Inheritance diagram for ilAuthProviderSoap:

Collaboration diagram for ilAuthProviderSoap:

Public Member Functions
	__construct (ilAuthCredentials $credentials)
	@inheritDoc More...

	doAuthentication (ilAuthStatus $status)
	@inheritDoc More...

Public Member Functions inherited from ilAuthProvider
	__construct (ilAuthCredentials $credentials)
	Constructor. More...

	getLogger ()
	Get logger. More...

	getCredentials ()

Public Member Functions inherited from ilAuthProviderInterface
	doAuthentication (\ilAuthStatus $status)
	Do authentication. More...

Protected Attributes
	$server_host = ''

	$server_port = ''

	$server_uri = ''

	$server_https = ''

	$server_nms = ''

	$use_dot_net = false

	$uri = ''

	$client

	$logger

	$settings

	$language

	$rbacAdmin

Private Member Functions
	initClient ()

	handleSoapAuth (ilAuthStatus $status)

Additional Inherited Members
Data Fields inherited from ilAuthProvider
const	STATUS_UNDEFINED = 0

const	STATUS_AUTHENTICATION_SUCCESS = 1

const	STATUS_AUTHENTICATION_FAILED = 2

const	STATUS_MIGRATION = 3

Protected Member Functions inherited from ilAuthProvider
	handleAuthenticationFail (ilAuthStatus $status, $a_reason)
	Handle failed authentication. More...

Detailed Description

Class ilAuthProviderSoap.

Author: Michael Jansen mjans.nosp@m.en@d.nosp@m.ataba.nosp@m.y.de

Definition at line 8 of file class.ilAuthProviderSoap.php.

Constructor & Destructor Documentation

◆ __construct()

ilAuthProviderSoap::__construct ( ilAuthCredentials $credentials )

@inheritDoc

Reimplemented from ilAuthProvider.

Definition at line 38 of file class.ilAuthProviderSoap.php.

    {
        global $DIC;
 
        $this->settings = $DIC->settings();
        $this->logger = $DIC->logger()->auth();
        $this->language = $DIC->language();
        $this->rbacAdmin = $DIC->rbac()->admin();
 
        parent::__construct($credentials);
    }

References ilAuthProvider\$credentials, $DIC, ILIAS\GlobalScreen\Provider\__construct(), language(), and settings().

Here is the call graph for this function:

Member Function Documentation

◆ doAuthentication()

ilAuthProviderSoap::doAuthentication ( ilAuthStatus $status )

@inheritDoc

Definition at line 79 of file class.ilAuthProviderSoap.php.

    {
        try {
            $this->initClient();
            $this->handleSoapAuth($status);
        } catch (Exception $e) {
            $this->getLogger()->error($e->getMessage());
            $status->setTranslatedReason($e->getMessage());
        }
 
        if ($status->getAuthenticatedUserId() > 0) {
            $this->logger->info('Successfully authenticated user via SOAP: ' . $this->getCredentials()->getUsername());
            $status->setStatus(ilAuthStatus::STATUS_AUTHENTICATED);
            ilSession::set('used_external_auth', true);
 
            return true;
        }
 
        $status->setStatus(ilAuthStatus::STATUS_AUTHENTICATION_FAILED);
 
        return false;
    }

References Vendor\Package\$e, ilAuthProvider\$status, ilAuthProvider\getCredentials(), ilAuthProvider\getLogger(), handleSoapAuth(), initClient(), ilSession\set(), ilAuthStatus\STATUS_AUTHENTICATED, and ilAuthStatus\STATUS_AUTHENTICATION_FAILED.

Here is the call graph for this function:

◆ handleSoapAuth()

ilAuthProviderSoap::handleSoapAuth ( ilAuthStatus $status )

private

Parameters

ilAuthStatus $status

Returns: bool

Definition at line 106 of file class.ilAuthProviderSoap.php.

                                                          : bool
    {
        $this->logger->debug(sprintf(
            'Login observer called for SOAP authentication request of ext_account "%s" and auth_mode "%s".',
            $this->getCredentials()->getUsername(),
            'soap'
        ));
        $this->logger->debug(sprintf(
            'Trying to find ext_account "%s" for auth_mode "%s".',
            $this->getCredentials()->getUsername(),
            'soap'
        ));
 
        $internalLogin = ilObjUser::_checkExternalAuthAccount(
            'soap',
            $this->getCredentials()->getUsername()
        );
 
        $isNewUser = false;
        if ('' === $internalLogin || false === $internalLogin) {
            $isNewUser = true;
        }
 
        $soapAction = '';
        $nspref = '';
        if ($this->use_dot_net) {
            $soapAction = $this->server_nms . '/isValidSession';
            $nspref = 'ns1:';
        }
 
        $valid = $this->client->call(
            'isValidSession',
            [
                $nspref . 'ext_uid' => $this->getCredentials()->getUsername(),
                $nspref . 'soap_pw' => $this->getCredentials()->getPassword(),
                $nspref . 'new_user' => $isNewUser
            ],
            $this->server_nms,
            $soapAction
        );
 
        if ($valid['valid'] !== true) {
            $valid['valid'] = false;
        }
 
        if (!$valid['valid']) {
            $status->setReason('err_wrong_login');
            return false;
        }
 
        if (!$isNewUser) {
            $status->setAuthenticatedUserId(ilObjUser::_lookupId($internalLogin));
            return true;
        } elseif (!$this->settings->get('soap_auth_create_users')) {
            // Translate the reasons, otherwise the default failure is displayed
            $status->setTranslatedReason($this->language->txt('err_valid_login_account_creation_disabled'));
            return false;
        }
 
        $userObj = new ilObjUser();
        $internalLogin = ilAuthUtils::_generateLogin($this->getCredentials()->getUsername());
 
        $usrData = [];
        $usrData['firstname'] = $valid['firstname'];
        $usrData['lastname'] = $valid['lastname'];
        $usrData['email'] = $valid['email'];
        $usrData['login'] = $internalLogin;
        $usrData['passwd'] = '';
        $usrData['passwd_type'] = IL_PASSWD_CRYPTED;
 
        $password = '';
        if ($this->settings->get('soap_auth_allow_local')) {
            $passwords = ilUtil::generatePasswords(1);
            $password = $passwords[0];
            $usrData['passwd'] = $password;
            $usrData['passwd_type'] = IL_PASSWD_PLAIN;
        }
 
        $usrData['auth_mode'] = 'soap';
        $usrData['ext_account'] = $this->getCredentials()->getUsername();
        $usrData['profile_incomplete'] = 1;
 
        $userObj->assignData($usrData);
        $userObj->setTitle($userObj->getFullname());
        $userObj->setDescription($userObj->getEmail());
        $userObj->setLanguage($this->language->getDefaultLanguage());
 
        $userObj->setTimeLimitOwner(USER_FOLDER_ID);
        $userObj->setTimeLimitUnlimited(1);
        $userObj->setTimeLimitFrom(time());
        $userObj->setTimeLimitUntil(time());
        $userObj->setOwner(0);
        $userObj->create();
        $userObj->setActive(1);
        $userObj->updateOwner();
        $userObj->saveAsNew(false);
        $userObj->writePrefs();
 
        $this->rbacAdmin->assignUser(
            $this->settings->get('soap_auth_user_default_role', 4),
            $userObj->getId()
        );
 
        if ($this->settings->get('soap_auth_account_mail', false)) {
            $registrationSettings = new ilRegistrationSettings();
            $registrationSettings->setPasswordGenerationStatus(true);
 
            $accountMail = new ilAccountRegistrationMail(
                $registrationSettings,
                $this->language,
                $this->logger
            );
            $accountMail
                ->withDirectRegistrationMode()
                ->send($userObj, $password, false);
        }
 
        $status->setAuthenticatedUserId($userObj->getId());
        return true;
    }

References $password, ilAuthProvider\$status, $valid, ilObjUser\_checkExternalAuthAccount(), ilAuthUtils\_generateLogin(), ilObjUser\_lookupId(), ilUtil\generatePasswords(), ilAuthProvider\getCredentials(), IL_PASSWD_CRYPTED, IL_PASSWD_PLAIN, language(), settings(), ilAuthStatus\setTranslatedReason(), and USER_FOLDER_ID.

Referenced by doAuthentication().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ initClient()

ilAuthProviderSoap::initClient ( )

private

Definition at line 53 of file class.ilAuthProviderSoap.php.

    {
        $this->server_host = (string) $this->settings->get('soap_auth_server', '');
        $this->server_port = (string) $this->settings->get('soap_auth_port', '');
        $this->server_uri = (string) $this->settings->get('soap_auth_uri', '');
        $this->server_nms = (string) $this->settings->get('soap_auth_namespace', '');
        $this->server_https = (bool) $this->settings->get('soap_auth_use_https', false);
        $this->use_dot_net = (bool) $this->settings->get('use_dotnet', false);
 
        $this->uri = $this->server_https ? 'https://' : 'http://';
        $this->uri .= $this->server_host;
 
        if ($this->server_port > 0) {
            $this->uri .= (':' . $this->server_port);
        }
        if ($this->server_uri) {
            $this->uri .= ('/' . $this->server_uri);
        }
 
        require_once './webservice/soap/lib/nusoap.php';
        $this->client = new nusoap_client($this->uri);
    }