ILIAS  release_7 Revision v7.30-3-g800a261c036
class.ilAuthFrontendCredentialsApache.php
Go to the documentation of this file.
1<?php
2/* Copyright (c) 1998-2010 ILIAS open source, Extended GPL, see docs/LICENSE */
3
4use Psr\Http\Message\ServerRequestInterface;
5
14{
16 private $httpRequest;
17
19 private $ctrl;
20
21 private $settings = null;
22
28 public function __construct(ServerRequestInterface $httpRequest, \ilCtrl $ctrl)
29 {
30 $this->httpRequest = $httpRequest;
31 $this->ctrl = $ctrl;
33
34 $this->settings = new \ilSetting('apache_auth');
35 }
36
42 {
43 $cmd = (string) ($this->httpRequest->getQueryParams()['cmd'] ?? '');
44 if ('' === $cmd) {
45 $cmd = (string) ($this->httpRequest->getParsedBody()['cmd'] ?? '');
46 }
47
48 if ('force_login' === $cmd) {
49 return false;
50 }
51
52 if (!$this->getSettings()->get('apache_enable_auth', false)) {
53 return false;
54 }
55
56 if (!$this->getSettings()->get('apache_auth_authenticate_on_login_page', false)) {
57 return false;
58 }
59
60 if (
62 isset($this->httpRequest->getQueryParams()['passed_sso']) ||
63 (defined('IL_CERT_SSO') && IL_CERT_SSO == '1')
64 ) {
65 return false;
66 }
67
68 $path = (string) ($this->httpRequest->getServerParams()['REQUEST_URI'] ?? '');
69 if (substr($path, 0, 1) === '/') {
70 $path = substr($path, 1);
71 }
72
73 if (substr($path, 0, 4) !== 'http') {
74 $parts = parse_url(ILIAS_HTTP_PATH);
75 $path = $parts['scheme'] . '://' . $parts['host'] . '/' . $path;
76 }
77
78 $this->ctrl->redirectToURL(
80 './sso/index.php?force_mode_apache=1&' .
81 'r=' . urlencode($path) .
82 '&cookie_path=' . urlencode(IL_COOKIE_PATH) .
83 '&ilias_path=' . urlencode(ILIAS_HTTP_PATH)
84 )
85 );
86 }
87
91 protected function getSettings() : \ilSetting
92 {
93 return $this->settings;
94 }
95
99 public function initFromRequest()
100 {
101 $mappingFieldName = $this->getSettings()->get('apache_auth_username_direct_mapping_fieldname', '');
102
103 $this->getLogger()->dump($this->httpRequest->getServerParams(), \ilLogLevel::DEBUG);
104 $this->getLogger()->debug($mappingFieldName);
105
106 switch ($this->getSettings()->get('apache_auth_username_config_type')) {
107 case \ilAuthProviderApache::APACHE_AUTH_TYPE_DIRECT_MAPPING:
108 if (isset($this->httpRequest->getServerParams()[$mappingFieldName])) {
109 $this->setUsername($this->httpRequest->getServerParams()[$mappingFieldName]);
110 }
111 break;
112
113 case \ilAuthProviderApache::APACHE_AUTH_TYPE_BY_FUNCTION:
114 $this->setUsername((string) \ApacheCustom::getUsername());
115 break;
116 }
117 }
118
122 public function hasValidTargetUrl() : bool
123 {
124 $targetUrl = trim((string) ($this->httpRequest->getQueryParams()['r'] ?? ''));
125 if (0 == strlen($targetUrl)) {
126 return false;
127 }
128
129 $validDomains = array();
130 $path = ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt';
131 if (file_exists($path) && is_readable($path)) {
132 foreach (file($path) as $line) {
133 if (trim($line)) {
134 $validDomains[] = trim($line);
135 }
136 }
137 }
138
139 $validator = new \ilWhiteListUrlValidator($targetUrl, $validDomains);
140
141 return $validator->isValid();
142 }
143
147 public function getTargetUrl() : string
148 {
149 return \ilUtil::appendUrlParameterString(trim($this->httpRequest->getQueryParams()['r']), 'passed_sso=1');
150 }
151}
An exception for terminatinating execution or to throw for unit testing.
__construct(ServerRequestInterface $httpRequest, \ilCtrl $ctrl)
ilAuthFrontendCredentialsApache constructor.
tryAuthenticationOnLoginPage()
Check if an authentication attempt should be done when login page has been called.
static supportsRedirects()
Are redirects supported?
This class provides processing control methods.
ILIAS Setting Class.
static getHtmlPath($relative_path)
get url of path
const CLIENT_ID
Definition: constants.php:39
const ILIAS_DATA_DIR
Definition: constants.php:42
Interface of auth credentials.
const IL_COOKIE_PATH(isset($_GET["client_id"]))
Definition: metadata.php:47
__construct(Container $dic, ilPlugin $plugin)
@inheritDoc
settings()
Definition: settings.php:2