ILIAS  release_6 Revision v6.24-5-g0c8bfefb3b8
Public Member Functions | Data Fields | Protected Member Functions | Protected Attributes | Private Attributes
ilOpenIdConnectUserSync Class Reference

Class ilOpenIdConnectSettingsGUI. More...

+ Collaboration diagram for ilOpenIdConnectUserSync:

Public Member Functions

 __construct (\ilOpenIdConnectSettings $settings, $user_info)
 ilOpenIdConnectUserSync constructor. More...
 
 setExternalAccount (string $ext_account)
 
 setInternalAccount (string $int_account)
 
 getUserId ()
 
 needsCreation ()
 
 updateUser ()
 

Data Fields

const AUTH_MODE = 'oidc'
 

Protected Member Functions

 transformToXml ()
 transform user data to xml More...
 
 parseRoleAssignments ()
 Parse role assignments. More...
 
 valueFrom (string $connect_name)
 

Protected Attributes

 $settings
 
 $logger
 

Private Attributes

 $writer
 
 $user_info = []
 
 $ext_account = ''
 
 $int_account = ''
 
 $usr_id = 0
 

Detailed Description

Class ilOpenIdConnectSettingsGUI.

Author
Stefan Meyer smeye.nosp@m.r.il.nosp@m.ias@g.nosp@m.mx.d.nosp@m.e

Definition at line 10 of file class.ilOpenIdConnectUserSync.php.

Constructor & Destructor Documentation

◆ __construct()

ilOpenIdConnectUserSync::__construct ( \ilOpenIdConnectSettings  $settings,
  $user_info 
)

ilOpenIdConnectUserSync constructor.

Parameters
ilOpenIdConnectSettings$settings

Definition at line 54 of file class.ilOpenIdConnectUserSync.php.

55 {
56 global $DIC;
57
58 $this->settings = $settings;
59 $this->logger = $DIC->logger()->auth();
60
61 $this->writer = new ilXmlWriter();
62
63 $this->user_info = $user_info;
64 }
ilXmlWriter
XML writer class.
Definition: class.ilXmlWriter.php:18
settings
settings()
Definition: settings.php:2
$DIC
$DIC
Definition: xapitoken.php:46

References $DIC, $settings, $user_info, and settings().

+ Here is the call graph for this function:

Member Function Documentation

◆ getUserId()

ilOpenIdConnectUserSync::getUserId ( )
Returns
int

Definition at line 86 of file class.ilOpenIdConnectUserSync.php.

86 : int
87 {
88 return $this->usr_id;
89 }

References $usr_id.

Referenced by transformToXml().

+ Here is the caller graph for this function:

◆ needsCreation()

ilOpenIdConnectUserSync::needsCreation ( )
Returns
bool

Definition at line 94 of file class.ilOpenIdConnectUserSync.php.

94 : bool
95 {
96 $this->logger->dump($this->int_account, \ilLogLevel::DEBUG);
97 return strlen($this->int_account) == 0;
98 }

References ilLogLevel\DEBUG.

Referenced by parseRoleAssignments(), transformToXml(), and updateUser().

+ Here is the caller graph for this function:

◆ parseRoleAssignments()

ilOpenIdConnectUserSync::parseRoleAssignments ( )
protected

Parse role assignments.

Returns
array array of role assignments

Definition at line 211 of file class.ilOpenIdConnectUserSync.php.

211 : array
212 {
213 $this->logger->debug('Parsing role assignments');
214
215 $found_role = false;
216
217 $roles_assignable[$this->settings->getRole()] = $this->settings->getRole();
218
219
220 $this->logger->dump($this->settings->getRoleMappings(), \ilLogLevel::DEBUG);
221
222 foreach ($this->settings->getRoleMappings() as $role_id => $role_info) {
223 $this->logger->dump($role_id);
224 $this->logger->dump($role_info);
225
226 list($role_attribute, $role_value) = explode('::', $role_info['value']);
227
228 if (
229 !$role_attribute ||
230 !$role_value
231 ) {
232 $this->logger->debug('No valid role mapping configuration for: ' . $role_id);
233 continue;
234 }
235
236 if (!isset($this->user_info->$role_attribute)) {
237 $this->logger->debug('No user info passed');
238 continue;
239 }
240
241 if (
242 !$this->needsCreation() &&
243 !$role_info['update']
244 ) {
245 $this->logger->debug('No user role update for role: ' . $role_id);
246 continue;
247 }
248
249 if (is_array($this->user_info->$role_attribute)) {
250 if (!in_array($role_value, $this->user_info->$role_attribute)) {
251 $this->logger->debug('User account has no ' . $role_value);
252 continue;
253 }
254 } elseif (strcmp($this->user_info->$role_attribute, $role_value) !== 0) {
255 $this->logger->debug('User account has no ' . $role_value);
256 continue;
257 }
258 $this->logger->debug('Matching role mapping for role_id: ' . $role_id);
259
260 $found_role = true;
261 $roles_assignable[$role_id] = $role_id;
262 $long_role_id = ('il_' . IL_INST_ID . '_role_' . $role_id);
263
264 $this->writer->xmlElement(
265 'Role',
266 [
267 'Id' => $long_role_id,
268 'Type' => 'Global',
269 'Action' => 'Assign'
270 ],
271 null
272 );
273 }
274
275 if ($this->needsCreation() && !$found_role) {
276 $long_role_id = ('il_' . IL_INST_ID . '_role_' . $this->settings->getRole());
277
278 // add default role
279 $this->writer->xmlElement(
280 'Role',
281 [
282 'Id' => $long_role_id,
283 'Type' => 'Global',
284 'Action' => 'Assign'
285 ],
286 null
287 );
288 }
289 return $roles_assignable;
290 }

