ILIAS  release_7 Revision v7.30-3-g800a261c036
Public Member Functions | Static Public Member Functions | Protected Attributes | Static Protected Attributes | Private Member Functions | Static Private Attributes
ilSamlIdp Class Reference

Class ilSamlIdp. More...

+ Collaboration diagram for ilSamlIdp:

Public Member Functions

 __construct (int $a_idp_id=0)
 
 persist ()
 
 delete ()
 Deletes an idp with all relvant mapping rules. More...
 
 toArray ()
 
 bindDbRecord (array $record)
 
 getEntityId ()
 
 setEntityId (string $entity_id)
 
 isActive ()
 
 setActive (bool $is_active)
 
 getIdpId ()
 
 setIdpId (int $idp_id)
 
 allowLocalAuthentication ()
 
 setLocalLocalAuthenticationStatus (bool $status)
 
 getDefaultRoleId ()
 
 setDefaultRoleId (int $role_id)
 
 setUidClaim (string $claim)
 
 getUidClaim ()
 
 setLoginClaim (string $claim)
 
 getLoginClaim ()
 
 isSynchronizationEnabled ()
 
 setSynchronizationStatus (bool $sync)
 
 isAccountMigrationEnabled ()
 
 setAccountMigrationStatus (bool $status)
 

Static Public Member Functions

static getFirstActiveIdp ()
 
static getInstanceByIdpId (int $a_idp_id)
 
static isAuthModeSaml (string $a_auth_mode)
 
static getIdpIdByAuthMode (string $a_auth_mode)
 
static geIdpIdByEntityId ($entityId)
 
static getActiveIdpList ()
 
static getAllIdps ()
 
static getAuthModeByKey (string $a_auth_key)
 
static getKeyByAuthMode (string $a_auth_mode)
 

Protected Attributes

 $db
 
 $idp_id
 
 $is_active = false
 
 $allow_local_auth = false
 
 $default_role_id = 0
 
 $uid_claim = ''
 
 $login_claim = ''
 
 $sync_status = false
 
 $entity_id = ''
 
 $account_migration_status = false
 

Static Protected Attributes

static $idp_as_data = []
 

Private Member Functions

 read ()
 

Static Private Attributes

static $instances = []
 

Detailed Description

Class ilSamlIdp.

Author
Michael Jansen mjans.nosp@m.en@d.nosp@m.ataba.nosp@m.y.de

Definition at line 8 of file class.ilSamlIdp.php.

Constructor & Destructor Documentation

◆ __construct()

ilSamlIdp::__construct ( int  $a_idp_id = 0)
Parameters
int$a_idp_id

Definition at line 38 of file class.ilSamlIdp.php.

39 {
40 $this->db = $GLOBALS['DIC']->database();
41 $this->idp_id = $a_idp_id;
42
43 if ($this->idp_id > 0) {
44 $this->read();
45 }
46 }
$GLOBALS
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
Definition: PEAR.php:64

References $GLOBALS, and read().

+ Here is the call graph for this function:

Member Function Documentation

◆ allowLocalAuthentication()

ilSamlIdp::allowLocalAuthentication ( )
Returns
bool

Definition at line 353 of file class.ilSamlIdp.php.

353 : bool
354 {
355 return $this->allow_local_auth;
356 }

References $allow_local_auth.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ bindDbRecord()

ilSamlIdp::bindDbRecord ( array  $record)
Parameters
array$record

Definition at line 158 of file class.ilSamlIdp.php.

158 : void
159 {
160 $this->setIdpId((int) $record['idp_id']);
161 $this->setActive((bool) $record['is_active']);
162 $this->setDefaultRoleId((int) $record['default_role_id']);
163 $this->setUidClaim((string) $record['uid_claim']);
164 $this->setLoginClaim((string) $record['login_claim']);
165 $this->setSynchronizationStatus((bool) $record['sync_status']);
166 $this->setAccountMigrationStatus((bool) $record['account_migr_status']);
167 $this->setLocalLocalAuthenticationStatus((bool) $record['allow_local_auth']);
168 $this->setEntityId((string) $record['entity_id']);
169 }
ilSamlIdp\setLocalLocalAuthenticationStatus
setLocalLocalAuthenticationStatus(bool $status)
Definition: class.ilSamlIdp.php:361
ilSamlIdp\setUidClaim
setUidClaim(string $claim)
Definition: class.ilSamlIdp.php:385
ilSamlIdp\setLoginClaim
setLoginClaim(string $claim)
Definition: class.ilSamlIdp.php:401
ilSamlIdp\setDefaultRoleId
setDefaultRoleId(int $role_id)
Definition: class.ilSamlIdp.php:377
ilSamlIdp\setIdpId
setIdpId(int $idp_id)
Definition: class.ilSamlIdp.php:345
ilSamlIdp\setSynchronizationStatus
setSynchronizationStatus(bool $sync)
Definition: class.ilSamlIdp.php:425
ilSamlIdp\setAccountMigrationStatus
setAccountMigrationStatus(bool $status)
Definition: class.ilSamlIdp.php:441
ilSamlIdp\setActive
setActive(bool $is_active)
Definition: class.ilSamlIdp.php:329
ilSamlIdp\setEntityId
setEntityId(string $entity_id)
Definition: class.ilSamlIdp.php:313

References setAccountMigrationStatus(), setActive(), setDefaultRoleId(), setEntityId(), setIdpId(), setLocalLocalAuthenticationStatus(), setLoginClaim(), setSynchronizationStatus(), and setUidClaim().

Referenced by read().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ delete()

ilSamlIdp::delete ( )

Deletes an idp with all relvant mapping rules.

Furthermore the auth_mode of the relevant user accounts will be switched to 'default'

Definition at line 120 of file class.ilSamlIdp.php.

120 : void
121 {
122 $mapping = new ilExternalAuthUserAttributeMapping('saml', $this->getIdpId());
123 $mapping->delete();
124
125 $this->db->manipulateF(
126 'UPDATE usr_data SET auth_mode = %s WHERE auth_mode = %s',
127 array('text', 'text'),
128 array('default', AUTH_SAML . '_' . $this->getIdpId())
129 );
130
131 $this->db->manipulate('DELETE FROM saml_idp_settings WHERE idp_id = ' . $this->db->quote(
132 $this->getIdpId(),
133 'integer'
134 ));
135 }
AUTH_SAML
const AUTH_SAML
Definition: class.ilAuthUtils.php:18

References AUTH_SAML, and getIdpId().

+ Here is the call graph for this function:

◆ geIdpIdByEntityId()

static ilSamlIdp::geIdpIdByEntityId (   $entityId)
static
Parameters
string$entityId
Returns
int

Definition at line 227 of file class.ilSamlIdp.php.

228 {
229 foreach (self::getAllIdps() as $idp) {
230 if ($idp->isActive() && $idp->getEntityId() === $entityId) {
231 return $idp->getIdpId();
232 }
233 }
234
235 return 0;
236 }
$entityId
if( $source===null) if(!($source instanceof SP)) $entityId
Definition: metadata.php:88

References $entityId.

Referenced by ilStartUpGUI\doSamlAuthentication().

+ Here is the caller graph for this function:

◆ getActiveIdpList()

static ilSamlIdp::getActiveIdpList ( )
static
Returns
self[]

Definition at line 241 of file class.ilSamlIdp.php.

241 : array
242 {
243 $idps = [];
244
245 foreach (self::getAllIdps() as $idp) {
246 if ($idp->isActive()) {
247 $idps[] = $idp;
248 }
249 }
250
251 return $idps;
252 }

Referenced by ilAuthUtils\_getActiveAuthModes(), ilAuthUtils\_isExternalAccountEnabled(), ilStartUpGUI\doSamlAuthentication(), getFirstActiveIdp(), ilUserImportParser\importBeginTag(), ilStartUpGUI\showSamlLoginForm(), and ilUserImportParser\verifyBeginTag().

+ Here is the caller graph for this function:

◆ getAllIdps()

static ilSamlIdp::getAllIdps ( )
static
Returns
self[]

Definition at line 257 of file class.ilSamlIdp.php.

257 : array
258 {
259 global $DIC;
260
261 $res = $DIC->database()->query('SELECT * FROM saml_idp_settings');
262
263 $idps = [];
264 while ($row = $DIC->database()->fetchAssoc($res)) {
265 $idp = new self();
266 $idp->bindDbRecord($row);
267
268 $idps[] = $idp;
269 }
270
271 return $idps;
272 }
$DIC
global $DIC
Definition: goto.php:24
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15

References $DIC, and $res.

Referenced by ilAuthUtils\_getAllAuthModes(), and ilSamlIdpTableGUI\getItems().

+ Here is the caller graph for this function:

◆ getAuthModeByKey()

static ilSamlIdp::getAuthModeByKey ( string  $a_auth_key)
static
Parameters
string$a_auth_key
Returns
string

Definition at line 278 of file class.ilSamlIdp.php.

278 : string
279 {
280 $auth_arr = explode('_', $a_auth_key);
281 if (count((array) $auth_arr) > 1) {
282 return 'saml_' . $auth_arr[1];
283 }
284
285 return 'saml';
286 }

Referenced by ilAuthUtils\_getAuthModeName().

+ Here is the caller graph for this function:

◆ getDefaultRoleId()

ilSamlIdp::getDefaultRoleId ( )
Returns
int

Definition at line 369 of file class.ilSamlIdp.php.

369 : int
370 {
371 return $this->default_role_id;
372 }

References $default_role_id.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ getEntityId()

ilSamlIdp::getEntityId ( )
Returns
string

Definition at line 305 of file class.ilSamlIdp.php.

305 : string
306 {
307 return $this->entity_id;
308 }

References $entity_id.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ getFirstActiveIdp()

static ilSamlIdp::getFirstActiveIdp ( )
static
Returns
self
Exceptions
ilSamlException

Definition at line 52 of file class.ilSamlIdp.php.

52 : self
53 {
54 $idps = self::getActiveIdpList();
55 if (count($idps) > 0) {
56 return current($idps);
57 }
58
59 throw new ilSamlException('No active SAML IDP found');
60 }
ilSamlException
Class ilSamlException.
Definition: class.ilSamlException.php:8
ilSamlIdp\getActiveIdpList
static getActiveIdpList()
Definition: class.ilSamlIdp.php:241

References getActiveIdpList().

Referenced by ilAuthProviderSaml\__construct().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getIdpId()

ilSamlIdp::getIdpId ( )
Returns
int

Definition at line 337 of file class.ilSamlIdp.php.

337 : int
338 {
339 return $this->idp_id;
340 }

References $idp_id.

Referenced by delete(), persist(), ilSamlSettingsGUI\populateWithMetadata(), read(), ilSamlSettingsGUI\storeMetadata(), and toArray().

+ Here is the caller graph for this function:

◆ getIdpIdByAuthMode()

static ilSamlIdp::getIdpIdByAuthMode ( string  $a_auth_mode)
static
Parameters
string$a_auth_mode
Returns
null|int

Definition at line 213 of file class.ilSamlIdp.php.

213 : ?int
214 {
215 if (self::isAuthModeSaml($a_auth_mode)) {
216 $auth_arr = explode('_', $a_auth_mode);
217 return (int) $auth_arr[1];
218 }
219
220 return null;
221 }

Referenced by ilObjAuthSettingsGUI\authSettingsObject(), ilAuthUtils\getAuthModeTranslation(), ilAuthProviderFactory\getProviderByAuthMode(), ilAuthUtils\isLocalPasswordEnabledForAuthMode(), and ilAuthUtils\isPasswordModificationEnabled().

+ Here is the caller graph for this function:

◆ getInstanceByIdpId()

static ilSamlIdp::getInstanceByIdpId ( int  $a_idp_id)
static
Parameters
int$a_idp_id
Returns
self

Definition at line 66 of file class.ilSamlIdp.php.

66 : self
67 {
68 if (!isset(self::$instances[$a_idp_id]) || !(self::$instances[$a_idp_id] instanceof self)) {
69 self::$instances[$a_idp_id] = new self($a_idp_id);
70 }
71
72 return self::$instances[$a_idp_id];
73 }

Referenced by ilAuthProviderSaml\__construct(), ilObjAuthSettingsGUI\authSettingsObject(), ilAuthUtils\getAuthModeTranslation(), ilSamlSettingsGUI\initIdp(), ilAuthUtils\isLocalPasswordEnabledForAuthMode(), and ilAuthUtils\isPasswordModificationEnabled().

+ Here is the caller graph for this function:

◆ getKeyByAuthMode()

static ilSamlIdp::getKeyByAuthMode ( string  $a_auth_mode)
static
Parameters
string$a_auth_mode
Returns
string

Definition at line 292 of file class.ilSamlIdp.php.

292 : string
293 {
294 $auth_arr = explode('_', $a_auth_mode);
295 if (count((array) $auth_arr) > 1) {
296 return AUTH_SAML . '_' . $auth_arr[1];
297 }
298
299 return (string) AUTH_SAML;
300 }

References AUTH_SAML.

Referenced by ilAuthUtils\_getAuthMode().

+ Here is the caller graph for this function:

◆ getLoginClaim()

ilSamlIdp::getLoginClaim ( )
Returns
string

Definition at line 409 of file class.ilSamlIdp.php.

409 : string
410 {
411 return $this->login_claim;
412 }

References $login_claim.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ getUidClaim()

ilSamlIdp::getUidClaim ( )
Returns
string

Definition at line 393 of file class.ilSamlIdp.php.

393 : string
394 {
395 return $this->uid_claim;
396 }

References $uid_claim.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ isAccountMigrationEnabled()

ilSamlIdp::isAccountMigrationEnabled ( )
Returns
bool

Definition at line 433 of file class.ilSamlIdp.php.

433 : bool
434 {
435 return $this->account_migration_status;
436 }

References $account_migration_status.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ isActive()

ilSamlIdp::isActive ( )
Returns
bool

Definition at line 321 of file class.ilSamlIdp.php.

321 : bool
322 {
323 return $this->is_active;
324 }

References $is_active.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ isAuthModeSaml()

static ilSamlIdp::isAuthModeSaml ( string  $a_auth_mode)
static
Parameters
string$a_auth_mode
Returns
bool

Definition at line 194 of file class.ilSamlIdp.php.

194 : bool
195 {
196 if (!$a_auth_mode) {
197 $GLOBALS['DIC']->logger()->auth()->write(__METHOD__ . ': No auth mode given..............');
198 return false;
199 }
200
201 $auth_arr = explode('_', $a_auth_mode);
202 return (
203 count($auth_arr) === 2 &&
204 (int) $auth_arr[0] === (int) AUTH_SAML &&
205 strlen($auth_arr[1]) > 0
206 );
207 }

References $GLOBALS, and AUTH_SAML.

Referenced by ilObjAuthSettingsGUI\authSettingsObject().

+ Here is the caller graph for this function:

◆ isSynchronizationEnabled()

ilSamlIdp::isSynchronizationEnabled ( )
Returns
bool

Definition at line 417 of file class.ilSamlIdp.php.

417 : bool
418 {
419 return $this->sync_status;
420 }

References $sync_status.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ persist()

ilSamlIdp::persist ( )

Definition at line 93 of file class.ilSamlIdp.php.

93 : void
94 {
95 if (!$this->getIdpId()) {
96 $this->setIdpId((int) $this->db->nextId('saml_idp_settings'));
97 }
98
99 $this->db->replace(
100 'saml_idp_settings',
101 [
102 'idp_id' => ['integer', $this->getIdpId()]
103 ],
104 [
105 'is_active' => ['integer', (int) $this->isActive()],
106 'default_role_id' => ['integer', $this->getDefaultRoleId()],
107 'uid_claim' => ['text', $this->getUidClaim()],
108 'login_claim' => ['text', $this->getLoginClaim()],
109 'entity_id' => ['text', $this->getEntityId()],
110 'sync_status' => ['integer', (int) $this->isSynchronizationEnabled()],
111 'allow_local_auth' => ['integer', (int) $this->allowLocalAuthentication()],
112 'account_migr_status' => ['integer', (int) $this->isAccountMigrationEnabled()]
113 ]
114 );
115 }
ilSamlIdp\isAccountMigrationEnabled
isAccountMigrationEnabled()
Definition: class.ilSamlIdp.php:433
ilSamlIdp\isSynchronizationEnabled
isSynchronizationEnabled()
Definition: class.ilSamlIdp.php:417
ilSamlIdp\allowLocalAuthentication
allowLocalAuthentication()
Definition: class.ilSamlIdp.php:353

References allowLocalAuthentication(), getDefaultRoleId(), getEntityId(), getIdpId(), getLoginClaim(), getUidClaim(), isAccountMigrationEnabled(), isActive(), isSynchronizationEnabled(), and setIdpId().

+ Here is the call graph for this function:

◆ read()

ilSamlIdp::read ( )
private
Exceptions
ilException

Definition at line 78 of file class.ilSamlIdp.php.

78 : void
79 {
80 $query = 'SELECT * FROM saml_idp_settings WHERE idp_id = ' . $this->db->quote($this->getIdpId(), 'integer');
81 $res = $this->db->query($query);
82 while ($record = $this->db->fetchAssoc($res)) {
83 $this->bindDbRecord($record);
84 return;
85 }
86
87 throw new ilException('Could not find idp');
88 }
ilException
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilException.php:28
ilSamlIdp\bindDbRecord
bindDbRecord(array $record)
Definition: class.ilSamlIdp.php:158
$query
$query
Definition: proxy_ylocal.php:13

References $query, $res, bindDbRecord(), and getIdpId().

Referenced by __construct().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ setAccountMigrationStatus()

ilSamlIdp::setAccountMigrationStatus ( bool  $status)
Parameters
bool$status

Definition at line 441 of file class.ilSamlIdp.php.

441 : void
442 {
443 $this->account_migration_status = $status;
444 }

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ setActive()

ilSamlIdp::setActive ( bool  $is_active)
Parameters
bool$is_active

Definition at line 329 of file class.ilSamlIdp.php.

329 : void
330 {
331 $this->is_active = $is_active;
332 }

References $is_active.

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ setDefaultRoleId()

ilSamlIdp::setDefaultRoleId ( int  $role_id)
Parameters
int$role_id

Definition at line 377 of file class.ilSamlIdp.php.

377 : void
378 {
379 $this->default_role_id = $role_id;
380 }

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ setEntityId()

ilSamlIdp::setEntityId ( string  $entity_id)
Parameters
string$entity_id

Definition at line 313 of file class.ilSamlIdp.php.

313 : void
314 {
315 $this->entity_id = $entity_id;
316 }

References $entity_id.

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ setIdpId()

ilSamlIdp::setIdpId ( int  $idp_id)
Parameters
int$idp_id

Definition at line 345 of file class.ilSamlIdp.php.

345 : void
346 {
347 $this->idp_id = $idp_id;
348 }

References $idp_id.

Referenced by bindDbRecord(), and persist().

+ Here is the caller graph for this function:

◆ setLocalLocalAuthenticationStatus()

ilSamlIdp::setLocalLocalAuthenticationStatus ( bool  $status)
Parameters
$statusboolean

Definition at line 361 of file class.ilSamlIdp.php.

361 : void
362 {
363 $this->allow_local_auth = $status;
364 }

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ setLoginClaim()

ilSamlIdp::setLoginClaim ( string  $claim)
Parameters
$claimstring

Definition at line 401 of file class.ilSamlIdp.php.

401 : void
402 {
403 $this->login_claim = $claim;
404 }

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ setSynchronizationStatus()

ilSamlIdp::setSynchronizationStatus ( bool  $sync)
Parameters
bool$sync

Definition at line 425 of file class.ilSamlIdp.php.

425 : void
426 {
427 $this->sync_status = $sync;
428 }

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ setUidClaim()

ilSamlIdp::setUidClaim ( string  $claim)
Parameters
$claimstring

Definition at line 385 of file class.ilSamlIdp.php.

385 : void
386 {
387 $this->uid_claim = $claim;
388 }

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ toArray()

ilSamlIdp::toArray ( )
Returns
array

Definition at line 140 of file class.ilSamlIdp.php.

140 : array
141 {
142 return [
143 'idp_id' => $this->getIdpId(),
144 'is_active' => $this->isActive(),
145 'default_role_id' => $this->getDefaultRoleId(),
146 'uid_claim' => $this->getUidClaim(),
147 'login_claim' => $this->getLoginClaim(),
148 'sync_status' => $this->isSynchronizationEnabled(),
149 'account_migr_status' => $this->isAccountMigrationEnabled(),
150 'allow_local_auth' => $this->allowLocalAuthentication(),
151 'entity_id' => $this->getEntityId()
152 ];
153 }

References allowLocalAuthentication(), getDefaultRoleId(), getEntityId(), getIdpId(), getLoginClaim(), getUidClaim(), isAccountMigrationEnabled(), isActive(), and isSynchronizationEnabled().

+ Here is the call graph for this function:

Field Documentation

◆ $account_migration_status

ilSamlIdp::$account_migration_status = false
protected

Definition at line 31 of file class.ilSamlIdp.php.

Referenced by isAccountMigrationEnabled().

◆ $allow_local_auth

ilSamlIdp::$allow_local_auth = false
protected

Definition at line 19 of file class.ilSamlIdp.php.

Referenced by allowLocalAuthentication().

◆ $db

ilSamlIdp::$db
protected

Definition at line 11 of file class.ilSamlIdp.php.

◆ $default_role_id

ilSamlIdp::$default_role_id = 0
protected

Definition at line 21 of file class.ilSamlIdp.php.

Referenced by getDefaultRoleId().

◆ $entity_id

ilSamlIdp::$entity_id = ''
protected

Definition at line 29 of file class.ilSamlIdp.php.

Referenced by getEntityId(), and setEntityId().

◆ $idp_as_data

ilSamlIdp::$idp_as_data = []
staticprotected

Definition at line 33 of file class.ilSamlIdp.php.

◆ $idp_id

ilSamlIdp::$idp_id
protected

Definition at line 15 of file class.ilSamlIdp.php.

Referenced by getIdpId(), and setIdpId().

◆ $instances

ilSamlIdp::$instances = []
staticprivate

Definition at line 13 of file class.ilSamlIdp.php.

◆ $is_active

ilSamlIdp::$is_active = false
protected

Definition at line 17 of file class.ilSamlIdp.php.

Referenced by isActive(), and setActive().

◆ $login_claim

ilSamlIdp::$login_claim = ''
protected

Definition at line 25 of file class.ilSamlIdp.php.

Referenced by getLoginClaim().

◆ $sync_status

ilSamlIdp::$sync_status = false
protected

Definition at line 27 of file class.ilSamlIdp.php.

Referenced by isSynchronizationEnabled().

◆ $uid_claim

ilSamlIdp::$uid_claim = ''
protected

Definition at line 23 of file class.ilSamlIdp.php.

Referenced by getUidClaim().

The documentation for this class was generated from the following file: