$authId
$authId
Definition: Source.php:23
SimpleSAML_Auth_State\saveState
static saveState(&$state, $stage, $rawId=false)
Save the state.
Definition: State.php:194
sspmod_core_Auth_UserPassBase\$forcedUsername
$forcedUsername
Username we should force.
Definition: UserPassBase.php:33
sspmod_core_Auth_UserPassBase\AUTHID
const AUTHID
The key of the AuthId field in the state.
Definition: UserPassBase.php:24
sspmod_core_Auth_UserPassBase\login
login($username, $password)
Attempt to log in using the given username and password.
$password
$password
Definition: cron.php:14
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: expirywarning.php:14
$attributes
if(array_key_exists('yes', $_REQUEST)) $attributes
Definition: getconsent.php:85
$url
$url
Definition: proxy_ylocal.php:28

References $attributes, SimpleSAML_Auth_Source\$authId, $forcedUsername, $id, PHPMailer\PHPMailer\$params, $password, $state, $url, AUTHID, SimpleSAML\Module\getModuleURL(), login(), SimpleSAML\Utils\HTTP\redirectTrustedURL(), and SimpleSAML_Auth_State\saveState().

+ Here is the call graph for this function:

◆ getLoginLinks()

sspmod_core_Auth_UserPassBase::getLoginLinks ( )

Return login links from configuration.

Definition at line 125 of file UserPassBase.php.

125 {
126 return $this->loginLinks;
127 }
sspmod_core_Auth_UserPassBase\$loginLinks
$loginLinks
Links to pages from login page.
Definition: UserPassBase.php:39

References $loginLinks.

◆ getRememberUsernameChecked()

sspmod_core_Auth_UserPassBase::getRememberUsernameChecked ( )

Getter for the authsource config option remember.username.checked.

Returns
bool

Definition at line 141 of file UserPassBase.php.

141 {
142 return $this->rememberUsernameChecked;
143 }
sspmod_core_Auth_UserPassBase\$rememberUsernameChecked
$rememberUsernameChecked
Definition: UserPassBase.php:55

References $rememberUsernameChecked.

◆ getRememberUsernameEnabled()

sspmod_core_Auth_UserPassBase::getRememberUsernameEnabled ( )

Getter for the authsource config option remember.username.enabled.

Returns
bool

Definition at line 133 of file UserPassBase.php.

133 {
134 return $this->rememberUsernameEnabled;
135 }
sspmod_core_Auth_UserPassBase\$rememberUsernameEnabled
$rememberUsernameEnabled
Definition: UserPassBase.php:47

References $rememberUsernameEnabled.

◆ handleLogin()

static sspmod_core_Auth_UserPassBase::handleLogin (   $authStateId,
  $username,
  $password 
)
static

Handle login request.

This function is used by the login form (core/www/loginuserpass.php) when the user enters a username and password. On success, it will not return. On wrong username/password failure, and other errors, it will throw an exception.

Parameters
string$authStateIdThe identifier of the authentication state.
string$usernameThe username the user wrote.
string$passwordThe password the user wrote.

Definition at line 248 of file UserPassBase.php.

248 {
249 assert(is_string($authStateId));
250 assert(is_string($username));
251 assert(is_string($password));
252
253 /* Here we retrieve the state array we saved in the authenticate-function. */
254 $state = SimpleSAML_Auth_State::loadState($authStateId, self::STAGEID);
255
256 /* Retrieve the authentication source we are executing. */
257 assert(array_key_exists(self::AUTHID, $state));
258 $source = SimpleSAML_Auth_Source::getById($state[self::AUTHID]);
259 if ($source === NULL) {
260 throw new Exception('Could not find authentication source with id ' . $state[self::AUTHID]);
261 }
262
263 /*
264 * $source now contains the authentication source on which authenticate()
265 * was called. We should call login() on the same authentication source.
266 */
267
268 /* Attempt to log in. */
269 try {
270 $attributes = $source->login($username, $password);
271 } catch (Exception $e) {
272 SimpleSAML\Logger::stats('Unsuccessful login attempt from '.$_SERVER['REMOTE_ADDR'].'.');
273 throw $e;
274 }
275
276 SimpleSAML\Logger::stats('User \''.$username.'\' successfully authenticated from '.$_SERVER['REMOTE_ADDR']);
277
278 /* Save the attributes we received from the login-function in the $state-array. */
279 assert(is_array($attributes));
280 $state['Attributes'] = $attributes;
281
282 /* Return control to SimpleSAMLphp after successful authentication. */
283 SimpleSAML_Auth_Source::completeAuth($state);
284 }
$source
$source
Definition: linkback.php:22
SimpleSAML\Logger\stats
static stats($string)
Definition: Logger.php:222
SimpleSAML_Auth_Source\getById
static getById($authId, $type=null)
Retrieve authentication source.
Definition: Source.php:340
SimpleSAML_Auth_State\loadState
static loadState($id, $stage, $allowMissing=false)
Retrieve saved state.
Definition: State.php:259
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54
$authStateId
if(!array_key_exists('AuthState', $_REQUEST)) $authStateId
Definition: yubikeylogin.php:15

References $_SERVER, $attributes, $authStateId, $password, $source, $state, SimpleSAML_Auth_Source\getById(), SimpleSAML_Auth_State\loadState(), and SimpleSAML\Logger\stats().

+ Here is the call graph for this function:

◆ isRememberMeChecked()

sspmod_core_Auth_UserPassBase::isRememberMeChecked ( )

Check if the "remember me" checkbox should be checked.

Returns
bool TRUE if enabled, FALSE otherwise.

Definition at line 157 of file UserPassBase.php.

157 {
158 return $this->rememberMeChecked;
159 }
sspmod_core_Auth_UserPassBase\$rememberMeChecked
$rememberMeChecked
Definition: UserPassBase.php:73

References $rememberMeChecked.

◆ isRememberMeEnabled()

sspmod_core_Auth_UserPassBase::isRememberMeEnabled ( )

Check if the "remember me" feature is enabled.

Returns
bool TRUE if enabled, FALSE otherwise.

Definition at line 149 of file UserPassBase.php.

149 {
150 return $this->rememberMeEnabled;
151 }
sspmod_core_Auth_UserPassBase\$rememberMeEnabled
$rememberMeEnabled
Definition: UserPassBase.php:65

References $rememberMeEnabled.

◆ login()

sspmod_core_Auth_UserPassBase::login (   $username,
  $password 
)
abstractprotected

Attempt to log in using the given username and password.

On a successful login, this function should return the users attributes. On failure, it should throw an exception/error. If the error was caused by the user entering the wrong username or password, a SimpleSAML_Error_Error('WRONGUSERPASS') should be thrown.

Note that both the username and the password are UTF-8 encoded.

Parameters
string$usernameThe username the user wrote.
string$passwordThe password the user wrote.
Returns
array Associative array with the user's attributes.

Reimplemented in sspmod_authcrypt_Auth_Source_Hash, sspmod_authcrypt_Auth_Source_Htpasswd, sspmod_core_Auth_Source_AdminPassword, sspmod_exampleauth_Auth_Source_UserPass, sspmod_radius_Auth_Source_Radius, and sspmod_sqlauth_Auth_Source_SQL.

Referenced by authenticate().

+ Here is the caller graph for this function:

◆ setForcedUsername()

sspmod_core_Auth_UserPassBase::setForcedUsername (   $forcedUsername)

Set forced username.

Parameters
string | NULL$forcedUsernameThe forced username.

Definition at line 117 of file UserPassBase.php.

117 {
118 assert(is_string($forcedUsername) || $forcedUsername === null);
119 $this->forcedUsername = $forcedUsername;
120 }

References $forcedUsername.

Referenced by sspmod_core_Auth_Source_AdminPassword\__construct().

+ Here is the caller graph for this function:

Field Documentation

◆ $forcedUsername

sspmod_core_Auth_UserPassBase::$forcedUsername
private

Username we should force.

A forced username cannot be changed by the user. If this is NULL, we won't force any username.

Definition at line 33 of file UserPassBase.php.

Referenced by authenticate(), and setForcedUsername().

◆ $loginLinks

sspmod_core_Auth_UserPassBase::$loginLinks
protected

Links to pages from login page.

From configuration

Definition at line 39 of file UserPassBase.php.

Referenced by getLoginLinks().

◆ $rememberMeChecked

sspmod_core_Auth_UserPassBase::$rememberMeChecked = FALSE
protected

Definition at line 73 of file UserPassBase.php.

Referenced by isRememberMeChecked().

◆ $rememberMeEnabled

sspmod_core_Auth_UserPassBase::$rememberMeEnabled = FALSE
protected

Definition at line 65 of file UserPassBase.php.

Referenced by isRememberMeEnabled().

◆ $rememberUsernameChecked

sspmod_core_Auth_UserPassBase::$rememberUsernameChecked = FALSE
protected

Definition at line 55 of file UserPassBase.php.

Referenced by getRememberUsernameChecked().

◆ $rememberUsernameEnabled

sspmod_core_Auth_UserPassBase::$rememberUsernameEnabled = FALSE
protected

Definition at line 47 of file UserPassBase.php.

Referenced by getRememberUsernameEnabled().

◆ AUTHID

const sspmod_core_Auth_UserPassBase::AUTHID = 'sspmod_core_Auth_UserPassBase.AuthId'

The key of the AuthId field in the state.

Definition at line 24 of file UserPassBase.php.

Referenced by authenticate().

◆ STAGEID

const sspmod_core_Auth_UserPassBase::STAGEID = 'sspmod_core_Auth_UserPassBase.state'

The string used to identify our states.

Definition at line 18 of file UserPassBase.php.

The documentation for this class was generated from the following file: