ILIAS  release_8 Revision v8.19
All Data Structures Namespaces Files Functions Variables Modules Pages
class.ilSimpleSAMLphpWrapper.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
25 class ilSimpleSAMLphpWrapper implements ilSamlAuth
26 {
27  protected SimpleSAML\Configuration $config;
28  protected SimpleSAML\Auth\Simple $authSource;
29 
30  public function __construct(string $authSourceName, string $configurationPath)
31  {
32  $this->initConfigFiles($configurationPath);
33 
34  SimpleSAML\Configuration::setConfigDir($configurationPath);
35  $this->config = SimpleSAML\Configuration::getInstance();
36 
37  $sessionHandler = $this->config->getString('session.handler', false);
38  $storageType = $this->config->getString('store.type', false);
39 
40  if (
41  $storageType === 'phpsession' || $sessionHandler === 'phpsession' ||
42  (empty($storageType) && empty($sessionHandler))
43  ) {
44  throw new RuntimeException('Invalid SimpleSAMLphp session handler: Must not be phpsession or empty');
45  }
46 
47  $this->authSource = new SimpleSAML\Auth\Simple($authSourceName);
48  }
49 
50  protected function initConfigFiles(string $configurationPath): void
51  {
52  global $DIC;
53 
54  $templateHandler = new ilSimpleSAMLphpConfigTemplateHandler($DIC->filesystem()->storage());
55  $templateHandler->copy('./Services/Saml/lib/config.php.dist', 'auth/saml/config/config.php', [
56  'DB_PATH' => rtrim($configurationPath, '/') . '/ssphp.sq3',
57  'SQL_INITIAL_PASSWORD' => static function (): string {
58  return substr(str_replace('+', '.', base64_encode(ilPasswordUtils::getBytes(20))), 0, 10);
59  },
60  'COOKIE_PATH' => IL_COOKIE_PATH,
61  'LOG_DIRECTORY' => ilLoggingDBSettings::getInstance()->getLogDir()
62  ]);
63  $templateHandler->copy('./Services/Saml/lib/authsources.php.dist', 'auth/saml/config/authsources.php', [
64  'RELAY_STATE' => rtrim(ILIAS_HTTP_PATH, '/') . '/saml.php',
65  'SP_ENTITY_ID' => rtrim(ILIAS_HTTP_PATH, '/') . '/Services/Saml/lib/metadata.php'
66  ]);
67  }
68 
72  public function getAuthId(): string
73  {
74  return $this->authSource->getAuthSource()->getAuthId();
75  }
76 
80  public function protectResource(): void
81  {
82  $this->authSource->requireAuth();
83  }
84 
88  public function storeParam(string $key, $value): void
89  {
90  $session = SimpleSAML\Session::getSessionFromRequest();
91  $session->setData('ilias', $key, $value);
92  }
93 
97  public function getParam(string $key)
98  {
99  $session = SimpleSAML\Session::getSessionFromRequest();
100 
101  return $session->getData('ilias', $key);
102  }
103 
107  public function popParam(string $key)
108  {
109  $session = SimpleSAML\Session::getSessionFromRequest();
110  $value = $this->getParam($key);
111  $session->deleteData('ilias', $key);
112 
113  return $value;
114  }
115 
119  public function isAuthenticated(): bool
120  {
121  return $this->authSource->isAuthenticated();
122  }
123 
127  public function getAttributes(): array
128  {
129  return $this->authSource->getAttributes();
130  }
131 
135  public function logout(string $returnUrl = ''): void
136  {
137  ilSession::set('used_external_auth', false);
138 
139  $params = [
140  'ReturnStateParam' => 'LogoutState',
141  'ReturnStateStage' => 'ilLogoutState'
142  ];
143 
144  if ($returnUrl !== '') {
145  $params['ReturnTo'] = $returnUrl;
146  }
147 
148  $this->authSource->logout($params);
149  }
150 
154  public function getIdpDiscovery(): ilSamlIdpDiscovery
155  {
156  return new ilSimpleSAMLphplIdpDiscovery();
157  }
158 
162  public function getAuthDataArray(): array
163  {
164  return $this->authSource->getAuthDataArray();
165  }
166 }
ilSimpleSAMLphpWrapper\$config
SimpleSAML Configuration $config
Definition: class.ilSimpleSAMLphpWrapper.php:27
ilSimpleSAMLphpConfigTemplateHandler\copy
copy(string $sourcePath, string $destinationPath, array $placeholders=[])
Definition: class.ilSimpleSAMLphpConfigTemplateHandler.php:41
$params
if(! $DIC->user() ->getId()||!ilLTIConsumerAccess::hasCustomProviderCreationAccess()) $params
Definition: ltiregstart.php:33
ilSimpleSAMLphpWrapper\protectResource
protectResource()
Protect a script resource with a SAML auth.
Definition: class.ilSimpleSAMLphpWrapper.php:80
$session
$session
Definition: proxy_ylocal.php:32
$DIC
global $DIC
Definition: feed.php:28
ilSimpleSAMLphpWrapper\__construct
__construct(string $authSourceName, string $configurationPath)
Definition: class.ilSimpleSAMLphpWrapper.php:30
ilSimpleSAMLphpWrapper\$authSource
SimpleSAML Auth Simple $authSource
Definition: class.ilSimpleSAMLphpWrapper.php:28
ILIAS\LTI\ToolProvider\$key
string $key
Consumer key/client ID value.
Definition: System.php:193
ilPasswordUtils\getBytes
static getBytes(int $length)
Generate random bytes using OpenSSL or Mcrypt and mt_rand() as fallback.
Definition: class.ilPasswordUtils.php:32
ilSamlAuth
Interface ilSamlAuth.
Definition: interface.ilSamlAuth.php:25
ilSimpleSAMLphpWrapper\initConfigFiles
initConfigFiles(string $configurationPath)
Definition: class.ilSimpleSAMLphpWrapper.php:50
IL_COOKIE_PATH
const IL_COOKIE_PATH(isset($_GET["client_id"]))
Definition: metadata.php:64
ilSimpleSAMLphpWrapper
Class ilSimpleSAMLphpWrapper.
Definition: class.ilSimpleSAMLphpWrapper.php:25
ilSimpleSAMLphplIdpDiscovery
Class ilSimpleSAMLphplIdpDiscovery.
Definition: class.ilSimpleSAMLphplIdpDiscovery.php:25
ilSession\set
static set(string $a_var, $a_val)
Set a value.
Definition: class.ilSession.php:451