ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
Public Member Functions | Data Fields | Private Attributes
sspmod_authwindowslive_Auth_Source_LiveID Class Reference
+ Inheritance diagram for sspmod_authwindowslive_Auth_Source_LiveID:
+ Collaboration diagram for sspmod_authwindowslive_Auth_Source_LiveID:

Public Member Functions

 __construct ($info, $config)
 Constructor for this authentication source. More...
 
 authenticate (&$state)
 Log-in using LiveID platform. More...
 
 finalStep (&$state)
 
- Public Member Functions inherited from SimpleSAML_Auth_Source
 __construct ($info, &$config)
 Constructor for an authentication source. More...
 
 getAuthId ()
 Retrieve the ID of this authentication source. More...
 
 authenticate (&$state)
 Process a request. More...
 
 reauthenticate (array &$state)
 Reauthenticate an user. More...
 
 initLogin ($return, $errorURL=null, array $params=array())
 Start authentication. More...
 
 logout (&$state)
 Log out from this authentication source. More...
 

Data Fields

const STAGE_INIT = 'authwindowslive:init'
 The string used to identify our states. More...
 
const AUTHID = 'authwindowslive:AuthId'
 The key of the AuthId field in the state. More...
 

Private Attributes

 $key
 
 $secret
 

Additional Inherited Members

- Static Public Member Functions inherited from SimpleSAML_Auth_Source
static getSourcesOfType ($type)
 Get sources of a specific type. More...
 
static completeAuth (&$state)
 Complete authentication. More...
 
static loginCompleted ($state)
 Called when a login operation has finished. More...
 
static completeLogout (&$state)
 Complete logout. More...
 
static getById ($authId, $type=null)
 Retrieve authentication source. More...
 
static logoutCallback ($state)
 Called when the authentication source receives an external logout request. More...
 
static getSources ()
 Retrieve list of authentication sources. More...
 
- Protected Member Functions inherited from SimpleSAML_Auth_Source
 addLogoutCallback ($assoc, $state)
 Add a logout callback association. More...
 
 callLogoutCallback ($assoc)
 Call a logout callback based on association. More...
 
- Static Protected Member Functions inherited from SimpleSAML_Auth_Source
static validateSource ($source, $id)
 Make sure that the first element of an auth source is its identifier. More...
 
- Protected Attributes inherited from SimpleSAML_Auth_Source
 $authId
 

Detailed Description

Definition at line 10 of file LiveID.php.

Constructor & Destructor Documentation

◆ __construct()

sspmod_authwindowslive_Auth_Source_LiveID::__construct (   $info,
  $config 
)

Constructor for this authentication source.

Parameters
array$infoInformation about this authentication source.
array$configConfiguration.
Exceptions
ExceptionIn case of misconfiguration.

Definition at line 35 of file LiveID.php.

36 {
37 assert(is_array($info));
38 assert(is_array($config));
39
40 // Call the parent constructor first, as required by the interface
41 parent::__construct($info, $config);
42
43 if (!array_key_exists('key', $config)) {
44 throw new Exception('LiveID authentication source is not properly configured: missing [key]');
45 }
46
47 $this->key = $config['key'];
48
49 if (!array_key_exists('secret', $config)) {
50 throw new Exception('LiveID authentication source is not properly configured: missing [secret]');
51 }
52
53 $this->secret = $config['secret'];
54 }
$config
$config
Definition: bootstrap.php:15
$info
$info
Definition: index.php:5

References $config, and $info.

Member Function Documentation

◆ authenticate()

sspmod_authwindowslive_Auth_Source_LiveID::authenticate ( $state)

Log-in using LiveID platform.

Parameters
array&$stateInformation about the current authentication.

Reimplemented from SimpleSAML_Auth_Source.

Definition at line 62 of file LiveID.php.

63 {
64 assert(is_array($state));
65
66 // we are going to need the authId in order to retrieve this authentication source later
67 $state[self::AUTHID] = $this->authId;
68
69 $stateID = SimpleSAML_Auth_State::saveState($state, self::STAGE_INIT);
70
71 SimpleSAML\Logger::debug('authwindowslive auth state id = ' . $stateID);
72
73 // authenticate the user
74 // documentation at:
75 // https://azure.microsoft.com/en-us/documentation/articles/active-directory-v2-protocols-oauth-code/
76 $authorizeURL = 'https://login.microsoftonline.com/common/oauth2/v2.0/authorize'
77 . '?client_id=' . $this->key
78 . '&response_type=code'
79 . '&response_mode=query'
80 . '&redirect_uri=' . urlencode(SimpleSAML\Module::getModuleUrl('authwindowslive') . '/linkback.php')
81 . '&state=' . urlencode($stateID)
82 . '&scope=' . urlencode('openid https://graph.microsoft.com/user.read')
83 ;
84
85 \SimpleSAML\Utils\HTTP::redirectTrustedURL($authorizeURL);
86 }
$state
if(!array_key_exists('stateid', $_REQUEST)) $state
Handle linkback() response from LinkedIn.
Definition: linkback.php:10
SimpleSAML\Logger\debug
static debug($string)
Definition: Logger.php:211
SimpleSAML\Utils\HTTP\redirectTrustedURL
static redirectTrustedURL($url, $parameters=array())
This function redirects to the specified URL without performing any security checks.
Definition: HTTP.php:959
SimpleSAML_Auth_Source\$authId
$authId
Definition: Source.php:23
SimpleSAML_Auth_State\saveState
static saveState(&$state, $stage, $rawId=false)
Save the state.
Definition: State.php:194
sspmod_authwindowslive_Auth_Source_LiveID\AUTHID
const AUTHID
The key of the AuthId field in the state.
Definition: LiveID.php:21
SimpleSAML
Attribute-related utility methods.

References SimpleSAML_Auth_Source\$authId, $state, AUTHID, SimpleSAML\Logger\debug(), SimpleSAML\Utils\HTTP\redirectTrustedURL(), and SimpleSAML_Auth_State\saveState().

+ Here is the call graph for this function:

◆ finalStep()

sspmod_authwindowslive_Auth_Source_LiveID::finalStep ( $state)
Parameters
$state
Exceptions
Exception

Definition at line 94 of file LiveID.php.

95 {
96 SimpleSAML\Logger::debug(
97 "authwindowslive oauth: Using this verification code [".$state['authwindowslive:verification_code']."]"
98 );
99
100 // retrieve Access Token
101 // documentation at:
102 // https://azure.microsoft.com/en-us/documentation/articles/active-directory-v2-protocols-oauth-code/#request-an-access-token
103 $postData = 'client_id=' . urlencode($this->key)
104 . '&client_secret=' . urlencode($this->secret)
105 . '&scope=' . urlencode('https://graph.microsoft.com/user.read')
106 . '&grant_type=authorization_code'
107 . '&redirect_uri=' . urlencode(SimpleSAML\Module::getModuleUrl('authwindowslive') . '/linkback.php')
108 . '&code=' . urlencode($state['authwindowslive:verification_code']);
109
110 $context = array(
111 'http' => array(
112 'method' => 'POST',
113 'header' => 'Content-type: application/x-www-form-urlencoded',
114 'content' => $postData,
115 ),
116 );
117
118 $result = \SimpleSAML\Utils\HTTP::fetch('https://login.microsoftonline.com/common/oauth2/v2.0/token', $context);
119
120 $response = json_decode($result, true);
121
122 // error checking of $response to make sure we can proceed
123 if (!array_key_exists('access_token', $response)) {
124 throw new Exception(
125 '['.$response['error'].'] '.$response['error_description'].
126 "\r\nNo access_token returned - cannot proceed\r\n" . implode(', ', $response['error_codes'])
127 );
128 }
129
130 SimpleSAML\Logger::debug(
131 "authwindowslive: Got an access token from the OAuth service provider [".$response['access_token']."]"
132 );
133
134 // documentation at: http://graph.microsoft.io/en-us/docs/overview/call_api
135 $opts = array('http' => array('header' => "Accept: application/json\r\nAuthorization: Bearer ".
136 $response['access_token']."\r\n"));
137 $data = \SimpleSAML\Utils\HTTP::fetch('https://graph.microsoft.com/v1.0/me', $opts);
138 $userdata = json_decode($data, true);
139
140 // this is the simplest case
141 if (!array_key_exists('@odata.context', $userdata) || array_key_exists('error', $userdata)) {
142 throw new Exception(
143 'Unable to retrieve userdata from Microsoft Graph ['.$userdata['error']['code'].'] '.
144 $userdata['error']['message']
145 );
146 }
147 $attributes = array();
148 $attributes['windowslive_targetedID'] = array(
149 'https://graph.microsoft.com!'.(!empty($userdata['id']) ? $userdata['id'] : 'unknown')
150 );
151 foreach ($userdata as $key => $value) {
152 if (is_string($value)) {
153 $attributes['windowslive.' . $key] = array((string)$value);
154 }
155 }
156
157
158 SimpleSAML\Logger::debug('LiveID Returned Attributes: '. implode(", ", array_keys($attributes)));
159
160 $state['Attributes'] = $attributes;
161 }
$result
$result
Definition: CleanUpTest.php:463
SimpleSAML\Utils\HTTP\fetch
static fetch($url, $context=array(), $getHeaders=false)
Helper function to retrieve a file or URL with proxy support, also supporting proxy basic authorizati...
Definition: HTTP.php:408
sspmod_authwindowslive_Auth_Source_LiveID\$key
$key
Definition: LiveID.php:23
$attributes
if(array_key_exists('yes', $_REQUEST)) $attributes
Definition: getconsent.php:85
$postData
if($session===NULL) $postData
Definition: postredirect.php:34
$response
$response
Definition: proxy_ylocal.php:39
$data
$data
Definition: bench.php:6
$context
$context
Definition: webdav.php:25

References $attributes, $context, $data, $key, $postData, $response, $result, $state, SimpleSAML\Logger\debug(), and SimpleSAML\Utils\HTTP\fetch().

+ Here is the call graph for this function:

Field Documentation

◆ $key

sspmod_authwindowslive_Auth_Source_LiveID::$key
private

Definition at line 23 of file LiveID.php.

Referenced by finalStep().

◆ $secret

sspmod_authwindowslive_Auth_Source_LiveID::$secret
private

Definition at line 24 of file LiveID.php.

◆ AUTHID

const sspmod_authwindowslive_Auth_Source_LiveID::AUTHID = 'authwindowslive:AuthId'

The key of the AuthId field in the state.

Definition at line 21 of file LiveID.php.

Referenced by authenticate().

◆ STAGE_INIT

const sspmod_authwindowslive_Auth_Source_LiveID::STAGE_INIT = 'authwindowslive:init'

The string used to identify our states.

Definition at line 16 of file LiveID.php.

The documentation for this class was generated from the following file: