ILIAS  release_7 Revision v7.30-3-g800a261c036
All Data Structures Namespaces Files Functions Variables Modules Pages
class.ilStartUpGUI.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (c) 1998-2009 ILIAS open source, Extended GPL, see docs/LICENSE */
3 
4 use Psr\Http\Message\ServerRequestInterface;
5 use ILIAS\UICore\PageContentProvider;
6 
16 class ilStartUpGUI
17 {
18  const ACCOUNT_MIGRATION_MIGRATE = 1;
19  const ACCOUNT_MIGRATION_NEW = 2;
20 
22  protected $ctrl;
23  protected $lng;
24 
28  protected $logger;
29 
31  protected $mainTemplate;
32 
34  protected $user;
35 
37  protected $termsOfServiceEvaluation;
38 
40  protected $httpRequest;
41 
43  protected $dic;
44 
48  private $help;
49 
57  public function __construct(
58  \ilObjUser $user = null,
59  \ilTermsOfServiceDocumentEvaluation $termsOfServiceEvaluation = null,
60  \ilGlobalTemplate $mainTemplate = null,
61  ServerRequestInterface $httpRequest = null
62  ) {
63  global $DIC;
64 
65  $this->dic = $DIC;
66 
67  if ($user === null) {
68  $user = $DIC->user();
69  }
70  $this->user = $user;
71 
72  if ($termsOfServiceEvaluation === null) {
73  $termsOfServiceEvaluation = $DIC['tos.document.evaluator'];
74  }
75  $this->termsOfServiceEvaluation = $termsOfServiceEvaluation;
76 
77  if ($mainTemplate === null) {
78  $mainTemplate = $DIC->ui()->mainTemplate();
79  }
80  $this->mainTemplate = $mainTemplate;
81 
82  if ($httpRequest === null) {
83  $httpRequest = $DIC->http()->request();
84  }
85  $this->httpRequest = $httpRequest;
86  $this->help = $DIC->help();
87 
88  $this->ctrl = $DIC->ctrl();
89  $this->lng = $DIC->language();
90  $this->lng->loadLanguageModule('auth');
91  $this->logger = ilLoggerFactory::getLogger('init');
92 
93  $this->ctrl->saveParameter($this, array("rep_ref_id", "lang", "target", "client_id"));
94 
95  $this->user->setLanguage($this->lng->getLangKey());
96  $this->help->setScreenIdComponent('init');
97  }
98 
103  public function executeCommand()
104  {
105  $cmd = $this->ctrl->getCmd("processIndexPHP", array('processIndexPHP','showLoginPage'));
106  $next_class = $this->ctrl->getNextClass($this);
107 
108  switch ($next_class) {
109  case 'ilLoginPageGUI':
110  break;
111 
112  case "ilaccountregistrationgui":
113  require_once("Services/Registration/classes/class.ilAccountRegistrationGUI.php");
114  return $this->ctrl->forwardCommand(new ilAccountRegistrationGUI());
115 
116  case "ilpasswordassistancegui":
117  require_once("Services/Init/classes/class.ilPasswordAssistanceGUI.php");
118  return $this->ctrl->forwardCommand(new ilPasswordAssistanceGUI());
119 
120  default:
121  if (method_exists($this, $cmd)) {
122  return $this->$cmd();
123  }
124  }
125  }
126 
131  public function getLogger()
132  {
133  return $this->logger;
134  }
135 
140  public function jumpToRegistration()
141  {
142  $this->ctrl->setCmdClass("ilaccountregistrationgui");
143  $this->ctrl->setCmd("");
144  $this->executeCommand();
145  }
146 
151  public function jumpToPasswordAssistance()
152  {
153  $this->ctrl->setCmdClass("ilpasswordassistancegui");
154  $this->ctrl->setCmd("");
155  $this->executeCommand();
156  }
157 
161  protected function showLoginPageOrStartupPage()
162  {
163 
167  $auth_session = $GLOBALS['DIC']['ilAuthSession'];
168  $ilAppEventHandler = $GLOBALS['DIC']['ilAppEventHandler'];
169 
170  $force_login = false;
171  if (
172  !is_array($_REQUEST['cmd']) &&
173  strcmp($_REQUEST['cmd'], 'force_login') === 0
174  ) {
175  $force_login = true;
176  }
177 
178  if ($force_login) {
179  $this->logger->debug('Force login');
180  if ($auth_session->isValid()) {
181  $messages = $this->retrieveMessagesFromSession();
182  $this->logger->debug('Valid session -> logout current user');
183  ilSession::setClosingContext(ilSession::SESSION_CLOSE_USER);
184  $auth_session->logout();
185 
186  $ilAppEventHandler->raise(
187  'Services/Authentication',
188  'afterLogout',
189  array(
190  'username' => $this->user->getLogin()
191  )
192  );
193  }
194  $this->logger->debug('Show login page');
195 
196  if (isset($messages) && count($messages) > 0) {
197  foreach ($messages as $type => $content) {
198  $this->mainTemplate->setOnScreenMessage($type, $content);
199  }
200  }
201  return $this->showLoginPage();
202  }
203 
207  if ($auth_session->isValid()) {
208  $this->logger->debug('Valid session -> redirect to starting page');
209  return ilInitialisation::redirectToStartingPage();
210  }
211  $this->logger->debug('No valid session -> show login');
212  $this->showLoginPage();
213  }
214 
215 
221  protected function showLoginPage(ilPropertyFormGUI $form = null)
222  {
223  global $tpl, $ilSetting;
224 
225  $this->help->setSubScreenId('login');
226 
227  $this->getLogger()->debug('Showing login page');
228 
229  $extUid = '';
230  $soapPw = '';
231  if (isset($this->httpRequest->getQueryParams()['ext_uid'])) {
232  $extUid = $this->httpRequest->getQueryParams()['ext_uid'];
233  }
234  if (isset($this->httpRequest->getQueryParams()['soap_pw'])) {
235  $soapPw = $this->httpRequest->getQueryParams()['soap_pw'];
236  }
237 
238  require_once 'Services/Authentication/classes/Frontend/class.ilAuthFrontendCredentialsSoap.php';
239  $credentials = new ilAuthFrontendCredentialsSoap($GLOBALS['DIC']->http()->request(), $this->ctrl, $ilSetting);
240  $credentials->setUsername(ilUtil::stripSlashes($extUid));
241  $credentials->setPassword(ilUtil::stripSlashes($soapPw));
242  $credentials->tryAuthenticationOnLoginPage();
243 
244  // try apache auth
245  include_once './Services/Authentication/classes/Frontend/class.ilAuthFrontendCredentialsApache.php';
246  $frontend = new ilAuthFrontendCredentialsApache($this->httpRequest, $this->ctrl);
247  $frontend->tryAuthenticationOnLoginPage();
248 
249  // Instantiate login template
250  $tpl = self::initStartUpTemplate("tpl.login.html");
251 
252  $this->mainTemplate->addCss(ilObjStyleSheet::getContentStylePath(0));
253  $this->mainTemplate->addCss(ilObjStyleSheet::getSyntaxStylePath());
254 
255  $page_editor_html = $this->getLoginPageEditorHTML();
256  $page_editor_html = $this->showOpenIdConnectLoginForm($page_editor_html);
257  $page_editor_html = $this->showLoginInformation($page_editor_html, $tpl);
258  $page_editor_html = $this->showLoginForm($page_editor_html, $form);
259  $page_editor_html = $this->showCASLoginForm($page_editor_html);
260  $page_editor_html = $this->showShibbolethLoginForm($page_editor_html);
261  $page_editor_html = $this->showSamlLoginForm($page_editor_html);
262  $page_editor_html = $this->showRegistrationLinks($page_editor_html);
263  $page_editor_html = $this->showTermsOfServiceLink($page_editor_html);
264 
265  $page_editor_html = $this->purgePlaceholders($page_editor_html);
266 
267  // check expired session and send message
268  if ($GLOBALS['DIC']['ilAuthSession']->isExpired() || $this->httpRequest->getQueryParams()['session_expired'] ?? false) {
269  ilUtil::sendFailure($GLOBALS['lng']->txt('auth_err_expired'));
270  }
271 
272  if (strlen($page_editor_html)) {
273  $tpl->setVariable('LPE', $page_editor_html);
274  }
275 
276  $tosWithdrawalGui = new ilTermsOfServiceWithdrawalGUIHelper($this->user);
277  $tosWithdrawalGui->setWithdrawalInfoForLoginScreen($this->httpRequest);
278 
279  self::printToGlobalTemplate($tpl);
280  }
281 
282 
283  public static function printToGlobalTemplate($tpl)
284  {
285  global $DIC;
286  $gtpl = $DIC['tpl'];
287  $gtpl->setContent($tpl->get());
288  $gtpl->printToStdout("DEFAULT", false, true);
289  }
290 
291  protected function retrieveMessagesFromSession() : array
292  {
293  $messages = [];
294  if (ilSession::get(ilGlobalTemplate::MESSAGE_TYPE_FAILURE)) {
295  $messages[ilGlobalTemplate::MESSAGE_TYPE_FAILURE] = ilSession::get(ilGlobalTemplate::MESSAGE_TYPE_FAILURE);
296  }
297  if (ilSession::get(ilGlobalTemplate::MESSAGE_TYPE_SUCCESS)) {
298  $messages[ilGlobalTemplate::MESSAGE_TYPE_SUCCESS] = ilSession::get(ilGlobalTemplate::MESSAGE_TYPE_SUCCESS);
299  }
300  if (ilSession::get(ilGlobalTemplate::MESSAGE_TYPE_INFO)) {
301  $messages[ilGlobalTemplate::MESSAGE_TYPE_INFO] = ilSession::get(ilGlobalTemplate::MESSAGE_TYPE_INFO);
302  }
303  if (ilSession::get(ilGlobalTemplate::MESSAGE_TYPE_QUESTION)) {
304  $messages[ilGlobalTemplate::MESSAGE_TYPE_QUESTION] = ilSession::get(ilGlobalTemplate::MESSAGE_TYPE_QUESTION);
305  }
306  return $messages;
307  }
308 
309  protected function showCodeForm($a_username = null, $a_form = null)
310  {
311  global $tpl, $lng;
312 
313  $this->help->setSubScreenId('code_input');
314 
315  self::initStartUpTemplate("tpl.login_reactivate_code.html");
316 
317  ilUtil::sendFailure($lng->txt("time_limit_reached"));
318 
319  if (!$a_form) {
320  $a_form = $this->initCodeForm($a_username);
321  }
322 
323  $tpl->setVariable("FORM", $a_form->getHTML());
324  $tpl->printToStdout("DEFAULT", false);
325  }
326 
327  protected function initCodeForm($a_username)
328  {
329  global $lng, $ilCtrl;
330 
331  $lng->loadLanguageModule("auth");
332 
333  include_once 'Services/Form/classes/class.ilPropertyFormGUI.php';
334 
335  $form = new ilPropertyFormGUI();
336  $form->setFormAction($ilCtrl->getFormAction($this, 'showcodeform'));
337  $form->setTitle($lng->txt('auth_account_code_title'));
338 
339  $count = new ilTextInputGUI($lng->txt('auth_account_code'), 'code');
340  $count->setRequired(true);
341  $count->setInfo($lng->txt('auth_account_code_info'));
342  $form->addItem($count);
343 
344  // #11658
345  $uname = new ilHiddenInputGUI("uname");
346  $uname->setValue($a_username);
347  $form->addItem($uname);
348 
349  $form->addCommandButton('processCode', $lng->txt('send'));
350 
351  return $form;
352  }
353 
361  protected function processCode()
362  {
363  global $lng, $ilAuth, $ilCtrl;
364 
365  $uname = $_POST["uname"];
366 
367  $form = $this->initCodeForm($uname);
368  if ($uname && $form->checkInput()) {
369  $code = $form->getInput("code");
370 
371  include_once "Services/User/classes/class.ilAccountCode.php";
372  if (ilAccountCode::isUnusedCode($code)) {
373  $valid_until = ilAccountCode::getCodeValidUntil($code);
374 
375  if (!$user_id = ilObjUser::_lookupId($uname)) {
376  $this->showLoginPage();
377  return false;
378  }
379 
380  $invalid_code = false;
381  $user = new ilObjUser($user_id);
382 
383  if ($valid_until === "0") {
384  $user->setTimeLimitUnlimited(true);
385  } else {
386  if (is_numeric($valid_until)) {
387  $valid_until = strtotime("+" . $valid_until . "days");
388  } else {
389  $valid_until = explode("-", $valid_until);
390  $valid_until = mktime(
391  23,
392  59,
393  59,
394  $valid_until[1],
395  $valid_until[2],
396  $valid_until[0]
397  );
398  if ($valid_until < time()) {
399  $invalid_code = true;
400  }
401  }
402 
403  if (!$invalid_code) {
404  $user->setTimeLimitUnlimited(false);
405  $user->setTimeLimitUntil($valid_until);
406  }
407  }
408 
409  if (!$invalid_code) {
410  $user->setActive(true);
411 
412  ilAccountCode::useCode($code);
413 
414  // apply registration code role assignments
415  ilAccountCode::applyRoleAssignments($user, $code);
416 
417  // apply registration code time limits
418  ilAccountCode::applyAccessLimits($user, $code);
419 
420  $user->update();
421 
422  $ilCtrl->setParameter($this, "cu", 1);
423  $GLOBALS['DIC']->language()->loadLanguageModule('auth');
424  ilUtil::sendSuccess($GLOBALS['DIC']->language()->txt('auth_activation_code_success'), true);
425  $ilCtrl->redirect($this, "showLoginPage");
426  }
427  }
428 
429  $lng->loadLanguageModule("user");
430  $field = $form->getItemByPostVar("code");
431  $field->setAlert($lng->txt("user_account_code_not_valid"));
432  }
433 
434  $form->setValuesByPost();
435  $this->showCodeForm($uname, $form);
436  }
437 
438 
443  protected function initStandardLoginForm()
444  {
445  include_once 'Services/Form/classes/class.ilPropertyFormGUI.php';
446  $form = new ilPropertyFormGUI();
447  $form->setFormAction($this->ctrl->getFormAction($this, ''));
448  $form->setName("formlogin");
449  $form->setShowTopButtons(false);
450  $form->setTitle($this->lng->txt("login_to_ilias"));
451 
452  include_once './Services/Authentication/classes/class.ilAuthModeDetermination.php';
453  $det = ilAuthModeDetermination::_getInstance();
454 
455  if (ilAuthUtils::_hasMultipleAuthenticationMethods() and $det->isManualSelection()) {
456  $visible_auth_methods = array();
457  $radg = new ilRadioGroupInputGUI($this->lng->txt("auth_selection"), "auth_mode");
458  foreach (ilAuthUtils::_getMultipleAuthModeOptions($this->lng) as $key => $option) {
459  if (isset($option['hide_in_ui']) && $option['hide_in_ui']) {
460  continue;
461  }
462 
463  $op1 = new ilRadioOption($option['txt'], $key);
464  $radg->addOption($op1);
465  if (isset($option['checked'])) {
466  $radg->setValue($key);
467  }
468  $visible_auth_methods[] = $op1;
469  }
470 
471  if (count($visible_auth_methods) == 1) {
472  $first_auth_method = current($visible_auth_methods);
473  $hidden_auth_method = new ilHiddenInputGUI("auth_mode");
474  $hidden_auth_method->setValue($first_auth_method->getValue());
475  $form->addItem($hidden_auth_method);
476  } else {
477  $form->addItem($radg);
478  }
479  }
480 
481  $ti = new ilTextInputGUI($this->lng->txt("username"), "username");
482  $ti->setSize(20);
483  $ti->setRequired(true);
484  $form->addItem($ti);
485 
486  $pi = new ilPasswordInputGUI($this->lng->txt("password"), "password");
487  $pi->setUseStripSlashes(false);
488  $pi->setRetype(false);
489  $pi->setSkipSyntaxCheck(true);
490  $pi->setSize(20);
491  $pi->setDisableHtmlAutoComplete(false);
492  $pi->setRequired(true);
493  $form->addItem($pi);
494 
495  require_once 'Services/Captcha/classes/class.ilCaptchaUtil.php';
496  if (ilCaptchaUtil::isActiveForLogin()) {
497  require_once 'Services/Captcha/classes/class.ilCaptchaInputGUI.php';
498  $captcha = new ilCaptchaInputGUI($this->lng->txt('captcha_code'), 'captcha_code');
499  $captcha->setRequired(true);
500  $form->addItem($captcha);
501  }
502 
503  $form->addCommandButton("doStandardAuthentication", $this->lng->txt("log_in"));
504 
505  return $form;
506  }
507 
511  protected function doShibbolethAuthentication()
512  {
513  $this->getLogger()->debug('Trying shibboleth authentication');
514 
515  include_once './Services/AuthShibboleth/classes/class.ilAuthFrontendCredentialsShibboleth.php';
516  $credentials = new ilAuthFrontendCredentialsShibboleth();
517  $credentials->initFromRequest();
518 
519  include_once './Services/Authentication/classes/Provider/class.ilAuthProviderFactory.php';
520  $provider_factory = new ilAuthProviderFactory();
521  $provider = $provider_factory->getProviderByAuthMode($credentials, AUTH_SHIBBOLETH);
522 
523  include_once './Services/Authentication/classes/class.ilAuthStatus.php';
524  $status = ilAuthStatus::getInstance();
525 
526  include_once './Services/Authentication/classes/Frontend/class.ilAuthFrontendFactory.php';
527  $frontend_factory = new ilAuthFrontendFactory();
528  $frontend_factory->setContext(ilAuthFrontendFactory::CONTEXT_STANDARD_FORM);
529  $frontend = $frontend_factory->getFrontend(
530  $GLOBALS['DIC']['ilAuthSession'],
531  $status,
532  $credentials,
533  array($provider)
534  );
535 
536  $frontend->authenticate();
537 
538  switch ($status->getStatus()) {
539  case ilAuthStatus::STATUS_AUTHENTICATED:
540  ilLoggerFactory::getLogger('auth')->debug('Authentication successful; Redirecting to starting page.');
541  include_once './Services/Init/classes/class.ilInitialisation.php';
542  ilInitialisation::redirectToStartingPage();
543  return;
544 
545  case ilAuthStatus::STATUS_ACCOUNT_MIGRATION_REQUIRED:
546  return $GLOBALS['ilCtrl']->redirect($this, 'showAccountMigration');
547 
548  case ilAuthStatus::STATUS_AUTHENTICATION_FAILED:
549  ilUtil::sendFailure($status->getTranslatedReason(), true);
550  $GLOBALS['ilCtrl']->redirect($this, 'showLoginPage');
551  return false;
552  }
553 
554  ilUtil::sendFailure($this->lng->txt('err_wrong_login'));
555  $this->showLoginPage();
556  return false;
557  }
558 
562  protected function doCasAuthentication()
563  {
564  global $DIC;
565 
566  $this->getLogger()->debug('Trying cas authentication');
567 
568  include_once './Services/CAS/classes/class.ilAuthFrontendCredentialsCAS.php';
569  $credentials = new ilAuthFrontendCredentialsCAS();
570 
571  include_once './Services/Authentication/classes/Provider/class.ilAuthProviderFactory.php';
572  $provider_factory = new ilAuthProviderFactory();
573  $provider = $provider_factory->getProviderByAuthMode($credentials, AUTH_CAS);
574 
575  include_once './Services/Authentication/classes/class.ilAuthStatus.php';
576  $status = ilAuthStatus::getInstance();
577 
578  include_once './Services/Authentication/classes/Frontend/class.ilAuthFrontendFactory.php';
579  $frontend_factory = new ilAuthFrontendFactory();
580  $frontend_factory->setContext(ilAuthFrontendFactory::CONTEXT_STANDARD_FORM);
581  $frontend = $frontend_factory->getFrontend(
582  $GLOBALS['DIC']['ilAuthSession'],
583  $status,
584  $credentials,
585  array($provider)
586  );
587 
588  $frontend->authenticate();
589  switch ($status->getStatus()) {
590  case ilAuthStatus::STATUS_AUTHENTICATED:
591  $this->getLogger()->debug('Authentication successful.');
592  ilInitialisation::redirectToStartingPage();
593  break;
594 
595  case ilAuthStatus::STATUS_AUTHENTICATION_FAILED:
596  default:
597  ilUtil::sendFailure($DIC->language()->txt($status->getReason()));
598  $this->showLoginPage();
599  return false;
600  }
601  }
602 
606  protected function doLTIAuthentication()
607  {
608  $this->getLogger()->debug('Trying lti authentication');
609 
610  $credentials = new ilAuthFrontendCredentialsLTI();
611  $credentials->initFromRequest();
612 
613  $provider_factory = new ilAuthProviderFactory();
614  $provider = $provider_factory->getProviderByAuthMode($credentials, AUTH_PROVIDER_LTI);
615 
616  $status = ilAuthStatus::getInstance();
617 
618  $frontend_factory = new ilAuthFrontendFactory();
619  $frontend_factory->setContext(ilAuthFrontendFactory::CONTEXT_STANDARD_FORM);
620  $frontend = $frontend_factory->getFrontend(
621  $GLOBALS['DIC']['ilAuthSession'],
622  $status,
623  $credentials,
624  array($provider)
625  );
626 
627  $frontend->authenticate();
628 
629  switch ($status->getStatus()) {
630  case ilAuthStatus::STATUS_AUTHENTICATED:
631  ilLoggerFactory::getLogger('auth')->debug('Authentication successful; Redirecting to starting page.');
632  ilInitialisation::redirectToStartingPage();
633  return;
634 
635  case ilAuthStatus::STATUS_ACCOUNT_MIGRATION_REQUIRED:
636  return $GLOBALS['ilCtrl']->redirect($this, 'showAccountMigration');
637 
638  case ilAuthStatus::STATUS_AUTHENTICATION_FAILED:
639  ilUtil::sendFailure($GLOBALS['lng']->txt($status->getReason()), true);
640  $GLOBALS['ilCtrl']->redirect($this, 'showLoginPage');
641  return false;
642  }
643 
644  ilUtil::sendFailure($this->lng->txt('err_wrong_login'));
645  $this->showLoginPage();
646  return false;
647  }
648 
649 
653  protected function doApacheAuthentication()
654  {
655  $this->getLogger()->debug('Trying apache authentication');
656 
657  $credentials = new \ilAuthFrontendCredentialsApache($this->httpRequest, $this->ctrl);
658  $credentials->initFromRequest();
659 
660  $provider_factory = new \ilAuthProviderFactory();
661  $provider = $provider_factory->getProviderByAuthMode($credentials, AUTH_APACHE);
662 
663  $status = \ilAuthStatus::getInstance();
664 
665  $frontend_factory = new \ilAuthFrontendFactory();
666  $frontend_factory->setContext(\ilAuthFrontendFactory::CONTEXT_STANDARD_FORM);
667  $frontend = $frontend_factory->getFrontend(
668  $GLOBALS['DIC']['ilAuthSession'],
669  $status,
670  $credentials,
671  array($provider)
672  );
673 
674  $frontend->authenticate();
675 
676  switch ($status->getStatus()) {
677  case \ilAuthStatus::STATUS_AUTHENTICATED:
678  if ($credentials->hasValidTargetUrl()) {
679  \ilLoggerFactory::getLogger('auth')->debug(sprintf(
680  'Authentication successful. Redirecting to starting page: %s',
681  $credentials->getTargetUrl()
682  ));
683  $this->ctrl->redirectToURL($credentials->getTargetUrl());
684  } else {
685  \ilLoggerFactory::getLogger('auth')->debug(
686  'Authentication successful, but no valid target URL given. Redirecting to default starting page.'
687  );
688  \ilInitialisation::redirectToStartingPage();
689  }
690  break;
691 
692  case \ilAuthStatus::STATUS_ACCOUNT_MIGRATION_REQUIRED:
693  $this->ctrl->redirect($this, 'showAccountMigration');
694  break;
695 
696  case \ilAuthStatus::STATUS_AUTHENTICATION_FAILED:
697  \ilUtil::sendFailure($status->getTranslatedReason(), true);
698  $this->ctrl->redirectToURL(\ilUtil::appendUrlParameterString(
699  $this->ctrl->getLinkTarget($this, 'showLoginPage', '', false, false),
700  'passed_sso=1'
701  ));
702  break;
703  }
704 
705  \ilUtil::sendFailure($this->lng->txt('err_wrong_login'));
706  $this->showLoginPage();
707  return false;
708  }
709 
713  protected function doStandardAuthentication()
714  {
715  $form = $this->initStandardLoginForm();
716  if ($form->checkInput()) {
717  $this->getLogger()->debug('Trying to authenticate user.');
718 
719  include_once './Services/Authentication/classes/Frontend/class.ilAuthFrontendCredentials.php';
720  $credentials = new ilAuthFrontendCredentials();
721  $credentials->setUsername($form->getInput('username'));
722  $credentials->setPassword($form->getInput('password'));
723  $credentials->setCaptchaCode($form->getInput('captcha_code'));
724 
725  // set chosen auth mode
726  include_once './Services/Authentication/classes/class.ilAuthModeDetermination.php';
727  $det = ilAuthModeDetermination::_getInstance();
728  if (ilAuthUtils::_hasMultipleAuthenticationMethods() and $det->isManualSelection()) {
729  $credentials->setAuthMode($form->getInput('auth_mode'));
730  }
731 
732  include_once './Services/Authentication/classes/Provider/class.ilAuthProviderFactory.php';
733  $provider_factory = new ilAuthProviderFactory();
734  $providers = $provider_factory->getProviders($credentials);
735 
736  include_once './Services/Authentication/classes/class.ilAuthStatus.php';
737  $status = ilAuthStatus::getInstance();
738 
739  include_once './Services/Authentication/classes/Frontend/class.ilAuthFrontendFactory.php';
740  $frontend_factory = new ilAuthFrontendFactory();
741  $frontend_factory->setContext(ilAuthFrontendFactory::CONTEXT_STANDARD_FORM);
742  $frontend = $frontend_factory->getFrontend(
743  $GLOBALS['DIC']['ilAuthSession'],
744  $status,
745  $credentials,
746  $providers
747  );
748 
749  $frontend->authenticate();
750 
751  switch ($status->getStatus()) {
752  case ilAuthStatus::STATUS_AUTHENTICATED:
753  ilLoggerFactory::getLogger('auth')->debug('Authentication successful; Redirecting to starting page.');
754  include_once './Services/Init/classes/class.ilInitialisation.php';
755  ilInitialisation::redirectToStartingPage();
756  return;
757 
758  case ilAuthStatus::STATUS_CODE_ACTIVATION_REQUIRED:
759  $uname = ilObjUser::_lookupLogin($status->getAuthenticatedUserId());
760  return $this->showLoginPage($this->initCodeForm($uname));
761 
762  case ilAuthStatus::STATUS_ACCOUNT_MIGRATION_REQUIRED:
763  return $GLOBALS['ilCtrl']->redirect($this, 'showAccountMigration');
764 
765  case ilAuthStatus::STATUS_AUTHENTICATION_FAILED:
766  ilUtil::sendFailure($status->getTranslatedReason());
767  return $this->showLoginPage($form);
768  }
769  }
770  ilUtil::sendFailure($this->lng->txt('err_wrong_login'));
771  $this->showLoginPage($form);
772  return false;
773  }
774 
775 
776 
777 
778 
784  protected function showLoginForm($page_editor_html, ilPropertyFormGUI $form = null)
785  {
786  global $ilSetting,$lng,$tpl;
787 
788  // @todo move this to auth utils.
789  // login via ILIAS (this also includes radius and ldap)
790  // If local authentication is enabled for shibboleth users, we
791  // display the login form for ILIAS here.
792  if (($ilSetting->get("auth_mode") != AUTH_SHIBBOLETH ||
793  $ilSetting->get("shib_auth_allow_local")) &&
794  $ilSetting->get("auth_mode") != AUTH_CAS) {
795  if (!$form instanceof ilPropertyFormGUI) {
796  $form = $this->initStandardLoginForm();
797  }
798 
799  return $this->substituteLoginPageElements(
800  $tpl,
801  $page_editor_html,
802  $form->getHTML(),
803  '[list-login-form]',
804  'LOGIN_FORM'
805  );
806  }
807  return $page_editor_html;
808  }
809 
815  protected function showLoginInformation($page_editor_html, $tpl)
816  {
817  global $lng;
818 
819  if (strlen($page_editor_html)) {
820  // page editor active return
821  return $page_editor_html;
822  }
823 
824  $loginSettings = new ilSetting("login_settings");
825  $information = $loginSettings->get("login_message_" . $lng->getLangKey());
826 
827  if (strlen(trim($information))) {
828  $tpl->setVariable("TXT_LOGIN_INFORMATION", $information);
829  }
830  return $page_editor_html;
831  }
832 
839  protected function showCASLoginForm($page_editor_html)
840  {
841  global $ilSetting, $lng;
842 
843 
844  // cas login link
845  if ($ilSetting->get("cas_active")) {
846  $tpl = new ilTemplate('tpl.login_form_cas.html', true, true, 'Services/Init');
847  $tpl->setVariable("TXT_CAS_LOGIN", $lng->txt("login_to_ilias_via_cas"));
848  $tpl->setVariable("TXT_CAS_LOGIN_BUTTON", ilUtil::getImagePath("cas_login_button.png"));
849  $tpl->setVariable("TXT_CAS_LOGIN_INSTRUCTIONS", $ilSetting->get("cas_login_instructions"));
850  $this->ctrl->setParameter($this, "forceCASLogin", "1");
851  $tpl->setVariable("TARGET_CAS_LOGIN", $this->ctrl->getLinkTarget($this, "doCasAuthentication"));
852  $this->ctrl->setParameter($this, "forceCASLogin", "");
853 
854  return $this->substituteLoginPageElements(
855  $GLOBALS['tpl'],
856  $page_editor_html,
857  $tpl->get(),
858  '[list-cas-login-form]',
859  'CAS_LOGIN_FORM'
860  );
861  }
862  return $page_editor_html;
863  }
864 
870  protected function showShibbolethLoginForm($page_editor_html)
871  {
872  global $ilSetting, $lng;
873 
874  // Refactoring with ilFormPropertyGUI
875  // [...]
876 
877  // shibboleth login link
878  if ($ilSetting->get("shib_active")) {
879  $tpl = new ilTemplate('tpl.login_form_shibboleth.html', true, true, 'Services/Init');
880 
881  $tpl->setVariable('SHIB_FORMACTION', './shib_login.php'); // Bugfix http://ilias.de/mantis/view.php?id=10662 {$tpl->setVariable('SHIB_FORMACTION', $this->ctrl->getFormAction($this));}
882  $federation_name = $ilSetting->get("shib_federation_name");
883  $admin_mail = ' <a href="mailto:' . $ilSetting->get("admin_email") . '">ILIAS ' . $lng->txt(
884  "administrator"
885  ) . '</a>.';
886  if ($ilSetting->get("shib_hos_type") == 'external_wayf') {
887  $tpl->setCurrentBlock("shibboleth_login");
888  $tpl->setVariable("TXT_SHIB_LOGIN", $lng->txt("login_to_ilias_via_shibboleth"));
889  $tpl->setVariable("IL_TARGET", $_GET["target"]);
890  $tpl->setVariable("TXT_SHIB_FEDERATION_NAME", $ilSetting->get("shib_federation_name"));
891  $tpl->setVariable("TXT_SHIB_LOGIN_BUTTON", $ilSetting->get("shib_login_button"));
892  $tpl->setVariable(
893  "TXT_SHIB_LOGIN_INSTRUCTIONS",
894  sprintf(
895  $lng->txt("shib_general_login_instructions"),
896  $federation_name,
897  $admin_mail
898  )
899  );
900  $tpl->setVariable("TXT_SHIB_CUSTOM_LOGIN_INSTRUCTIONS", $ilSetting->get("shib_login_instructions"));
901  $tpl->parseCurrentBlock();
902  } elseif ($ilSetting->get("shib_hos_type") == 'embedded_wayf') {
903  $tpl->setCurrentBlock("shibboleth_custom_login");
904  $customInstructions = stripslashes($ilSetting->get("shib_login_instructions"));
905  $tpl->setVariable("TXT_SHIB_CUSTOM_LOGIN_INSTRUCTIONS", $customInstructions);
906  $tpl->parseCurrentBlock();
907  } else {
908  $tpl->setCurrentBlock("shibboleth_wayf_login");
909  $tpl->setVariable("TXT_SHIB_LOGIN", $lng->txt("login_to_ilias_via_shibboleth"));
910  $tpl->setVariable("TXT_SHIB_FEDERATION_NAME", $ilSetting->get("shib_federation_name"));
911  $tpl->setVariable("TXT_SELECT_HOME_ORGANIZATION", sprintf($lng->txt("shib_select_home_organization"), $ilSetting->get("shib_federation_name")));
912  $tpl->setVariable("TXT_CONTINUE", $lng->txt("btn_next"));
913  $tpl->setVariable("TXT_SHIB_HOME_ORGANIZATION", $lng->txt("shib_home_organization"));
914  $tpl->setVariable(
915  "TXT_SHIB_LOGIN_INSTRUCTIONS",
916  sprintf(
917  $lng->txt("shib_general_wayf_login_instructions"),
918  $admin_mail
919  )
920  );
921  $tpl->setVariable("TXT_SHIB_CUSTOM_LOGIN_INSTRUCTIONS", $ilSetting->get("shib_login_instructions"));
922 
923  require_once "./Services/AuthShibboleth/classes/class.ilShibbolethWAYF.php";
924  $WAYF = new ShibWAYF();
925 
926  $tpl->setVariable("TXT_SHIB_INVALID_SELECTION", $WAYF->showNotice());
927  $tpl->setVariable("SHIB_IDP_LIST", $WAYF->generateSelection());
928  $tpl->setVariable("ILW_TARGET", $_GET["target"]);
929  $tpl->parseCurrentBlock();
930  }
931 
932  return $this->substituteLoginPageElements($GLOBALS['tpl'], $page_editor_html, $tpl->get(), '[list-shibboleth-login-form]', 'SHIB_LOGIN_FORM');
933  }
934 
935  return $page_editor_html;
936  }
937 
938 
948  protected function substituteLoginPageElements($tpl, $page_editor_html, $element_html, $placeholder, $fallback_tplvar)
949  {
950  if (!strlen($page_editor_html)) {
951  $tpl->setVariable($fallback_tplvar, $element_html);
952  return $page_editor_html;
953  }
954  // Try to replace placeholders
955  if (!stristr($page_editor_html, $placeholder)) {
956  $tpl->setVariable($fallback_tplvar, $element_html);
957  return $page_editor_html;
958  }
959  return str_replace($placeholder, $element_html, $page_editor_html);
960  }
961 
966  protected function getLoginPageEditorHTML()
967  {
968  global $lng, $tpl;
969 
970  include_once './Services/Authentication/classes/class.ilAuthLoginPageEditorSettings.php';
971  $lpe = ilAuthLoginPageEditorSettings::getInstance();
972  $active_lang = $lpe->getIliasEditorLanguage($lng->getLangKey());
973 
974  if (!$active_lang) {
975  return '';
976  }
977 
978  // if page does not exist, return nothing
979  include_once './Services/COPage/classes/class.ilPageUtil.php';
980  if (!ilPageUtil::_existsAndNotEmpty('auth', ilLanguage::lookupId($active_lang))) {
981  return '';
982  }
983 
984  // get page object
985  $page_gui = new ilLoginPageGUI(ilLanguage::lookupId($active_lang));
986 
987  include_once("./Services/Style/Content/classes/class.ilObjStyleSheet.php");
988  $page_gui->setStyleId(0, 'auth');
989 
990  $page_gui->setPresentationTitle("");
991  $page_gui->setTemplateOutput(false);
992  $page_gui->setHeader("");
993  $ret = $page_gui->showPage();
994 
995  return $ret;
996  }
997 
1006  protected function showRegistrationLinks($page_editor_html)
1007  {
1008  global $lng, $ilSetting, $ilIliasIniFile, $ilAccess;
1009 
1010  $rtpl = new ilTemplate('tpl.login_registration_links.html', true, true, 'Services/Init');
1011 
1012  // allow new registrations?
1013  include_once 'Services/Registration/classes/class.ilRegistrationSettings.php';
1014  if (ilRegistrationSettings::_lookupRegistrationType() != IL_REG_DISABLED) {
1015  $rtpl->setCurrentBlock("new_registration");
1016  $rtpl->setVariable("REGISTER", $lng->txt("registration"));
1017  $rtpl->setVariable(
1018  "CMD_REGISTER",
1019  $this->ctrl->getLinkTargetByClass("ilaccountregistrationgui", "")
1020  );
1021  $rtpl->parseCurrentBlock();
1022  }
1023  // allow password assistance? Surpress option if Authmode is not local database
1024  if ($ilSetting->get("password_assistance")) {
1025  $rtpl->setCurrentBlock("password_assistance");
1026  $rtpl->setVariable("FORGOT_PASSWORD", $lng->txt("forgot_password"));
1027  $rtpl->setVariable("FORGOT_USERNAME", $lng->txt("forgot_username"));
1028  $rtpl->setVariable(
1029  "CMD_FORGOT_PASSWORD",
1030  $this->ctrl->getLinkTargetByClass("ilpasswordassistancegui", "")
1031  );
1032  $rtpl->setVariable(
1033  "CMD_FORGOT_USERNAME",
1034  $this->ctrl->getLinkTargetByClass("ilpasswordassistancegui", "showUsernameAssistanceForm")
1035  );
1036  $rtpl->setVariable("LANG_ID", $lng->getLangKey());
1037  $rtpl->parseCurrentBlock();
1038  }
1039 
1040  if (ilPublicSectionSettings::getInstance()->isEnabledForDomain($_SERVER['SERVER_NAME']) &&
1041  $ilAccess->checkAccessOfUser(ANONYMOUS_USER_ID, "read", "", ROOT_FOLDER_ID)) {
1042  $rtpl->setCurrentBlock("homelink");
1043  $rtpl->setVariable("CLIENT_ID", "?client_id=" . CLIENT_ID . "&lang=" . $lng->getLangKey());
1044  $rtpl->setVariable("TXT_HOME", $lng->txt("home"));
1045  $rtpl->parseCurrentBlock();
1046  }
1047 
1048  return $this->substituteLoginPageElements(
1049  $GLOBALS['tpl'],
1050  $page_editor_html,
1051  $rtpl->get(),
1052  '[list-registration-link]',
1053  'REG_PWD_CLIENT_LINKS'
1054  );
1055  }
1056 
1062  protected function showTermsOfServiceLink(string $page_editor_html) : string
1063  {
1064  if (!$this->user->getId()) {
1065  $this->user->setId(ANONYMOUS_USER_ID);
1066  }
1067 
1068  $helper = new ilTermsOfServiceHelper();
1069  if ($helper->isGloballyEnabled() && $this->termsOfServiceEvaluation->hasDocument()) {
1070  $utpl = new ilTemplate('tpl.login_terms_of_service_link.html', true, true, 'Services/Init');
1071  $utpl->setVariable('TXT_TERMS_OF_SERVICE', $this->lng->txt('usr_agreement'));
1072  $utpl->setVariable('LINK_TERMS_OF_SERVICE', $this->ctrl->getLinkTarget($this, 'showTermsOfService'));
1073 
1074  return $this->substituteLoginPageElements(
1075  $GLOBALS['tpl'],
1076  $page_editor_html,
1077  $utpl->get(),
1078  '[list-user-agreement]',
1079  'USER_AGREEMENT'
1080  );
1081  }
1082 
1083  return $this->substituteLoginPageElements(
1084  $GLOBALS['tpl'],
1085  $page_editor_html,
1086  '',
1087  '[list-user-agreement]',
1088  'USER_AGREEMENT'
1089  );
1090  }
1091 
1097  protected function purgePlaceholders($page_editor_html)
1098  {
1099  return str_replace(
1100  array(
1101  '[list-language-selection] ',
1102  '[list-registration-link]',
1103  '[list-user-agreement]',
1104  '[list-login-form]',
1105  '[list-cas-login-form]',
1106  '[list-saml-login]',
1107  '[list-shibboleth-login-form]'
1108  ),
1109  array('','','','','','',''),
1110  $page_editor_html
1111  );
1112  }
1113 
1118  public function showAccountMigration(string $message = '') : void
1119  {
1120  $this->help->setSubScreenId('account_migration');
1121 
1122  $tpl = self::initStartUpTemplate('tpl.login_account_migration.html');
1123 
1124  $form = new ilPropertyFormGUI();
1125  $form->setFormAction($this->ctrl->getFormAction($this, 'migrateAccount'));
1126 
1127  $form->setTitle($this->lng->txt('auth_account_migration'));
1128  $form->addCommandButton('migrateAccount', $this->lng->txt('save'));
1129  $form->addCommandButton('showLogin', $this->lng->txt('cancel'));
1130 
1131  $rad = new ilRadioGroupInputGUI($this->lng->txt('auth_account_migration_name'), 'account_migration');
1132  $rad->setValue(1);
1133 
1134  $keep = new ilRadioOption(
1135  $this->lng->txt('auth_account_migration_keep'),
1136  static::ACCOUNT_MIGRATION_MIGRATE,
1137  $this->lng->txt('auth_info_migrate')
1138  );
1139  $user = new ilTextInputGUI($this->lng->txt('login'), 'mig_username');
1140  $user->setRequired(true);
1141  $user->setValue(ilUtil::prepareFormOutput(
1142  (string) ($this->httpRequest->getParsedBody()['mig_username'] ?? '')
1143  ));
1144  $user->setSize(32);
1145  $user->setMaxLength(128);
1146  $keep->addSubItem($user);
1147 
1148  $pass = new ilPasswordInputGUI($this->lng->txt('password'), 'mig_password');
1149  $pass->setRetype(false);
1150  $pass->setRequired(true);
1151  $pass->setValue(ilUtil::prepareFormOutput(
1152  (string) ($this->httpRequest->getParsedBody()['mig_password'] ?? '')
1153  ));
1154  $pass->setSize(12);
1155  $pass->setMaxLength(128);
1156  $keep->addSubItem($pass);
1157  $rad->addOption($keep);
1158 
1159  $new = new ilRadioOption(
1160  $this->lng->txt('auth_account_migration_new'),
1161  static::ACCOUNT_MIGRATION_NEW,
1162  $this->lng->txt('auth_info_add')
1163  );
1164  $rad->addOption($new);
1165 
1166  $form->addItem($rad);
1167 
1168  $tpl->setVariable('MIG_FORM', $form->getHTML());
1169 
1170  if (strlen($message)) {
1171  ilUtil::sendFailure($message);
1172  }
1173 
1174  self::printToGlobalTemplate($tpl);
1175  }
1176 
1181  protected function migrateAccount() : bool
1182  {
1183  if (!isset($this->httpRequest->getParsedBody()['account_migration'])) {
1184  $this->showAccountMigration(
1185  $this->lng->txt('select_one')
1186  );
1187  return false;
1188  }
1189 
1190  if (
1191  ((int) $this->httpRequest->getParsedBody()['account_migration'] === self::ACCOUNT_MIGRATION_MIGRATE) &&
1192  (
1193  !isset($this->httpRequest->getParsedBody()['mig_username']) ||
1194  !is_string($this->httpRequest->getParsedBody()['mig_username']) ||
1195  0 === strlen($this->httpRequest->getParsedBody()['mig_username']) ||
1196  !isset($this->httpRequest->getParsedBody()['mig_password']) ||
1197  !is_string($this->httpRequest->getParsedBody()['mig_password'])
1198  )
1199  ) {
1200  $this->showAccountMigration(
1201  $this->lng->txt('err_wrong_login')
1202  );
1203  return false;
1204  }
1205 
1206  if ((int) $this->httpRequest->getParsedBody()['account_migration'] == self::ACCOUNT_MIGRATION_MIGRATE) {
1207  return $this->doMigration();
1208  } elseif ((int) $this->httpRequest->getParsedBody()['account_migration'] == static::ACCOUNT_MIGRATION_NEW) {
1209  return $this->doMigrationNewAccount();
1210  }
1211  }
1212 
1216  protected function doMigrationNewAccount() : bool
1217  {
1218  $credentials = new ilAuthFrontendCredentials();
1219  $credentials->setUsername(ilSession::get(ilAuthFrontend::MIG_EXTERNAL_ACCOUNT));
1220 
1221  $provider_factory = new ilAuthProviderFactory();
1222  $provider = $provider_factory->getProviderByAuthMode($credentials, ilSession::get(ilAuthFrontend::MIG_TRIGGER_AUTHMODE));
1223 
1224  $this->logger->debug('Using provider: ' . get_class($provider) . ' for further processing.');
1225 
1226  $status = ilAuthStatus::getInstance();
1227 
1228  $frontend_factory = new ilAuthFrontendFactory();
1229  $frontend_factory->setContext(ilAuthFrontendFactory::CONTEXT_STANDARD_FORM);
1230  $frontend = $frontend_factory->getFrontend(
1231  $GLOBALS['DIC']['ilAuthSession'],
1232  $status,
1233  $credentials,
1234  [$provider]
1235  );
1236 
1237  if ($frontend->migrateAccountNew()) {
1238  ilInitialisation::redirectToStartingPage();
1239  }
1240 
1241  ilUtil::sendFailure($this->lng->txt('err_wrong_login'));
1242  $this->ctrl->redirect($this, 'showAccountMigration');
1243 
1244  return true;
1245  }
1246 
1250  protected function doMigration() : bool
1251  {
1252  $this->logger->debug('Starting account migration for user: ' . (string) ilSession::get('mig_ext_account'));
1253 
1254  $credentials = new ilAuthFrontendCredentials();
1255  $credentials->setUsername((string) $_POST['mig_username']);
1256  $credentials->setPassword((string) $_POST['mig_password']);
1257 
1258  $provider_factory = new ilAuthProviderFactory();
1259  $provider = $provider_factory->getProviderByAuthMode($credentials, AUTH_LOCAL);
1260 
1261  $status = ilAuthStatus::getInstance();
1262 
1263  $frontend_factory = new ilAuthFrontendFactory();
1264  $frontend_factory->setContext(ilAuthFrontendFactory::CONTEXT_STANDARD_FORM);
1265  $frontend = $frontend_factory->getFrontend(
1266  $GLOBALS['DIC']['ilAuthSession'],
1267  $status,
1268  $credentials,
1269  array($provider)
1270  );
1271 
1272  $frontend->authenticate();
1273 
1274  switch ($status->getStatus()) {
1275  case ilAuthStatus::STATUS_AUTHENTICATED:
1276  $this->getLogger()->debug('Account migration: authentication successful for ' . (string) $_POST['mig_username']);
1277 
1278  $provider = $provider_factory->getProviderByAuthMode(
1279  $credentials,
1280  ilSession::get(ilAuthFrontend::MIG_TRIGGER_AUTHMODE)
1281  );
1282  $frontend_factory->setContext(ilAuthFrontendFactory::CONTEXT_STANDARD_FORM);
1283  $frontend = $frontend_factory->getFrontend(
1284  $GLOBALS['DIC']['ilAuthSession'],
1285  $status,
1286  $credentials,
1287  [$provider]
1288  );
1289  if (
1290  $frontend->migrateAccount($GLOBALS['DIC']['ilAuthSession'])
1291  ) {
1292  ilInitialisation::redirectToStartingPage();
1293  } else {
1294  ilUtil::sendFailure($this->lng->txt('err_wrong_login'), true);
1295  $this->ctrl->redirect($this, 'showAccountMigration');
1296  }
1297  break;
1298 
1299  default:
1300  $this->getLogger()->info('Account migration failed for user ' . (string) $_POST['mig_username']);
1301  $this->showAccountMigration($GLOBALS['lng']->txt('err_wrong_login'));
1302  return false;
1303  }
1304  }
1305 
1309  protected function showLogout()
1310  {
1311  global $DIC;
1312 
1313  $lng = $DIC->language();
1314  $ilIliasIniFile = $DIC['ilIliasIniFile'];
1315 
1316  $this->help->setSubScreenId('logout');
1317 
1318  $tpl = self::initStartUpTemplate("tpl.logout.html");
1319 
1320  $client_id = $_GET['client_id'];
1321 
1322  if (ilPublicSectionSettings::getInstance()->isEnabledForDomain($_SERVER['SERVER_NAME'])) {
1323  $tpl->setCurrentBlock("homelink");
1324  $tpl->setVariable("CLIENT_ID", "?client_id=" . $client_id . "&lang=" . $lng->getLangKey());
1325  $tpl->setVariable("TXT_HOME", $lng->txt("home"));
1326  $tpl->parseCurrentBlock();
1327  }
1328 
1329  $tosWithdrawalGui = new ilTermsOfServiceWithdrawalGUIHelper($this->user);
1330 
1331  $tpl->setVariable("TXT_PAGEHEADLINE", $lng->txt("logout"));
1332  $tpl->setVariable(
1333  "TXT_LOGOUT_TEXT",
1334  $lng->txt("logout_text") . $tosWithdrawalGui->getWithdrawalTextForLogoutScreen($this->httpRequest)
1335  );
1336  $tpl->setVariable("TXT_LOGIN", $lng->txt("login_to_ilias"));
1337  $tpl->setVariable("CLIENT_ID", "?client_id=" . $client_id . "&cmd=force_login&lang=" . $lng->getLangKey());
1338 
1339  self::printToGlobalTemplate($tpl);
1340  }
1341 
1342 
1343 
1347  public function doLogout()
1348  {
1349  global $DIC;
1350 
1351  $ilSetting = $DIC->settings();
1352  $user = $DIC->user();
1353  $lng = $DIC->language();
1354  $ilIliasIniFile = $DIC['ilIliasIniFile'];
1355  $ilAppEventHandler = $DIC['ilAppEventHandler'];
1356 
1357  $ilAppEventHandler->raise(
1358  'Services/Authentication',
1359  'beforeLogout',
1360  [
1361  'user_id' => $this->user->getId()
1362  ]
1363  );
1364 
1365  $user_language = $user->getLanguage();
1366 
1367  $tosWithdrawalGui = new ilTermsOfServiceWithdrawalGUIHelper($user);
1368  $tosWithdrawalGui->handleWithdrawalLogoutRequest($this->httpRequest, $this);
1369 
1370  $had_external_authentication = ilSession::get('used_external_auth');
1371 
1372  ilSession::setClosingContext(ilSession::SESSION_CLOSE_USER);
1373  $GLOBALS['DIC']['ilAuthSession']->logout();
1374 
1375  $GLOBALS['ilAppEventHandler']->raise(
1376  'Services/Authentication',
1377  'afterLogout',
1378  array(
1379  'username' => $this->user->getLogin()
1380  )
1381  );
1382 
1383  if ((int) $this->user->getAuthMode(true) == AUTH_SAML && $had_external_authentication) {
1384  $this->logger->info('Redirecting user to SAML logout script');
1385  $this->ctrl->redirectToURL('saml.php?action=logout&logout_url=' . urlencode(ILIAS_HTTP_PATH . '/login.php'));
1386  }
1387 
1388  // reset cookie
1389  ilUtil::setCookie("ilClientId", "");
1390 
1391  // redirect and show logout information
1392  $this->ctrl->setParameter($this, 'client_id', CLIENT_ID);
1393  $this->ctrl->setParameter($this, 'lang', $user_language);
1394  $this->ctrl->redirect($this, 'showLogout');
1395  }
1396 
1402  public function showNoCookiesScreen()
1403  {
1404  global $tpl;
1405 
1406  $str = "<p style=\"margin:15px;\">
1407  You need to enable Session Cookies in your Browser to use ILIAS.
1408  <br/>
1409  <br/><b>Firefox</b>
1410  <br/>Tools -> Options -> Privacy -> Cookies
1411  <br/>Enable 'Allow sites to set cookies' and activate option 'Keep
1412  <br/>cookies' auf 'until I close Firefox'
1413  <br/>
1414  <br/><b>Mozilla/Netscape</b>
1415  <br/>Edit -> Preferences -> Privacy&Security -> Cookies
1416  <br/>Go to 'Cookie Lifetime Policy' and check option 'Accept for current
1417  <br/>session only'.
1418  <br/>
1419  <br/><b>Internet Explorer</b>
1420  <br/>Tools -> Internet Options -> Privacy -> Advanced
1421  <br/>- Check 'Override automatic cookie handling'
1422  <br/>- Check 'Always allow session cookies'
1423  </p>";
1424  $tpl->setVariable("CONTENT", $str);
1425  $tpl->printToStdout();
1426  }
1427 
1431  protected function getAcceptance() : void
1432  {
1433  $this->showTermsOfService();
1434  }
1435 
1436  protected function confirmAcceptance() : void
1437  {
1438  $this->showTermsOfService(true);
1439  }
1440 
1441  protected function confirmWithdrawal() : void
1442  {
1443  if (!$this->user->getId()) {
1444  $this->user->setId(ANONYMOUS_USER_ID);
1445  }
1446  $back_to_login = false;
1447  if ($this->user->getPref('consent_withdrawal_requested') != 1) {
1448  $back_to_login = true;
1449  }
1450  $tpl = self::initStartUpTemplate('tpl.view_terms_of_service.html', $back_to_login, !$back_to_login);
1451 
1452  $helper = new ilTermsOfServiceHelper();
1453  $handleDocument = $helper->isGloballyEnabled() && $this->termsOfServiceEvaluation->hasDocument();
1454  if ($handleDocument) {
1455  $document = $this->termsOfServiceEvaluation->document();
1456  if ('confirmWithdrawal' === $this->ctrl->getCmd()) {
1457  if (isset($this->httpRequest->getParsedBody()['status']) && 'withdrawn' === $this->httpRequest->getParsedBody()['status']) {
1458  $helper->deleteAcceptanceHistoryByUser((int) $this->user->getId());
1459  $this->ctrl->redirectToUrl('logout.php');
1460  }
1461  }
1462 
1463  $tpl->setVariable('FORM_ACTION', $this->ctrl->getFormAction($this, $this->ctrl->getCmd()));
1464  $tpl->setVariable('ACCEPT_CHECKBOX', ilUtil::formCheckbox(0, 'status', 'accepted'));
1465  $tpl->setVariable('ACCEPT_TERMS_OF_SERVICE', $this->lng->txt('accept_usr_agreement'));
1466  $tpl->setVariable('TXT_SUBMIT', $this->lng->txt('submit'));
1467 
1468  $tpl->setPermanentLink('usr', null, 'agreement');
1469  $tpl->setVariable('TERMS_OF_SERVICE_CONTENT', $document->content());
1470  } else {
1471  $tpl->setVariable(
1472  'TERMS_OF_SERVICE_CONTENT',
1473  sprintf(
1474  $this->lng->txt('no_agreement_description'),
1475  'mailto:' . ilUtil::prepareFormOutput(ilSystemSupportContacts::getMailsToAddress())
1476  )
1477  );
1478  }
1479 
1480  self::printToGlobalTemplate($tpl);
1481  }
1482 
1490  protected function showTermsOfService(bool $accepted = false) : void
1491  {
1492  $this->help->setSubScreenId('terms_of_service');
1493 
1494  $back_to_login = ('getAcceptance' != $this->ctrl->getCmd());
1495 
1496  if (!$this->user->getId()) {
1497  $this->user->setId(ANONYMOUS_USER_ID);
1498  }
1499 
1500  $tpl = self::initStartUpTemplate('tpl.view_terms_of_service.html', $back_to_login, !$back_to_login);
1501 
1502  $this->mainTemplate->setTitle($this->lng->txt('accept_usr_agreement'));
1503  $this->mainTemplate->setOnScreenMessage('info', $this->lng->txt('accept_usr_agreement_intro'));
1504 
1505  $helper = new ilTermsOfServiceHelper();
1506  $handleDocument = $helper->isGloballyEnabled() && $this->termsOfServiceEvaluation->hasDocument();
1507  if ($handleDocument) {
1508  $document = $this->termsOfServiceEvaluation->document();
1509  if (
1510  'confirmAcceptance' === $this->ctrl->getCmd() ||
1511  'getAcceptance' === $this->ctrl->getCmd()
1512  ) {
1513  if ($accepted) {
1514  $helper->trackAcceptance($this->user, $document);
1515 
1516  if (ilSession::get('orig_request_target')) {
1517  $target = ilSession::get('orig_request_target');
1518  ilSession::set('orig_request_target', '');
1519  ilUtil::redirect($target);
1520  } else {
1521  ilUtil::redirect('index.php?target=' . $_GET['target'] . '&client_id=' . CLIENT_ID);
1522  }
1523  }
1524 
1525  $tpl->setVariable('FORM_ACTION', $this->ctrl->getFormAction($this, $this->ctrl->getCmd()));
1526  $tpl->setVariable('ACCEPT_TERMS_OF_SERVICE', $this->lng->txt('accept_usr_agreement'));
1527  $tpl->setVariable('TXT_ACCEPT', $this->lng->txt('accept_usr_agreement_btn'));
1528  $tpl->setVariable('DENY_TERMS_OF_SERVICE', $this->lng->txt('deny_usr_agreement'));
1529  $tpl->setVariable(
1530  'DENIAL_BUTTON',
1531  $this->dic->ui()->renderer()->render(
1532  $this->dic->ui()->factory()->button()->standard(
1533  $this->dic->language()->txt('deny_usr_agreement_btn'),
1534  'logout.php?withdraw_consent'
1535  )
1536  )
1537  );
1538  }
1539 
1540  $tpl->setPermanentLink('usr', null, 'agreement');
1541  $tpl->setVariable('TERMS_OF_SERVICE_CONTENT', $document->content());
1542  } else {
1543  $tpl->setVariable(
1544  'TERMS_OF_SERVICE_CONTENT',
1545  sprintf(
1546  $this->lng->txt('no_agreement_description'),
1547  'mailto:' . ilUtil::prepareFormOutput(ilSystemSupportContacts::getMailsToAddress())
1548  )
1549  );
1550  }
1551 
1552  self::printToGlobalTemplate($tpl);
1553  }
1554 
1558  protected function processIndexPHP()
1559  {
1560  global $ilIliasIniFile, $ilAuth, $ilSetting;
1561 
1562  // In case of an valid session, redirect to starting page
1563  if ($GLOBALS['DIC']['ilAuthSession']->isValid()) {
1564  if (!$this->user->isAnonymous() || ilPublicSectionSettings::getInstance()->isEnabledForDomain(
1565  $this->httpRequest->getServerParams()['SERVER_NAME']
1566  )) {
1567  ilInitialisation::redirectToStartingPage();
1568  return;
1569  }
1570  }
1571 
1572  if (ilPublicSectionSettings::getInstance()->isEnabledForDomain($_SERVER['SERVER_NAME'])) {
1573  return ilInitialisation::goToPublicSection();
1574  }
1575 
1576  // otherwise show login page
1577  return $this->showLoginPage();
1578  }
1579 
1580 
1581  public static function _checkGoto($a_target)
1582  {
1583  global $DIC;
1584  global $objDefinition, $ilPluginAdmin, $ilUser;
1585 
1586  $access = $DIC->access();
1587 
1588 
1589  if (is_object($ilPluginAdmin)) {
1590  // get user interface plugins
1591  $pl_names = $ilPluginAdmin->getActivePluginsForSlot(IL_COMP_SERVICE, "UIComponent", "uihk");
1592 
1593  // search
1594  foreach ($pl_names as $pl) {
1595  $ui_plugin = ilPluginAdmin::getPluginObject(IL_COMP_SERVICE, "UIComponent", "uihk", $pl);
1596  $gui_class = $ui_plugin->getUIClassInstance();
1597  $resp = $gui_class->checkGotoHook($a_target);
1598  if ($resp["target"] !== false) {
1599  $a_target = $resp["target"];
1600  break;
1601  }
1602  }
1603  }
1604 
1605  if ($a_target == "") {
1606  return false;
1607  }
1608 
1609  $t_arr = explode("_", $a_target);
1610  $type = $t_arr[0];
1611 
1612  if ($type == "git") {
1613  $type = "glo";
1614  }
1615 
1616  if ($type == "pg" | $type == "st") {
1617  $type = "lm";
1618  }
1619 
1620  $class = $objDefinition->getClassName($type);
1621  if ($class == "") {
1622  return false;
1623  }
1624 
1625  $location = $objDefinition->getLocation($type);
1626  $full_class = "ilObj" . $class . "Access";
1627  include_once($location . "/class." . $full_class . ".php");
1628 
1629  $ret = call_user_func(array($full_class, "_checkGoto"), $a_target);
1630 
1631  // if no access and repository object => check for parent course/group
1632  if (!$ret &&
1633  !stristr($a_target, "_wsp") &&
1634  $ilUser->getId() != ANONYMOUS_USER_ID && // #10637
1635  !$objDefinition->isAdministrationObject($type) &&
1636  $objDefinition->isRBACObject($type) &&
1637  $t_arr[1]) {
1638  global $tree, $rbacsystem, $ilAccess;
1639 
1640  // original type "pg" => pg_<page_id>[_<ref_id>]
1641  if ($t_arr[0] == "pg") {
1642  if (isset($t_arr[2])) {
1643  $ref_id = $t_arr[2];
1644  } else {
1645  $lm_id = ilLMObject::_lookupContObjID($t_arr[1]);
1646  $ref_id = ilObject::_getAllReferences($lm_id);
1647  if ($ref_id) {
1648  $ref_id = array_shift($ref_id);
1649  }
1650  }
1651  } else {
1652  $ref_id = $t_arr[1];
1653  }
1654 
1655  include_once "Services/Membership/classes/class.ilParticipants.php";
1656  $block_obj = array();
1657 
1658  // walk path to find parent container
1659  $path = $tree->getPathId($ref_id);
1660  array_pop($path);
1661  foreach ($path as $path_ref_id) {
1662  $redirect_infopage = false;
1663  $add_member_role = false;
1664 
1665  $ptype = ilObject::_lookupType($path_ref_id, true);
1666  $pobj_id = ilObject::_lookupObjId($path_ref_id);
1667 
1668  // core checks: timings/object-specific
1669  if (
1670  !$access->doActivationCheck('read', '', $path_ref_id, $ilUser->getId(), $pobj_id, $ptype) ||
1671  !$access->doStatusCheck('read', '', $path_ref_id, $ilUser->getId(), $pobj_id, $ptype)
1672  ) {
1673  // object in path is inaccessible - aborting
1674  return false;
1675  } elseif ($ptype == "crs") {
1676  // check if already participant
1677  include_once "Modules/Course/classes/class.ilCourseParticipant.php";
1678  $participants = new ilCourseParticipant($pobj_id, $ilUser->getId());
1679  if (!$participants->isAssigned()) {
1680  // subscription currently possible?
1681  include_once "Modules/Course/classes/class.ilObjCourse.php";
1682  if (ilObjCourse::_isActivated($pobj_id) &&
1683  ilObjCourse::_registrationEnabled($pobj_id)) {
1684  $block_obj[] = $path_ref_id;
1685  $add_member_role = true;
1686  } else {
1687  $redirect_infopage = true;
1688  }
1689  }
1690  } elseif ($ptype == "grp") {
1691  // check if already participant
1692  include_once "Modules/Group/classes/class.ilGroupParticipants.php";
1693  if (!ilGroupParticipants::_isParticipant($path_ref_id, $ilUser->getId())) {
1694  // subscription currently possible?
1695  include_once "Modules/Group/classes/class.ilObjGroup.php";
1696  $group_obj = new ilObjGroup($path_ref_id);
1697  if ($group_obj->isRegistrationEnabled()) {
1698  $block_obj[] = $path_ref_id;
1699  $add_member_role = true;
1700  } else {
1701  $redirect_infopage = true;
1702  }
1703  }
1704  }
1705 
1706  // add members roles for all "blocking" objects
1707  if ($add_member_role) {
1708  // cannot join? goto will never work, so redirect to current object
1709  $rbacsystem->resetPACache($ilUser->getId(), $path_ref_id);
1710  if (!$rbacsystem->checkAccess("join", $path_ref_id)) {
1711  $redirect_infopage = true;
1712  } else {
1713  $rbacsystem->addTemporaryRole(
1714  $ilUser->getId(),
1715  ilParticipants::getDefaultMemberRole($path_ref_id)
1716  );
1717  }
1718  }
1719 
1720  // redirect to infopage of 1st blocking object in path
1721  if ($redirect_infopage) {
1722  if ($rbacsystem->checkAccess("visible", $path_ref_id)) {
1723  ilUtil::redirect("ilias.php?baseClass=ilRepositoryGUI" .
1724  "&ref_id=" . $path_ref_id . "&cmd=infoScreen");
1725  } else {
1726  return false;
1727  }
1728  }
1729  }
1730 
1731 
1732  // check if access will be possible with all (possible) member roles added
1733  $rbacsystem->resetPACache($ilUser->getId(), $ref_id);
1734  if ($rbacsystem->checkAccess("read", $ref_id) && sizeof($block_obj)) { // #12128
1735  // this won't work with lm-pages (see above)
1736  // include_once "Services/Link/classes/class.ilLink.php";
1737  // $_SESSION["pending_goto"] = ilLink::_getStaticLink($ref_id, $type);
1738 
1739  // keep original target
1740  $_SESSION["pending_goto"] = "goto.php?target=" . $a_target;
1741 
1742  // redirect to 1st non-member object in path
1743  ilUtil::redirect("ilias.php?baseClass=ilRepositoryGUI" .
1744  "&ref_id=" . array_shift($block_obj));
1745  }
1746  }
1747 
1748  return $ret;
1749  }
1750 
1751  public function confirmRegistration()
1752  {
1753  ilUtil::setCookie('iltest', 'cookie', false);
1754 
1755  $this->lng->loadLanguageModule('registration');
1756 
1757  if (!isset($_GET['rh']) || !strlen(trim($_GET['rh']))) {
1758  $this->mainTemplate->setOnScreenMessage(ilGlobalTemplate::MESSAGE_TYPE_FAILURE, $this->lng->txt('reg_confirmation_hash_not_passed'), true);
1759  $this->ctrl->redirectToURL(sprintf(
1760  './login.php?cmd=force_login&lang=%s',
1761  $this->lng->getLangKey()
1762  ));
1763  }
1764 
1765  try {
1766  $oRegSettings = new ilRegistrationSettings();
1767 
1768  $usr_id = ilObjUser::_verifyRegistrationHash(trim($_GET['rh']));
1770  $user = ilObjectFactory::getInstanceByObjId($usr_id);
1771  $user->setActive(true);
1772  $password = '';
1773  if ($oRegSettings->passwordGenerationEnabled()) {
1774  $passwords = ilUtil::generatePasswords(1);
1775  $password = $passwords[0];
1776  $user->setPasswd($password, IL_PASSWD_PLAIN);
1777  $user->setLastPasswordChangeTS(time());
1778  }
1779  $user->update();
1780 
1781  $target = $user->getPref('reg_target');
1782  if (strlen($target) > 0) {
1783  // Used for ilAccountMail in ilAccountRegistrationMail, which relies on this super global ...
1784  $_GET['target'] = $target;
1785  }
1786 
1787  $accountMail = new ilAccountRegistrationMail(
1788  $oRegSettings,
1789  $this->lng,
1790  ilLoggerFactory::getLogger('user')
1791  );
1792  $accountMail->withEmailConfirmationRegistrationMode()->send($user, $password);
1793 
1794  $this->mainTemplate->setOnScreenMessage(ilGlobalTemplate::MESSAGE_TYPE_SUCCESS, $this->lng->txt('reg_account_confirmation_successful'), true);
1795  $this->ctrl->redirectToURL(sprintf(
1796  './login.php?cmd=force_login&lang=%s',
1797  $user->getLanguage()
1798  ));
1799  } catch (ilRegConfirmationLinkExpiredException $exception) {
1800  $soap_client = new ilSoapClient();
1801  $soap_client->setResponseTimeout(1);
1802  $soap_client->enableWSDL(true);
1803  $soap_client->init();
1804 
1805  $this->logger->info('Triggered soap call (background process) for deletion of inactive user objects with expired confirmation hash values (dual opt in) ...');
1806 
1807  $soap_client->call(
1808  'deleteExpiredDualOptInUserObjects',
1809  [
1810  $_COOKIE[session_name()] . '::' . CLIENT_ID,
1811  $exception->getCode() // user id
1812  ]
1813  );
1814 
1815  $this->mainTemplate->setOnScreenMessage(ilGlobalTemplate::MESSAGE_TYPE_FAILURE, $this->lng->txt($exception->getMessage()), true);
1816  $this->ctrl->redirectToURL(sprintf(
1817  './login.php?cmd=force_login&lang=%s',
1818  $this->lng->getLangKey()
1819  ));
1820  } catch (ilRegistrationHashNotFoundException $exception) {
1821  $this->mainTemplate->setOnScreenMessage(ilGlobalTemplate::MESSAGE_TYPE_FAILURE, $this->lng->txt($exception->getMessage()), true);
1822  $this->ctrl->redirectToURL(sprintf(
1823  './login.php?cmd=force_login&lang=%s',
1824  $this->lng->getLangKey()
1825  ));
1826  }
1827  }
1828 
1835  public static function initStartUpTemplate($a_tmpl, $a_show_back = false, $a_show_logout = false)
1836  {
1844  global $lng, $ilAccess, $ilSetting;
1845  $tpl = new ilGlobalTemplate("tpl.main.html", true, true);
1846 
1847  $tpl->addBlockfile('CONTENT', 'content', 'tpl.startup_screen.html', 'Services/Init');
1848 
1849  $view_title = $lng->txt('login_to_ilias');
1850  if ($a_show_back) {
1851  // #13400
1852  $param = 'client_id=' . CLIENT_ID . '&lang=' . $lng->getLangKey();
1853 
1854  $tpl->setCurrentBlock('link_item_bl');
1855  $tpl->setVariable('LINK_TXT', $view_title);
1856  $tpl->setVariable('LINK_URL', 'login.php?cmd=force_login&' . $param);
1857  $tpl->parseCurrentBlock();
1858 
1859  include_once './Services/Init/classes/class.ilPublicSectionSettings.php';
1860  if (ilPublicSectionSettings::getInstance()->isEnabledForDomain($_SERVER['SERVER_NAME']) &&
1861  $ilAccess->checkAccessOfUser(ANONYMOUS_USER_ID, 'read', '', ROOT_FOLDER_ID)) {
1862  $tpl->setVariable('LINK_URL', 'index.php?' . $param);
1863  $tpl->setVariable('LINK_TXT', $lng->txt('home'));
1864  $tpl->parseCurrentBlock();
1865  }
1866  } elseif ($a_show_logout) {
1867  $view_title = $lng->txt('logout');
1868  $tpl->setCurrentBlock('link_item_bl');
1869  $tpl->setVariable('LINK_TXT', $view_title);
1870  $tpl->setVariable('LINK_URL', ILIAS_HTTP_PATH . '/logout.php');
1871  $tpl->parseCurrentBlock();
1872  }
1873 
1874  if (is_array($a_tmpl)) {
1875  $template_file = $a_tmpl[0];
1876  $template_dir = $a_tmpl[1];
1877  } else {
1878  $template_file = $a_tmpl;
1879  $template_dir = 'Services/Init';
1880  }
1881 
1882  $tpl->addBlockFile('STARTUP_CONTENT', 'startup_content', $template_file, $template_dir);
1883 
1884  PageContentProvider::setViewTitle($view_title);
1885  $short_title = $ilSetting->get('short_inst_name');
1886  if (trim($short_title) === "") {
1887  $short_title = 'ILIAS';
1888  }
1889  PageContentProvider::setShortTitle($short_title);
1890 
1891  $header_title = (string) ilObjSystemFolder::_getHeaderTitle();
1892  PageContentProvider::setTitle($header_title);
1893 
1894  return $tpl;
1895  }
1896 
1901  protected function showSamlLoginForm($page_editor_html)
1902  {
1903  require_once 'Services/Saml/classes/class.ilSamlIdp.php';
1904  require_once 'Services/Saml/classes/class.ilSamlSettings.php';
1905 
1906  if (count(ilSamlIdp::getActiveIdpList()) > 0 && ilSamlSettings::getInstance()->isDisplayedOnLoginPage()) {
1907  $tpl = new ilTemplate('tpl.login_form_saml.html', true, true, 'Services/Saml');
1908 
1909  $return = '';
1910  if (isset($_GET['target'])) {
1911  $return = '?returnTo=' . urlencode(ilUtil::stripSlashes($_GET['target']));
1912  }
1913 
1914  $tpl->setVariable('SAML_SCRIPT_URL', './saml.php' . $return);
1915  $tpl->setVariable('TXT_LOGIN', $GLOBALS['DIC']->language()->txt('saml_log_in'));
1916  $tpl->setVariable('LOGIN_TO_ILIAS_VIA_SAML', $GLOBALS['DIC']->language()->txt('login_to_ilias_via_saml'));
1917  $tpl->setVariable('TXT_SAML_LOGIN_TXT', $GLOBALS['DIC']->language()->txt('saml_login_form_txt'));
1918  $tpl->setVariable('TXT_SAML_LOGIN_INFO_TXT', $GLOBALS['DIC']->language()->txt('saml_login_form_info_txt'));
1919 
1920  return $this->substituteLoginPageElements(
1921  $GLOBALS['tpl'],
1922  $page_editor_html,
1923  $tpl->get(),
1924  '[list-saml-login]',
1925  'SAML_LOGIN_FORM'
1926  );
1927  }
1928 
1929  return $page_editor_html;
1930  }
1931 
1936  protected function showOpenIdConnectLoginForm($page_editor_html)
1937  {
1938  global $DIC;
1939 
1940  $lang = $DIC->language();
1941 
1942  $oidc_settings = ilOpenIdConnectSettings::getInstance();
1943  if ($oidc_settings->getActive()) {
1944  $tpl = new ilTemplate('tpl.login_element.html', true, true, 'Services/OpenIdConnect');
1945 
1946  $lang->loadLanguageModule('auth');
1947  $tpl->setVariable('TXT_OIDCONNECT_HEADER', $lang->txt('auth_oidc_login_element_info'));
1948 
1949  $target = empty($_GET['target']) ? '' : ('?target=' . (string) $_GET['target']);
1950  switch ($oidc_settings->getLoginElementType()) {
1951  case ilOpenIdConnectSettings::LOGIN_ELEMENT_TYPE_TXT:
1952 
1953 
1954  $tpl->setVariable('SCRIPT_OIDCONNECT_T', ILIAS_HTTP_PATH . '/openidconnect.php' . $target);
1955  $tpl->setVariable('TXT_OIDC', $oidc_settings->getLoginElemenText());
1956  break;
1957 
1958  case ilOpenIdConnectSettings::LOGIN_ELEMENT_TYPE_IMG:
1959  $tpl->setVariable('SCRIPT_OIDCONNECT_I', ILIAS_HTTP_PATH . '/openidconnect.php' . $target);
1960  $tpl->setVariable('IMG_SOURCE', $oidc_settings->getImageFilePath());
1961  break;
1962  }
1963 
1964  return $this->substituteLoginPageElements(
1965  $GLOBALS['tpl'],
1966  $page_editor_html,
1967  $tpl->get(),
1968  '[list-openid-connect-login]',
1969  'OPEN_ID_CONNECT_LOGIN_FORM'
1970  );
1971  }
1972 
1973  return $page_editor_html;
1974  }
1975 
1979  protected function doOpenIdConnectAuthentication()
1980  {
1981  global $DIC;
1982 
1983  $this->getLogger()->debug('Trying openid connect authentication');
1984 
1985  $credentials = new ilAuthFrontendCredentialsOpenIdConnect();
1986  $credentials->initFromRequest();
1987 
1988  $provider_factory = new ilAuthProviderFactory();
1989  $provider = $provider_factory->getProviderByAuthMode($credentials, AUTH_OPENID_CONNECT);
1990 
1991  $status = ilAuthStatus::getInstance();
1992 
1993  $frontend_factory = new ilAuthFrontendFactory();
1994  $frontend_factory->setContext(ilAuthFrontendFactory::CONTEXT_STANDARD_FORM);
1995  $frontend = $frontend_factory->getFrontend(
1996  $GLOBALS['DIC']['ilAuthSession'],
1997  $status,
1998  $credentials,
1999  array($provider)
2000  );
2001 
2002  $frontend->authenticate();
2003 
2004  switch ($status->getStatus()) {
2005  case ilAuthStatus::STATUS_AUTHENTICATED:
2006  ilLoggerFactory::getLogger('auth')->debug('Authentication successful; Redirecting to starting page.');
2007  include_once './Services/Init/classes/class.ilInitialisation.php';
2008  ilInitialisation::redirectToStartingPage();
2009  return;
2010 
2011  case ilAuthStatus::STATUS_AUTHENTICATION_FAILED:
2012  ilUtil::sendFailure($status->getTranslatedReason(), true);
2013  $GLOBALS['ilCtrl']->redirect($this, 'showLoginPage');
2014  return false;
2015  }
2016 
2017  ilUtil::sendFailure($this->lng->txt('err_wrong_login'));
2018  $this->showLoginPage();
2019  return false;
2020  }
2021 
2022 
2026  protected function doSamlAuthentication()
2027  {
2028  global $DIC;
2029 
2030  $this->getLogger()->debug('Trying saml authentication');
2031 
2032  $request = $DIC->http()->request();
2033  $params = $request->getQueryParams();
2034 
2035  $factory = new ilSamlAuthFactory();
2036  $auth = $factory->auth();
2037 
2038  if (isset($params['action']) && $params['action'] == 'logout') {
2039  $logout_url = isset($params['logout_url']) ? $params['logout_url'] : '';
2040  ilLoggerFactory::getLogger('auth')->info(sprintf('Requested SAML logout: %s', $logout_url));
2041  $auth->logout($logout_url);
2042  }
2043 
2044  if (isset($params['target']) && !isset($params['returnTo'])) {
2045  $params['returnTo'] = $params['target'];
2046  }
2047  if (isset($params['returnTo'])) {
2048  $auth->storeParam('target', $params['returnTo']);
2049  }
2050 
2051  ilLoggerFactory::getLogger('auth')->debug('Started SAML authentication request');
2052 
2053  if (!$auth->isAuthenticated()) {
2054  ilLoggerFactory::getLogger('auth')->debug('User is not authenticated, yet');
2055  if (!isset($_GET['idpentityid']) || !isset($_GET['saml_idp_id'])) {
2056  $activeIdps = ilSamlIdp::getActiveIdpList();
2057  if (1 == count($activeIdps)) {
2058  $idp = current($activeIdps);
2059  $_GET['idpentityid'] = $idp->getEntityId();
2060  $_GET['saml_idp_id'] = $idp->getIdpId();
2061 
2062  ilLoggerFactory::getLogger('auth')->debug(sprintf(
2063  'Found exactly one active IDP with id %s: %s',
2064  $idp->getIdpId(),
2065  $idp->getEntityId()
2066  ));
2067  } elseif (0 == count($activeIdps)) {
2068  ilLoggerFactory::getLogger('auth')->debug('Did not find any active IDP, skipp authentication process');
2069  $GLOBALS['DIC']->ctrl()->redirect($this, 'showLoginPage');
2070  } else {
2071  ilLoggerFactory::getLogger('auth')->debug('Found multiple active IPDs, presenting IDP selection...');
2072  $this->showSamlIdpSelection($auth, $activeIdps);
2073  return;
2074  }
2075  }
2076 
2077  $auth->storeParam('idpId', (int) $_GET['saml_idp_id']);
2078  ilLoggerFactory::getLogger('auth')->debug(sprintf(
2079  'Stored relevant IDP id in session: %s',
2080  (string) $auth->getParam('idpId')
2081  ));
2082  }
2083 
2084  // re-init
2085  $auth = $factory->auth();
2086 
2087  ilLoggerFactory::getLogger('auth')->debug('Checking SAML authentication status...');
2088 
2089  $auth->protectResource();
2090 
2091  ilLoggerFactory::getLogger('auth')->debug(
2092  'SAML authentication successful, continuing with ILIAS internal authentication process...'
2093  );
2094 
2095  $idpId = (int) $auth->getParam('idpId');
2096 
2097  ilLoggerFactory::getLogger('auth')->debug(sprintf(
2098  'Internal SAML IDP id fetched from session: %s',
2099  (string) $idpId
2100  ));
2101 
2102  if ($idpId < 1) {
2103  ilLoggerFactory::getLogger('auth')->debug(
2104  'No valid internal IDP id found (most probably due to IDP initiated SSO), trying fallback determination...'
2105  );
2106  $authData = $auth->getAuthDataArray();
2107  if (isset($authData['saml:sp:IdP'])) {
2108  $idpId = ilSamlIdp::geIdpIdByEntityId($authData['saml:sp:IdP']);
2109  ilLoggerFactory::getLogger('auth')->debug(sprintf(
2110  'Searching active ILIAS IDP by entity id "%s" results in: %s',
2111  $authData['saml:sp:IdP'],
2112  (string) $idpId
2113  ));
2114  } else {
2115  ilLoggerFactory::getLogger('auth')->debug(
2116  'Could not execute fallback determination, no IDP entity ID found SAML authentication session data'
2117  );
2118  }
2119  }
2120  $_GET['target'] = $auth->popParam('target');
2121 
2122  $_POST['auth_mode'] = AUTH_SAML . '_' . $idpId;
2123 
2124  $this->logger->debug(sprintf(
2125  'Retrieved "target" parameter: %s',
2126  print_r($_GET['target'], true)
2127  ));
2128 
2129  $credentials = new ilAuthFrontendCredentialsSaml($auth, $request);
2130  $credentials->initFromRequest();
2131 
2132  $provider_factory = new ilAuthProviderFactory();
2133  $provider = $provider_factory->getProviderByAuthMode($credentials, ilUtil::stripSlashes($_POST['auth_mode']));
2134 
2135  $status = ilAuthStatus::getInstance();
2136 
2137  $frontend_factory = new ilAuthFrontendFactory();
2138  $frontend_factory->setContext(ilAuthFrontendFactory::CONTEXT_STANDARD_FORM);
2139  $frontend = $frontend_factory->getFrontend(
2140  $GLOBALS['DIC']['ilAuthSession'],
2141  $status,
2142  $credentials,
2143  array($provider)
2144  );
2145 
2146  $frontend->authenticate();
2147 
2148  switch ($status->getStatus()) {
2149  case ilAuthStatus::STATUS_AUTHENTICATED:
2150  ilLoggerFactory::getLogger('auth')->debug('Authentication successful; Redirecting to starting page.');
2151  return ilInitialisation::redirectToStartingPage();
2152 
2153  case ilAuthStatus::STATUS_ACCOUNT_MIGRATION_REQUIRED:
2154  return $GLOBALS['DIC']->ctrl()->redirect($this, 'showAccountMigration');
2155 
2156  case ilAuthStatus::STATUS_AUTHENTICATION_FAILED:
2157  ilUtil::sendFailure($status->getTranslatedReason(), true);
2158  $GLOBALS['DIC']->ctrl()->redirect($this, 'showLoginPage');
2159  return false;
2160  }
2161 
2162  ilUtil::sendFailure($this->lng->txt('err_wrong_login'));
2163  $this->showLoginPage();
2164 
2165  return false;
2166  }
2167 
2172  protected function showSamlIdpSelection(\ilSamlAuth $auth, array $idps)
2173  {
2174  global $DIC;
2175 
2176  $this->help->setSubScreenId('saml_idp_selection');
2177 
2178  self::initStartUpTemplate(array('tpl.saml_idp_selection.html', 'Services/Saml'));
2179 
2180  $factory = $DIC->ui()->factory();
2181  $renderer = $DIC->ui()->renderer();
2182 
2183  $DIC->ctrl()->setTargetScript('saml.php');
2184 
2185  $items = [];
2186 
2187  $table = new ilSamlIdpSelectionTableGUI($this, 'doSamlAuthentication');
2188 
2189  foreach ($idps as $idp) {
2190  $DIC->ctrl()->setParameter($this, 'saml_idp_id', $idp->getIdpId());
2191  $DIC->ctrl()->setParameter($this, 'idpentityid', urlencode($idp->getEntityId()));
2192 
2193  $items[] = [
2194  'idp_link' => $renderer->render($factory->link()->standard($idp->getEntityId(), $DIC->ctrl()->getLinkTarget($this, 'doSamlAuthentication')))
2195  ];
2196  }
2197 
2198  $table->setData($items);
2199  $this->mainTemplate->setVariable('CONTENT', $table->getHtml());
2200 
2201  $this->mainTemplate->printToStdout('DEFAULT', false);
2202  }
2203 }
ilObjStyleSheet\getContentStylePath
static getContentStylePath($a_style_id, $add_random=true, $add_token=true)
get content style path
Definition: class.ilObjStyleSheet.php:1810
ilStartUpGUI\showLogout
showLogout()
Show logout screen.
Definition: class.ilStartUpGUI.php:1309
ilObjUser\_lookupLogin
static _lookupLogin($a_user_id)
lookup login
Definition: class.ilObjUser.php:816
ilStartUpGUI\showOpenIdConnectLoginForm
showOpenIdConnectLoginForm($page_editor_html)
Definition: class.ilStartUpGUI.php:1936
ilAccountCode\applyRoleAssignments
static applyRoleAssignments(ilObjUser $user, $code)
Definition: class.ilAccountCode.php:225
ilStartUpGUI\_checkGoto
static _checkGoto($a_target)
Definition: class.ilStartUpGUI.php:1581
ilSamlIdp\geIdpIdByEntityId
static geIdpIdByEntityId($entityId)
Definition: class.ilSamlIdp.php:227
ilUtil\prepareFormOutput
static prepareFormOutput($a_str, $a_strip=false)
prepares string output for html forms public
Definition: class.ilUtil.php:2820
ilRadioOption
This class represents an option in a radio group.
Definition: class.ilRadioOption.php:31
ilStartUpGUI\ACCOUNT_MIGRATION_MIGRATE
const ACCOUNT_MIGRATION_MIGRATE
Definition: class.ilStartUpGUI.php:18
IL_PASSWD_PLAIN
const IL_PASSWD_PLAIN
Definition: class.ilObjUser.php:6
ilLoginPageGUI
Login page GUI class.
Definition: class.ilLoginPageGUI.php:19
ilStartUpGUI\initCodeForm
initCodeForm($a_username)
Definition: class.ilStartUpGUI.php:327
ilStartUpGUI\showLoginForm
showLoginForm($page_editor_html, ilPropertyFormGUI $form=null)
Show login form ilSetting $ilSetting.
Definition: class.ilStartUpGUI.php:784
ilGroupParticipants\_isParticipant
static _isParticipant($a_ref_id, $a_usr_id)
Static function to check if a user is a participant of the container object.
Definition: class.ilGroupParticipants.php:144
ilAccountCode\applyAccessLimits
static applyAccessLimits(ilObjUser $user, $code)
Definition: class.ilAccountCode.php:258
ilStartUpGUI\showCodeForm
showCodeForm($a_username=null, $a_form=null)
Definition: class.ilStartUpGUI.php:309
ilStartUpGUI\getLoginPageEditorHTML
getLoginPageEditorHTML()
Get HTML of ILIAS login page editor.
Definition: class.ilStartUpGUI.php:966
ANONYMOUS_USER_ID
const ANONYMOUS_USER_ID
Definition: constants.php:25
ilStartUpGUI\doLTIAuthentication
doLTIAuthentication()
Handle lti requests.
Definition: class.ilStartUpGUI.php:606
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
ilStartUpGUI\__construct
__construct(\ilObjUser $user=null, \ilTermsOfServiceDocumentEvaluation $termsOfServiceEvaluation=null, \ilGlobalTemplate $mainTemplate=null, ServerRequestInterface $httpRequest=null)
ilStartUpGUI constructor.
Definition: class.ilStartUpGUI.php:57
ilAuthUtils\_hasMultipleAuthenticationMethods
static _hasMultipleAuthenticationMethods()
Definition: class.ilAuthUtils.php:398
ilPropertyFormGUI
This class represents a property form user interface.
Definition: class.ilPropertyFormGUI.php:47
ilGlobalTemplate
special template class to simplify handling of ITX/PEAR
Definition: class.ilGlobalTemplate.php:13
$type
$type
Definition: proxy_ylocal.php:10
ilAccountRegistrationGUI
Class ilAccountRegistrationGUI.
Definition: class.ilAccountRegistrationGUI.php:24
ilCaptchaInputGUI
This class represents a captcha input in a property form.
Definition: class.ilCaptchaInputGUI.php:13
ROOT_FOLDER_ID
const ROOT_FOLDER_ID
Definition: constants.php:30
$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12
$location
$location
Definition: buildRTE.php:44
ilObjCourse\_registrationEnabled
static _registrationEnabled($a_obj_id)
Registration enabled? Method is in Access class, since it is needed by Access/ListGUI.
Definition: class.ilObjCourse.php:730
ilRegConfirmationLinkExpiredException
Class for user related exception handling in ILIAS.
Definition: class.ilRegConfirmationLinkExpiredException.php:33
ilAuthStatus\STATUS_AUTHENTICATION_FAILED
const STATUS_AUTHENTICATION_FAILED
Definition: class.ilAuthStatus.php:19
ilStartUpGUI\showShibbolethLoginForm
showShibbolethLoginForm($page_editor_html)
Show shibboleth login form.
Definition: class.ilStartUpGUI.php:870
AUTH_OPENID_CONNECT
const AUTH_OPENID_CONNECT
Definition: class.ilAuthUtils.php:20
ilAuthFrontendFactory
Factory for auth frontend classes.
Definition: class.ilAuthFrontendFactory.php:11
AUTH_CAS
const AUTH_CAS
Definition: class.ilAuthUtils.php:12
AUTH_SHIBBOLETH
const AUTH_SHIBBOLETH
Definition: class.ilAuthUtils.php:11
ilSession\get
static get($a_var)
Get a value.
Definition: class.ilSession.php:451
ilAccountCode\useCode
static useCode($code)
Definition: class.ilAccountCode.php:189
ilSession\set
static set($a_var, $a_val)
Set a value.
Definition: class.ilSession.php:440
$ilIliasIniFile
$ilIliasIniFile
Definition: imgupload.php:16
ilObjUser\_lookupId
static _lookupId($a_user_str)
Lookup id by login.
Definition: class.ilObjUser.php:832
ilInitialisation\goToPublicSection
static goToPublicSection()
go to public section
Definition: class.ilInitialisation.php:942
ilStartUpGUI\migrateAccount
migrateAccount()
Migrate Account.
Definition: class.ilStartUpGUI.php:1181
ilUtil\generatePasswords
static generatePasswords($a_number)
Generate a number of passwords.
Definition: class.ilUtil.php:3676
ilLMObject\_lookupContObjID
static _lookupContObjID($a_id)
get learning module / digibook id for lm object
Definition: class.ilLMObject.php:781
ilParticipants\getDefaultMemberRole
static getDefaultMemberRole($a_ref_id)
Definition: class.ilParticipants.php:544
ilStartUpGUI\processIndexPHP
processIndexPHP()
process index.php
Definition: class.ilStartUpGUI.php:1558
AUTH_APACHE
const AUTH_APACHE
Definition: class.ilAuthUtils.php:17
ilStartUpGUI\getAcceptance
getAcceptance()
Get terms of service.
Definition: class.ilStartUpGUI.php:1431
ilTermsOfServiceDocumentEvaluation
Interface ilTermsOfServiceDocumentEvaluation.
Definition: interface.ilTermsOfServiceDocumentEvaluation.php:8
AUTH_SAML
const AUTH_SAML
Definition: class.ilAuthUtils.php:18
ilStartUpGUI\executeCommand
executeCommand()
execute command
Definition: class.ilStartUpGUI.php:103
ilStartUpGUI\showTermsOfService
showTermsOfService(bool $accepted=false)
Show terms of service.
Definition: class.ilStartUpGUI.php:1490
ilStartUpGUI\printToGlobalTemplate
static printToGlobalTemplate($tpl)
Definition: class.ilStartUpGUI.php:283
ShibWAYF
Class ShibbolethWAYF.
Definition: class.ilShibbolethWAYF.php:34
user
user()
Definition: user.php:4
ilOpenIdConnectSettings\getInstance
static getInstance()
Get singleton instance.
Definition: class.ilOpenIdConnectSettings.php:163
ilObject\_getAllReferences
static _getAllReferences($a_id)
get all reference ids of object
Definition: class.ilObject.php:968
ilStartUpGUI\doShibbolethAuthentication
doShibbolethAuthentication()
Trying shibboleth authentication.
Definition: class.ilStartUpGUI.php:511
ilObjUser\_verifyRegistrationHash
static _verifyRegistrationHash($a_hash)
Verifies a registration hash.
Definition: class.ilObjUser.php:4748
$client_id
$client_id
Definition: webdav.php:17
ilAuthFrontendCredentialsLTI
Auth credentials for lti oauth based authentication.
Definition: class.ilAuthFrontendCredentialsLTI.php:15
ilStartUpGUI\getLogger
getLogger()
Get logger.
Definition: class.ilStartUpGUI.php:131
ilStartUpGUI\initStandardLoginForm
initStandardLoginForm()
Initialize the standard.
Definition: class.ilStartUpGUI.php:443
help
help()
Definition: help.php:2
$auth
$auth
Definition: metadata.php:59
ilStartUpGUI\showLoginPage
showLoginPage(ilPropertyFormGUI $form=null)
Definition: class.ilStartUpGUI.php:221
ilAuthFrontendCredentialsSaml
Class ilAuthFrontendCredentialsSaml.
Definition: class.ilAuthFrontendCredentialsSaml.php:7
ilHiddenInputGUI
This class represents a hidden form property in a property form.
Definition: class.ilHiddenInputGUI.php:32
$messages
$messages
Definition: xapiexit.php:5
ilStartUpGUI\substituteLoginPageElements
substituteLoginPageElements($tpl, $page_editor_html, $element_html, $placeholder, $fallback_tplvar)
Substitute login page elements.
Definition: class.ilStartUpGUI.php:948
ilUtil\setCookie
static setCookie($a_cookie_name, $a_cookie_value='', $a_also_set_super_global=true, $a_set_cookie_invalid=false)
Definition: class.ilUtil.php:4664
ilUtil\appendUrlParameterString
static appendUrlParameterString($a_url, $a_par, $xml_style=false)
append URL parameter string ("par1=value1&par2=value2...") to given URL string
Definition: class.ilUtil.php:2135
ILIAS\FileDelivery\http
static http()
Fetches the global http state from ILIAS.
Definition: HttpServiceAware.php:36
ilRadioGroupInputGUI
This class represents a property in a property form.
Definition: class.ilRadioGroupInputGUI.php:33
ilRadioOption\setValue
setValue($a_value)
Set Value.
Definition: class.ilRadioOption.php:91
ilSystemSupportContacts\getMailsToAddress
static getMailsToAddress()
Get mailto: emails.
Definition: class.ilSystemSupportContacts.php:69
ilStartUpGUI\showAccountMigration
showAccountMigration(string $message='')
Show account migration screen.
Definition: class.ilStartUpGUI.php:1118
ilAccountRegistrationMail
Class ilAccountRegistrationMail.
Definition: class.ilAccountRegistrationMail.php:8
ilPasswordInputGUI\setUseStripSlashes
setUseStripSlashes($a_stat)
En/disable use of stripslashes.
Definition: class.ilPasswordInputGUI.php:238
ilPageUtil\_existsAndNotEmpty
static _existsAndNotEmpty($a_parent_type, $a_id, $a_lang="-")
checks whether page exists and is not empty (may return true on some empty pages) ...
Definition: class.ilPageUtil.php:15
ilStartUpGUI\doApacheAuthentication
doApacheAuthentication()
Try apache auth.
Definition: class.ilStartUpGUI.php:653
ilRadioOption\addSubItem
addSubItem($a_item)
Add Subitem.
Definition: class.ilRadioOption.php:121
ilAuthUtils\_getMultipleAuthModeOptions
static _getMultipleAuthModeOptions($lng)
Definition: class.ilAuthUtils.php:434
ilSession\SESSION_CLOSE_USER
const SESSION_CLOSE_USER
Definition: class.ilSession.php:40
ilUtil\getImagePath
static getImagePath($img, $module_path="", $mode="output", $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:96
$_SERVER
$_SERVER['HTTP_HOST']
Definition: raiseError.php:10
ilObject\_lookupObjId
static _lookupObjId($a_id)
Definition: class.ilObject.php:1110
ilStartUpGUI
StartUp GUI class.
Definition: class.ilStartUpGUI.php:16
ilStartUpGUI\doCasAuthentication
doCasAuthentication()
Try CAS auth.
Definition: class.ilStartUpGUI.php:562
$param
$param
Definition: xapitoken.php:29
CLIENT_ID
const CLIENT_ID
Definition: constants.php:39
$DIC
global $DIC
Definition: goto.php:24
ilStartUpGUI\purgePlaceholders
purgePlaceholders($page_editor_html)
Purge page editor html from unused placeholders.
Definition: class.ilStartUpGUI.php:1097
$GLOBALS
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
Definition: PEAR.php:64
ilStartUpGUI\showRegistrationLinks
showRegistrationLinks($page_editor_html)
Show registration, password forgotten, client slection links ilLanguage $lng ilSetting $ilSetting ...
Definition: class.ilStartUpGUI.php:1006
ilSamlAuth
Interface ilSamlAuth.
Definition: interface.ilSamlAuth.php:7
ilPasswordInputGUI
This class represents a password property in a property form.
Definition: class.ilPasswordInputGUI.php:11
ilPluginAdmin\getPluginObject
static getPluginObject($a_ctype, $a_cname, $a_slot_id, $a_pname)
Get Plugin Object.
Definition: class.ilPluginAdmin.php:440
ilSamlIdpSelectionTableGUI
Class ilSamlIdpSelectionTableGUI.
Definition: class.ilSamlIdpSelectionTableGUI.php:7
ilUtil\stripSlashes
static stripSlashes($a_str, $a_strip_html=true, $a_allow="")
strip slashes if magic qoutes is enabled
Definition: class.ilUtil.php:2406
ilStartUpGUI\showSamlIdpSelection
showSamlIdpSelection(\ilSamlAuth $auth, array $idps)
Definition: class.ilStartUpGUI.php:2172
ilObjStyleSheet\getSyntaxStylePath
static getSyntaxStylePath()
get syntax style path
Definition: class.ilObjStyleSheet.php:1868
AUTH_LOCAL
const AUTH_LOCAL
Definition: class.ilAuthUtils.php:7
ilStartUpGUI\showSamlLoginForm
showSamlLoginForm($page_editor_html)
Definition: class.ilStartUpGUI.php:1901
ilStartUpGUI\doStandardAuthentication
doStandardAuthentication()
Check form input; authenticate user.
Definition: class.ilStartUpGUI.php:713
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId($a_obj_id, $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:70
ilObject\_lookupType
static _lookupType($a_id, $a_reference=false)
lookup object type
Definition: class.ilObject.php:1281
ilPasswordAssistanceGUI
Password assistance facility for users who have forgotten their password or for users for whom no pas...
Definition: class.ilPasswordAssistanceGUI.php:12
ilAccountCode\getCodeValidUntil
static getCodeValidUntil($code)
Definition: class.ilAccountCode.php:201
ilUtil\sendFailure
static sendFailure($a_info="", $a_keep=false)
Send Failure Message to Screen.
Definition: class.ilUtil.php:4534
ilStartUpGUI\showLoginInformation
showLoginInformation($page_editor_html, $tpl)
Show login information.
Definition: class.ilStartUpGUI.php:815
$lang
$lang
Definition: xapiexit.php:8
ilStartUpGUI\showNoCookiesScreen
showNoCookiesScreen()
show help screen, if cookies are disabled
Definition: class.ilStartUpGUI.php:1402
ilTermsOfServiceHelper
Class ilTermsOfServiceHelper.
Definition: class.ilTermsOfServiceHelper.php:8
$password
$password
Definition: cron.php:14
ilRegistrationSettings
Class ilObjAuthSettingsGUI.
Definition: class.ilRegistrationSettings.php:45
ilObjCourse\_isActivated
static _isActivated($a_obj_id)
Is activated.
Definition: class.ilObjCourse.php:718
ilAuthStatus\STATUS_CODE_ACTIVATION_REQUIRED
const STATUS_CODE_ACTIVATION_REQUIRED
Definition: class.ilAuthStatus.php:21
ilSession\setClosingContext
static setClosingContext($a_context)
set closing context (for statistics)
Definition: class.ilSession.php:472
ilAuthStatus\getInstance
static getInstance()
Get status instance.
Definition: class.ilAuthStatus.php:42
$ilSetting
global $ilSetting
Definition: privfeed.php:17
$ret
$ret
Definition: parser.php:6
ilLanguage\lookupId
static lookupId($a_lang_key)
Lookup obj_id of language ilDB $ilDB.
Definition: class.ilLanguage.php:423
ilStartUpGUI\showTermsOfServiceLink
showTermsOfServiceLink(string $page_editor_html)
Show terms of service link.
Definition: class.ilStartUpGUI.php:1062
ilSamlAuthFactory
Class ilSamlAuthFactory.
Definition: class.ilSamlAuthFactory.php:7
ilObjGroup
Class ilObjGroup.
Definition: class.ilObjGroup.php:33
ilAccountCode\isUnusedCode
static isUnusedCode($code)
Definition: class.ilAccountCode.php:171
$message
$message
Definition: xapiexit.php:14
ilLoggerFactory\getLogger
static getLogger($a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:74
ilAuthLoginPageEditorSettings\getInstance
static getInstance()
Get singelton instance.
Definition: class.ilAuthLoginPageEditorSettings.php:36
$ilUser
$ilUser
Definition: imgupload.php:18
language
language()
Definition: language.php:2
ilRegistrationHashNotFoundException
Class for user related exception handling in ILIAS.
Definition: class.ilRegistrationHashNotFoundException.php:33
$_COOKIE
$_COOKIE[session_name()]
Definition: xapitoken.php:37
$tpl
if($DIC->http() ->request() ->getMethod()=="GET" &&isset($DIC->http() ->request() ->getQueryParams()['tex'])) $tpl
Definition: latex.php:41
ilSamlIdp\getActiveIdpList
static getActiveIdpList()
Definition: class.ilSamlIdp.php:241
ilUtil\redirect
static redirect($a_script)
Definition: class.ilUtil.php:3302
AUTH_PROVIDER_LTI
const AUTH_PROVIDER_LTI
Definition: class.ilAuthUtils.php:28
ilStartUpGUI\showCASLoginForm
showCASLoginForm($page_editor_html)
Show cas login ilSetting $ilSetting.
Definition: class.ilStartUpGUI.php:839
ilStartUpGUI\doOpenIdConnectAuthentication
doOpenIdConnectAuthentication()
do open id connect authentication
Definition: class.ilStartUpGUI.php:1979
ilAuthStatus\STATUS_ACCOUNT_MIGRATION_REQUIRED
const STATUS_ACCOUNT_MIGRATION_REQUIRED
Definition: class.ilAuthStatus.php:20
$_POST
$_POST["username"]
Definition: cfg.phpunit.template.php:11
ilStartUpGUI\doLogout
doLogout()
show logout screen
Definition: class.ilStartUpGUI.php:1347
ilFormPropertyGUI\setRequired
setRequired($a_required)
Set Required.
Definition: class.ilFormPropertyGUI.php:185
$factory
$factory
Definition: metadata.php:58
IL_COMP_SERVICE
const IL_COMP_SERVICE
Definition: class.ilComponent.php:6
ilUtil\formCheckbox
static formCheckbox($checked, $varname, $value, $disabled=false)
??? public
Definition: class.ilUtil.php:439
ilStartUpGUI\jumpToPasswordAssistance
jumpToPasswordAssistance()
jump to password assistance
Definition: class.ilStartUpGUI.php:151
ilStartUpGUI\jumpToRegistration
jumpToRegistration()
jump to registration gui
Definition: class.ilStartUpGUI.php:140
ilAuthFrontendCredentialsCAS
Auth frontend credentials for CAS auth.
Definition: class.ilAuthFrontendCredentialsCAS.php:11