ILIAS  release_8 Revision v8.24
class.ilAuthFrontendCredentialsApache.php
Go to the documentation of this file.
1<?php
2
19declare(strict_types=1);
20
21use Psr\Http\Message\ServerRequestInterface;
22
30class ilAuthFrontendCredentialsApache extends ilAuthFrontendCredentials
31{
32 private ServerRequestInterface $httpRequest;
33 private ilCtrl $ctrl;
34 private ilSetting $settings;
35 private ilLogger $logger;
36
37 public function __construct(ServerRequestInterface $httpRequest, ilCtrl $ctrl)
38 {
39 global $DIC;
40 $this->logger = $DIC->logger()->auth();
41 $this->httpRequest = $httpRequest;
42 $this->ctrl = $ctrl;
43 $this->settings = new ilSetting('apache_auth');
44 parent::__construct();
45 }
46
51 public function tryAuthenticationOnLoginPage(): void
52 {
53 $cmd = (string) ($this->httpRequest->getQueryParams()['cmd'] ?? '');
54 if ('' === $cmd) {
55 $cmd = (string) ($this->httpRequest->getParsedBody()['cmd'] ?? '');
56 }
57
58 if ('force_login' === $cmd) {
59 return;
60 }
61
62 if (!$this->getSettings()->get('apache_enable_auth', '0')) {
63 return;
64 }
65
66 if (!$this->getSettings()->get('apache_auth_authenticate_on_login_page', '0')) {
67 return;
68 }
69
70 if (
71 (defined('IL_CERT_SSO') && (int) IL_CERT_SSO === 1) ||
72 !ilContext::supportsRedirects() ||
73 isset($this->httpRequest->getQueryParams()['passed_sso'])
74 ) {
75 return;
76 }
77
78 $path = (string) ($this->httpRequest->getServerParams()['REQUEST_URI'] ?? '');
79 if (strpos($path, '/') === 0) {
80 $path = substr($path, 1);
81 }
82
83 if (strpos($path, 'http') !== 0) {
84 $parts = parse_url(ILIAS_HTTP_PATH);
85 $path = $parts['scheme'] . '://' . $parts['host'] . '/' . $path;
86 }
87
88 $this->ctrl->redirectToURL(
89 ilUtil::getHtmlPath(
90 './sso/index.php?force_mode_apache=1&' .
91 'r=' . urlencode($path) .
92 '&cookie_path=' . urlencode(IL_COOKIE_PATH) .
93 '&ilias_path=' . urlencode(ILIAS_HTTP_PATH)
94 )
95 );
96 }
97
98 protected function getSettings(): ilSetting
99 {
100 return $this->settings;
101 }
102
103 public function initFromRequest(): void
104 {
105 $mappingFieldName = $this->getSettings()->get('apache_auth_username_direct_mapping_fieldname', '');
106
107 $this->logger->dump($this->httpRequest->getServerParams(), ilLogLevel::DEBUG);
108 $this->logger->debug($mappingFieldName);
109
110 switch ($this->getSettings()->get('apache_auth_username_config_type')) {
111 case ilAuthProviderApache::APACHE_AUTH_TYPE_DIRECT_MAPPING:
112 if (isset($this->httpRequest->getServerParams()[$mappingFieldName])) {
113 $this->setUsername($this->httpRequest->getServerParams()[$mappingFieldName]);
114 }
115 break;
116
117 case ilAuthProviderApache::APACHE_AUTH_TYPE_BY_FUNCTION:
118 $this->setUsername(ApacheCustom::getUsername());
119 break;
120 }
121 }
122
123 public function hasValidTargetUrl(): bool
124 {
125 $targetUrl = trim((string) ($this->httpRequest->getQueryParams()['r'] ?? ''));
126 if ($targetUrl === '') {
127 return false;
128 }
129
130 $validDomains = [];
131 $path = ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt';
132 if (file_exists($path) && is_readable($path)) {
133 foreach (file($path) as $line) {
134 if (trim($line)) {
135 $validDomains[] = trim($line);
136 }
137 }
138 }
139
140 return (new ilWhiteListUrlValidator($targetUrl, $validDomains))->isValid();
141 }
142
143 public function getTargetUrl(): string
144 {
145 return ilUtil::appendUrlParameterString(trim($this->httpRequest->getQueryParams()['r']), 'passed_sso=1');
146 }
147}
ilAuthFrontendCredentialsApache\__construct
__construct(ServerRequestInterface $httpRequest, ilCtrl $ctrl)
Definition: class.ilAuthFrontendCredentialsApache.php:37
ilAuthFrontendCredentialsApache\tryAuthenticationOnLoginPage
tryAuthenticationOnLoginPage()
Check if an authentication attempt should be done when login page has been called.
Definition: class.ilAuthFrontendCredentialsApache.php:51
ilAuthFrontendCredentials\setUsername
setUsername(string $a_name)
Set username.
Definition: class.ilAuthFrontendCredentials.php:41
ilContext\supportsRedirects
static supportsRedirects()
Are redirects supported?
Definition: class.ilContext.php:89
ilCtrl
Class ilCtrl provides processing control methods.
Definition: class.ilCtrl.php:35
ilLogger
Component logger with individual log levels by component id.
Definition: class.ilLogger.php:17
ilSetting
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilSetting.php:27
ilUtil\getHtmlPath
static getHtmlPath(string $relative_path)
get url of path
Definition: class.ilUtil.php:126
ilUtil\appendUrlParameterString
static appendUrlParameterString(string $a_url, string $a_par, bool $xml_style=false)
Definition: class.ilUtil.php:385
ilWhiteListUrlValidator
Class ilWhiteListUrlValidator.
Definition: class.ilWhiteListUrlValidator.php:24
CLIENT_ID
const CLIENT_ID
Definition: constants.php:41
ILIAS_DATA_DIR
const ILIAS_DATA_DIR
Definition: constants.php:44
$DIC
global $DIC
Definition: feed.php:28
$path
$path
Definition: ltiservices.php:32
$parts
if($clientAssertionType !='urn:ietf:params:oauth:client-assertion-type:jwt-bearer'|| $grantType !='client_credentials') $parts
Definition: ltitoken.php:64
IL_COOKIE_PATH
const IL_COOKIE_PATH(isset($_GET["client_id"]))
Definition: metadata.php:64
ILIAS\GlobalScreen\Provider\__construct
__construct(Container $dic, ilPlugin $plugin)
@inheritDoc
Definition: PluginProviderHelper.php:37