References ilLogLevel\DEBUG, needsCreation(), and settings().

Referenced by transformToXml(), and updateUser().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ setExternalAccount()

ilOpenIdConnectUserSync::setExternalAccount ( string  $ext_account)
Parameters
string$ext_account

Definition at line 69 of file class.ilOpenIdConnectUserSync.php.

70 {
71 $this->ext_account = $ext_account;
72 }

References $ext_account.

◆ setInternalAccount()

ilOpenIdConnectUserSync::setInternalAccount ( string  $int_account)
Parameters
string$int_account

Definition at line 77 of file class.ilOpenIdConnectUserSync.php.

78 {
79 $this->int_account = $int_account;
80 $this->usr_id = ilObjUser::_lookupId($this->int_account);
81 }
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:831

References $int_account, and ilObjUser\_lookupId().

Referenced by updateUser().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ transformToXml()

ilOpenIdConnectUserSync::transformToXml ( )
protected

transform user data to xml

Definition at line 135 of file class.ilOpenIdConnectUserSync.php.

136 {
137 $this->writer->xmlStartTag('Users');
138
139 if ($this->needsCreation()) {
140 $this->writer->xmlStartTag('User', ['Action' => 'Insert']);
141 $this->writer->xmlElement('Login', [], ilAuthUtils::_generateLogin($this->ext_account));
142 } else {
143 $this->writer->xmlStartTag(
144 'User',
145 [
146 'Id' => $this->getUserId(),
147 'Action' => 'Update'
148 ]
149 );
150 $this->writer->xmlElement('Login', [], $this->int_account);
151 }
152
153 $this->writer->xmlElement('ExternalAccount', array(), $this->ext_account);
154 $this->writer->xmlElement('AuthMode', array('type' => self::AUTH_MODE), null);
155
156 $this->parseRoleAssignments();
157
158 if ($this->needsCreation()) {
159 $this->writer->xmlElement('Active', array(), "true");
160 $this->writer->xmlElement('TimeLimitOwner', array(), 7);
161 $this->writer->xmlElement('TimeLimitUnlimited', array(), 1);
162 $this->writer->xmlElement('TimeLimitFrom', array(), time());
163 $this->writer->xmlElement('TimeLimitUntil', array(), time());
164 }
165
166 foreach ($this->settings->getProfileMappingFields() as $field => $lng_key) {
167 $connect_name = $this->settings->getProfileMappingFieldValue($field);
168 if (!$connect_name) {
169 $this->logger->debug('Ignoring unconfigured field: ' . $field);
170 continue;
171 }
172 if (!$this->needsCreation() && !$this->settings->getProfileMappingFieldUpdate($field)) {
173 $this->logger->debug('Ignoring ' . $field . ' for update.');
174 continue;
175 }
176
177 $value = $this->valueFrom($connect_name);
178 if (!strlen($value)) {
179 $this->logger->debug('Cannot find user data in ' . $connect_name);
180 continue;
181 }
182
183 switch ($field) {
184 case 'firstname':
185 $this->writer->xmlElement('Firstname', [], $value);
186 break;
187
188 case 'lastname':
189 $this->writer->xmlElement('Lastname', [], $value);
190 break;
191
192 case 'email':
193 $this->writer->xmlElement('Email', [], $value);
194 break;
195
196 case 'birthday':
197 $this->writer->xmlElement('Birthday', [], $value);
198 break;
199 }
200 }
201 $this->writer->xmlEndTag('User');
202 $this->writer->xmlEndTag('Users');
203
204 $this->logger->debug($this->writer->xmlDumpMem());
205 }
ilAuthUtils\_generateLogin
static _generateLogin($a_login)
generate free login by starting with a default string and adding postfix numbers
Definition: class.ilAuthUtils.php:376
ilOpenIdConnectUserSync\parseRoleAssignments
parseRoleAssignments()
Parse role assignments.
Definition: class.ilOpenIdConnectUserSync.php:211

References ilAuthUtils\_generateLogin(), getUserId(), needsCreation(), parseRoleAssignments(), settings(), and valueFrom().

Referenced by updateUser().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ updateUser()

ilOpenIdConnectUserSync::updateUser ( )
Returns
bool
Exceptions
ilOpenIdConnectSyncForbiddenException

Definition at line 104 of file class.ilOpenIdConnectUserSync.php.

105 {
106 if ($this->needsCreation() && !$this->settings->isSyncAllowed()) {
107 throw new ilOpenIdConnectSyncForbiddenException('No internal account given.');
108 }
109
110 $this->transformToXml();
111
112 $importParser = new ilUserImportParser();
113 $importParser->setXMLContent($this->writer->xmlDumpMem(false));
114
115 $roles = $this->parseRoleAssignments();
116 $importParser->setRoleAssignment($roles);
117
118 $importParser->setFolderId(USER_FOLDER_ID);
119 $importParser->startParsing();
120 $debug = $importParser->getProtocol();
121
122
123 // lookup internal account
124 $int_account = ilObjUser::_checkExternalAuthAccount(
125 self::AUTH_MODE,
126 $this->ext_account
127 );
128 $this->setInternalAccount($int_account);
129 return true;
130 }
USER_FOLDER_ID
const USER_FOLDER_ID
Class ilObjUserFolder.
Definition: class.ilObjUserFolder.php:16
ilObjUser\_checkExternalAuthAccount
static _checkExternalAuthAccount($a_auth, $a_account, $tryFallback=true)
check whether external account and authentication method matches with a user
Definition: class.ilObjUser.php:3600
ilOpenIdConnectUserSync\transformToXml
transformToXml()
transform user data to xml
Definition: class.ilOpenIdConnectUserSync.php:135

References $int_account, ilObjUser\_checkExternalAuthAccount(), needsCreation(), parseRoleAssignments(), setInternalAccount(), settings(), transformToXml(), and USER_FOLDER_ID.

+ Here is the call graph for this function:

◆ valueFrom()

ilOpenIdConnectUserSync::valueFrom ( string  $connect_name)
protected
Parameters
string$connect_name

Definition at line 296 of file class.ilOpenIdConnectUserSync.php.

296 : string
297 {
298 if (!$connect_name) {
299 return '';
300 }
301 if (!property_exists($this->user_info, $connect_name)) {
302 $this->logger->debug('Cannot find property ' . $connect_name . ' in user info ');
303 return '';
304 }
305 $val = $this->user_info->$connect_name;
306 return $val;
307 }

Referenced by transformToXml().

+ Here is the caller graph for this function:

Field Documentation

◆ $ext_account

ilOpenIdConnectUserSync::$ext_account = ''
private

Definition at line 36 of file class.ilOpenIdConnectUserSync.php.

Referenced by setExternalAccount().

◆ $int_account

ilOpenIdConnectUserSync::$int_account = ''
private

Definition at line 42 of file class.ilOpenIdConnectUserSync.php.

Referenced by setInternalAccount(), and updateUser().

◆ $logger

ilOpenIdConnectUserSync::$logger
protected

Definition at line 22 of file class.ilOpenIdConnectUserSync.php.

◆ $settings

ilOpenIdConnectUserSync::$settings
protected

Definition at line 17 of file class.ilOpenIdConnectUserSync.php.

Referenced by __construct().

◆ $user_info

ilOpenIdConnectUserSync::$user_info = []
private

Definition at line 31 of file class.ilOpenIdConnectUserSync.php.

Referenced by __construct().

◆ $usr_id

ilOpenIdConnectUserSync::$usr_id = 0
private

Definition at line 47 of file class.ilOpenIdConnectUserSync.php.

Referenced by getUserId().

◆ $writer

ilOpenIdConnectUserSync::$writer
private

Definition at line 27 of file class.ilOpenIdConnectUserSync.php.

◆ AUTH_MODE

const ilOpenIdConnectUserSync::AUTH_MODE = 'oidc'

Definition at line 12 of file class.ilOpenIdConnectUserSync.php.

Referenced by ilAuthProviderOpenIdConnect\handleUpdate().

The documentation for this class was generated from the following file: