ILIAS  release_8 Revision v8.24
Public Member Functions
ilAuthProviderShibboleth Class Reference

Shibboleth authentication provider. More...

+ Inheritance diagram for ilAuthProviderShibboleth:
+ Collaboration diagram for ilAuthProviderShibboleth:

Public Member Functions

 doAuthentication (ilAuthStatus $status)
 
- Public Member Functions inherited from ilAuthProvider
 __construct (ilAuthCredentials $credentials)
 Constructor. More...
 
 getLogger ()
 Get logger. More...
 
 getCredentials ()
 
- Public Member Functions inherited from ilAuthProviderInterface
 doAuthentication (\ilAuthStatus $status)
 Do authentication. More...
 

Additional Inherited Members

- Protected Member Functions inherited from ilAuthProvider
 handleAuthenticationFail (ilAuthStatus $status, string $a_reason)
 Handle failed authentication. More...
 

Detailed Description

Shibboleth authentication provider.

Definition at line 20 of file class.ilAuthProviderShibboleth.php.

Member Function Documentation

◆ doAuthentication()

ilAuthProviderShibboleth::doAuthentication ( ilAuthStatus  $status)

@noRector

@noRector

Definition at line 22 of file class.ilAuthProviderShibboleth.php.

22 : bool
23 {
24 global $DIC; // for backwards compatibility of hook environment variables
25 $ilias = $DIC['ilias'];
26 $ilSetting = $DIC['ilSetting'];
27 $shibServerData = shibServerData::getInstance();
28
29 if ($shibServerData->getLogin() !== '' && $shibServerData->getLogin() !== '0') {
30 $shibUser = shibUser::buildInstance($shibServerData);
31 // for backword compatibility of hook environment variables
32 $userObj = &$shibUser; // For shib_data_conv included Script
33 $newUser = $shibUser->isNew(); // For shib_data_conv included Script
34 if ($shibUser->isNew()) {
35 $shibUser->createFields();
36 $shibUser->setPref('hits_per_page', $ilSetting->get('hits_per_page'));
37
38 // Modify user data before creating the user
39 // Include custom code that can be used to further modify
40 // certain Shibboleth user attributes
41 if (
42 $ilias->getSetting('shib_data_conv') &&
43 $ilias->getSetting('shib_data_conv', '') !== '' &&
44 is_readable($ilias->getSetting('shib_data_conv'))
45 ) {
47 include($ilias->getSetting('shib_data_conv'));
48 }
49 $shibUser = ilShibbolethPluginWrapper::getInstance()->beforeCreateUser($shibUser);
50 $shibUser->create();
51 $shibUser->saveAsNew();
52 $shibUser->updateOwner();
53 $shibUser->writePrefs();
54 $shibUser = ilShibbolethPluginWrapper::getInstance()->afterCreateUser($shibUser);
55 ilShibbolethRoleAssignmentRules::doAssignments($shibUser->getId(), $_SERVER);
56 } else {
57 $shibUser->updateFields();
58 // Include custom code that can be used to further modify
59 // certain Shibboleth user attributes
60 if (
61 $ilias->getSetting('shib_data_conv') &&
62 $ilias->getSetting('shib_data_conv') !== '' &&
63 is_readable($ilias->getSetting('shib_data_conv'))
64 ) {
66 include($ilias->getSetting('shib_data_conv'));
67 }
68 // $shibUser->update();
69 $shibUser = ilShibbolethPluginWrapper::getInstance()->beforeUpdateUser($shibUser);
70 $shibUser->update();
71 $shibUser = ilShibbolethPluginWrapper::getInstance()->afterUpdateUser($shibUser);
72 ilShibbolethRoleAssignmentRules::updateAssignments($shibUser->getId(), $_SERVER);
73 }
74
75 $settings = new ilShibbolethSettings();
76
77 if (!$newUser || !$settings->adminMustActivate()) {
78 $status->setStatus(ilAuthStatus::STATUS_AUTHENTICATED);
79 $status->setAuthenticatedUserId(ilObjUser::_lookupId($shibUser->getLogin()));
80 } elseif ($settings->adminMustActivate()) {
81 $status->setStatus(ilAuthStatus::STATUS_AUTHENTICATION_FAILED);
82 $status->setReason('err_inactive');
83 }
84 } else {
85 $this->getLogger()->info('Shibboleth authentication failed.');
86 $this->handleAuthenticationFail($status, 'err_wrong_login');
87 return false;
88 }
89
90 return true;
91 }
ilAuthProvider\getLogger
getLogger()
Get logger.
Definition: class.ilAuthProvider.php:55
ilAuthProvider\handleAuthenticationFail
handleAuthenticationFail(ilAuthStatus $status, string $a_reason)
Handle failed authentication.
Definition: class.ilAuthProvider.php:71
ilAuthStatus\STATUS_AUTHENTICATION_FAILED
const STATUS_AUTHENTICATION_FAILED
Definition: class.ilAuthStatus.php:35
ilObjUser\_lookupId
static _lookupId($a_user_str)
Definition: class.ilObjUser.php:674
ilShibbolethRoleAssignmentRules\doAssignments
static doAssignments(int $a_usr_id, array $a_data)
Definition: class.ilShibbolethRoleAssignmentRules.php:91
ilShibbolethRoleAssignmentRules\updateAssignments
static updateAssignments(int $a_usr_id, array $a_data)
Definition: class.ilShibbolethRoleAssignmentRules.php:59
ilShibbolethSettings
Class ilShibbolethSettings.
Definition: class.ilShibbolethSettings.php:28
shibUser\buildInstance
static buildInstance(shibServerData $shibServerData)
Definition: class.shibUser.php:28
$DIC
global $DIC
Definition: feed.php:28
ILIAS\LTI\ToolProvider\$settings
array $settings
Setting values (LTI parameters, custom parameters and local parameters).
Definition: System.php:200
$ilSetting
global $ilSetting
Definition: privfeed.php:17
$_SERVER
$_SERVER['HTTP_HOST']
Definition: raiseError.php:10

References $_SERVER, $DIC, $ilSetting, ILIAS\LTI\ToolProvider\$settings, ilAuthProvider\$status, ilObjUser\_lookupId(), shibUser\buildInstance(), ilShibbolethRoleAssignmentRules\doAssignments(), ilShibbolethPluginWrapper\getInstance(), shibServerData\getInstance(), ilAuthProvider\getLogger(), ilAuthProvider\handleAuthenticationFail(), ilAuthStatus\STATUS_AUTHENTICATED, ilAuthStatus\STATUS_AUTHENTICATION_FAILED, and ilShibbolethRoleAssignmentRules\updateAssignments().

+ Here is the call graph for this function:
The documentation for this class was generated from the following file: