ILIAS  release_6 Revision v6.24-5-g0c8bfefb3b8
class.ilCmiXapiAuthToken.php
Go to the documentation of this file.
1<?php
2
3/* Copyright (c) 1998-2019 ILIAS open source, Extended GPL, see docs/LICENSE */
4
5
16{
17
18 const DB_TABLE_NAME = 'cmix_token';
19
20 const OPENSSL_ENCRYPTION_METHOD = 'aes128';
21
22 const OPENSSL_IV = '1234567890123456';
23
27 protected $ref_id;
28
32 protected $obj_id;
33
37 protected $usr_id;
38
42 protected $token;
43
47 protected $valid_until;
48
52 protected $lrs_type_id;
53
57 protected $cmi5_session;
58
63
68
72 public function getRefId() : int
73 {
74 return $this->ref_id;
75 }
76
80 public function setRefId(int $ref_id)
81 {
82 $this->ref_id = $ref_id;
83 }
84
88 public function getObjId() : int
89 {
90 return $this->obj_id;
91 }
92
96 public function setObjId(int $obj_id)
97 {
98 $this->obj_id = $obj_id;
99 }
100
104 public function getUsrId() : int
105 {
106 return $this->usr_id;
107 }
108
112 public function setUsrId(int $usr_id)
113 {
114 $this->usr_id = $usr_id;
115 }
116
120 public function getToken() : string
121 {
122 return $this->token;
123 }
124
128 public function setToken(string $token)
129 {
130 $this->token = $token;
131 }
132
136 public function getValidUntil() : string
137 {
138 return $this->valid_until;
139 }
140
144 public function setValidUntil(string $valid_until)
145 {
146 $this->valid_until = $valid_until;
147 }
148
152 public function getLrsTypeId()
153 {
154 return $this->lrs_type_id;
155 }
156
160 public function setLrsTypeId($lrs_type_id)
161 {
162 $this->lrs_type_id = $lrs_type_id;
163 }
164
168 public function getCmi5Session()
169 {
170 return $this->cmi5_session;
171 }
172
177 {
178 $this->cmi5_session = $cmi5_session;
179 }
180
184 public function getCmi5SessionData()
185 {
187 }
188
193 {
194 $this->cmi5_session_data = $cmi5_session_data;
195 }
196
201 {
203 }
204
209 {
210 $this->returned_for_cmi5_session = $returned_for_cmi5_session;
211 }
212
213 public function update()
214 {
215 global $DIC; /* @var \ILIAS\DI\Container $DIC */
216 $DIC->database()->update(
217 self::DB_TABLE_NAME,
218 [
219 'valid_until' => array('timestamp', $this->getValidUntil()),
220 'ref_id' => array('integer', $this->getRefId()),
221 'obj_id' => array('integer', $this->getObjId()),
222 'usr_id' => array('integer', $this->getUsrId()),
223 'lrs_type_id' => array('integer', $this->getLrsTypeId()),
224 'cmi5_session' => array('text', $this->getCmi5Session()),
225 'returned_for_cmi5_session' => array('text', $this->getReturnedForCmi5Session()),
226 'cmi5_session_data' => array('clob', $this->getCmi5SessionData())
227 ],
228 [
229 'token' => array('text', $this->getToken()),
230 ]
231 );
232 }
233
234 public static function insertToken($usrId, $refId, $objId, $lrsTypeId, $a_token, $a_time)
235 {
236 global $DIC; /* @var \ILIAS\DI\Container $DIC */
237 $ilDB = $DIC->database();
238
239 $ilDB->insert(
240 self::DB_TABLE_NAME,
241 array(
242 'token' => array('text', $a_token),
243 'valid_until' => array('timestamp', $a_time),
244 'ref_id' => array('integer', $refId),
245 'obj_id' => array('integer', $objId),
246 'usr_id' => array('integer', $usrId),
247 'lrs_type_id' => array('integer', $lrsTypeId)
248 )
249 );
250 // 'cmi5_session' defaults always to '' by inserting
251 // 'returned_for_cmi5_session' defaults always to '' by inserting
252 }
253
254 public static function deleteTokenByObjIdAndUsrId($objId, $usrId)
255 {
256 global $DIC; /* @var \ILIAS\DI\Container $DIC */
257 $ilDB = $DIC->database();
258
259 $query = "
260 DELETE FROM " . self::DB_TABLE_NAME . "
261 WHERE obj_id = %s AND usr_id = %s
262 ";
263
264 $ilDB->manipulateF($query, array('integer', 'integer'), array($objId, $usrId));
265 }
266
267 public static function deleteTokenByObjIdAndRefIdAndUsrId($objId, $refId, $usrId)
268 {
269 global $DIC; /* @var \ILIAS\DI\Container $DIC */
270 $ilDB = $DIC->database();
271
272 $query = "
273 DELETE FROM " . self::DB_TABLE_NAME . "
274 WHERE obj_id = %s AND ref_id = %s AND usr_id = %s
275 ";
276
277 $ilDB->manipulateF($query, array('integer', 'integer', 'integer'), array($objId, $refId, $usrId));
278 }
279
280 public function delete()
281 {
282 global $DIC; /* @var \ILIAS\DI\Container $DIC */
283 $ilDB = $DIC->database();
284
285 $query = "
286 DELETE FROM " . self::DB_TABLE_NAME . "
287 WHERE obj_id = %s AND ref_id = %s AND usr_id = %s
288 ";
289
290 $ilDB->manipulateF($query, array('integer', 'integer', 'integer'), array($this->getObjId(), $this->getRefId(), $this->getUsrId()));
291 }
292
293 public static function deleteExpiredTokens()
294 {
295 global $DIC; /* @var \ILIAS\DI\Container $DIC */
296 $ilDB = $DIC->database();
297
298 $query = "DELETE FROM " . self::DB_TABLE_NAME . " WHERE valid_until < CURRENT_TIMESTAMP";
299 $ilDB->manipulate($query);
300 }
301
302
303 public static function selectCurrentTimestamp()
304 {
305 global $DIC; /* @var \ILIAS\DI\Container $DIC */
306 $ilDB = $DIC->database();
307
308 $query = "SELECT CURRENT_TIMESTAMP";
309 $result = $ilDB->query($query);
310 $row = $ilDB->fetchAssoc($result);
311
312 return $row['CURRENT_TIMESTAMP'];
313 }
314
315 public static function createToken()
316 {
317 return (new \Ramsey\Uuid\UuidFactory())->uuid4()->toString();
318 }
319
320 public static function fillToken($usrId, $refId, $objId, $lrsTypeId = 0)
321 {
322 //$seconds = $this->getTimeToDelete();
323 $seconds = 86400; // TODO: invalidation interval
324
325 $nowTimeDT = self::selectCurrentTimestamp();
326
327 $nowTime = new ilDateTime($nowTimeDT, IL_CAL_DATETIME);
328
329 $nowTimeTS = $nowTime->get(IL_CAL_UNIX);
330 $newTimeTS = $nowTimeTS + $seconds;
331
332 $newTime = new ilDateTime($newTimeTS, IL_CAL_UNIX);
333
334 //self::deleteTokenByObjIdAndUsrId($object->getId(), $usrId);
335
336 try {
337 $tokenObject = self::getInstanceByObjIdAndRefIdAndUsrId($objId, $refId, $usrId, false);
338 $tokenObject->setValidUntil($newTime->get(IL_CAL_DATETIME));
339 $tokenObject->update();
340
341 $token = $tokenObject->getToken();
342 } catch (ilCmiXapiException $e) {
344 self::insertToken($usrId, $refId, $objId, $lrsTypeId, $token, $newTime->get(IL_CAL_DATETIME));
345 }
346
347 // TODO: move to cronjob ;-)
348 // TODO: check cmi5 sessions of token and if not terminated -> abandoned statement
350
351 return $token;
352 }
353
359 public static function getInstanceByToken($token)
360 {
361 global $DIC; /* @var \ILIAS\DI\Container $DIC */
362
363 $query = "
364 SELECT * FROM " . self::DB_TABLE_NAME . "
365 WHERE token = %s AND valid_until > CURRENT_TIMESTAMP
366 ";
367
368 $res = $DIC->database()->queryF($query, array('text'), array($token));
369
370 while ($row = $DIC->database()->fetchAssoc($res)) {
371 $tokenObject = new self();
372 $tokenObject->setToken($token);
373 $tokenObject->setValidUntil($row['valid_until']);
374 $tokenObject->setUsrId($row['usr_id']);
375 $tokenObject->setObjId($row['obj_id']);
376 $tokenObject->setRefId($row['ref_id']);
377 $tokenObject->setLrsTypeId($row['lrs_type_id']);
378 $tokenObject->setCmi5Session($row['cmi5_session']);
379 $tokenObject->setReturnedForCmi5Session($row['returned_for_cmi5_session']);
380 $tokenObject->setCmi5SessionData($row['cmi5_session_data']);
381
382 return $tokenObject;
383 }
384
385 throw new ilCmiXapiException('no valid token found for: ' . $token);
386 }
387
394 public static function getInstanceByObjIdAndUsrId($objId, $usrId, $checkValid = true)
395 {
396 global $DIC; /* @var \ILIAS\DI\Container $DIC */
397 $ilDB = $DIC->database();
398
399 $query = "SELECT * FROM " . self::DB_TABLE_NAME . " WHERE obj_id = %s AND usr_id = %s";
400
401 if ($checkValid) {
402 $query .= " AND valid_until > CURRENT_TIMESTAMP";
403 }
404
405 $result = $ilDB->queryF($query, array('integer', 'integer'), array($objId, $usrId));
406
407 $row = $ilDB->fetchAssoc($result);
408
409 if ($row) {
410 $tokenObject = new self();
411 $tokenObject->setToken($row['token']);
412 $tokenObject->setValidUntil($row['valid_until']);
413 $tokenObject->setUsrId($row['usr_id']);
414 $tokenObject->setObjId($row['obj_id']);
415 $tokenObject->setRefId($row['ref_id']);
416 $tokenObject->setLrsTypeId($row['lrs_type_id']);
417 $tokenObject->setCmi5Session($row['cmi5_session']);
418 $tokenObject->setReturnedForCmi5Session($row['returned_for_cmi5_session']);
419 $tokenObject->setCmi5SessionData($row['cmi5_session_data']);
420
421 return $tokenObject;
422 }
423
424 throw new ilCmiXapiException('no valid token found for: ' . $objId . '/' . $usrId);
425 }
426
434 public static function getInstanceByObjIdAndRefIdAndUsrId($objId, $refId, $usrId, $checkValid = true)
435 {
436 global $DIC; /* @var \ILIAS\DI\Container $DIC */
437 $ilDB = $DIC->database();
438
439 $query = "SELECT * FROM " . self::DB_TABLE_NAME . " WHERE obj_id = %s AND ref_id = %s AND usr_id = %s";
440
441 if ($checkValid) {
442 $query .= " AND valid_until > CURRENT_TIMESTAMP";
443 }
444
445 $result = $ilDB->queryF($query, array('integer', 'integer', 'integer'), array($objId, $refId, $usrId));
446
447 $row = $ilDB->fetchAssoc($result);
448
449 if ($row) {
450 $tokenObject = new self();
451 $tokenObject->setToken($row['token']);
452 $tokenObject->setValidUntil($row['valid_until']);
453 $tokenObject->setUsrId($row['usr_id']);
454 $tokenObject->setObjId($row['obj_id']);
455 $tokenObject->setRefId($row['ref_id']);
456 $tokenObject->setLrsTypeId($row['lrs_type_id']);
457 $tokenObject->setCmi5Session($row['cmi5_session']);
458 $tokenObject->setReturnedForCmi5Session($row['returned_for_cmi5_session']);
459 $tokenObject->setCmi5SessionData($row['cmi5_session_data']);
460
461 return $tokenObject;
462 }
463
464 throw new ilCmiXapiException('no valid token found for: ' . $objId . '/' . $usrId);
465 }
466
467 /*
468 public static function bindCmi5Session(string $token, string $cmi5_session)
469 {
470 global $DIC;
471 $ilDB = $DIC->database();
472 $ilDB->manipulate("UPDATE " . self::DB_TABLE_NAME . " SET cmi5_session = " . $ilDB->quote($cmi5_session, 'text') . " WHERE token = " . $ilDB->quote($token, 'text'));
473 }
474 */
475
484 public static function getCmi5SessionByUsrIdAndObjIdAndRefId(int $usrId, int $objId, $refId = null)
485 {
486 global $DIC;
487 $ilDB = $DIC->database();
488 if (empty($refId)) {
489 $query = "SELECT cmi5_session FROM " . self::DB_TABLE_NAME . " WHERE usr_id = %s AND obj_id = %s";
490 $result = $ilDB->queryF($query, array('integer', 'integer'), array($usrId, $objId));
491 }
492 else
493 {
494 $query = "SELECT cmi5_session FROM " . self::DB_TABLE_NAME . " WHERE usr_id = %s AND obj_id = %s AND ref_id = %s";
495 $result = $ilDB->queryF($query, array('integer', 'integer', 'integer'), array($usrId, $objId, $refId));
496 }
497
498 $row = $ilDB->fetchAssoc($result);
499
500 if ($row && $row['cmi5_session'] != '')
501 {
502 return $row['cmi5_session'];
503 }
504 throw new ilCmiXapiException('no valid cmi5_session found for: ' . $objId . '/' . $usrId);
505 }
506
511 public static function getWacSalt()
512 {
513 include 'data/wacsalt.php';
514
515 if (isset($salt)) {
516 return $salt;
517 }
518
519 throw new ilCmiXapiException('no salt for encryption provided');
520 }
521}
$result
An exception for terminatinating execution or to throw for unit testing.
const IL_CAL_UNIX
const IL_CAL_DATETIME
static deleteTokenByObjIdAndUsrId($objId, $usrId)
static getInstanceByObjIdAndUsrId($objId, $usrId, $checkValid=true)
static fillToken($usrId, $refId, $objId, $lrsTypeId=0)
setCmi5SessionData($cmi5_session_data)
static getInstanceByObjIdAndRefIdAndUsrId($objId, $refId, $usrId, $checkValid=true)
static getCmi5SessionByUsrIdAndObjIdAndRefId(int $usrId, int $objId, $refId=null)
setReturnedForCmi5Session($returned_for_cmi5_session)
static insertToken($usrId, $refId, $objId, $lrsTypeId, $a_token, $a_time)
setValidUntil(string $valid_until)
static deleteTokenByObjIdAndRefIdAndUsrId($objId, $refId, $usrId)
@classDescription Date and time handling
$query
foreach($_POST as $key=> $value) $res
global $ilDB
$DIC
Definition: xapitoken.php:46
$objId
Definition: xapitoken.php:41
$refId
Definition: xapitoken.php:42