ILIAS  release_8 Revision v8.24
Public Member Functions | Static Public Member Functions | Protected Attributes | Static Protected Attributes | Private Member Functions | Static Private Attributes
ilSamlIdp Class Reference

Class ilSamlIdp. More...

+ Collaboration diagram for ilSamlIdp:

Public Member Functions

 __construct (int $a_idp_id=0)
 
 persist ()
 
 delete ()
 Deletes an idp with all relevant mapping rules. More...
 
 toArray ()
 
 bindDbRecord (array $record)
 
 getEntityId ()
 
 setEntityId (string $entity_id)
 
 isActive ()
 
 setActive (bool $is_active)
 
 getIdpId ()
 
 setIdpId (int $idp_id)
 
 allowLocalAuthentication ()
 
 setLocalLocalAuthenticationStatus (bool $status)
 
 getDefaultRoleId ()
 
 setDefaultRoleId (int $role_id)
 
 setUidClaim (string $claim)
 
 getUidClaim ()
 
 setLoginClaim (string $claim)
 
 getLoginClaim ()
 
 isSynchronizationEnabled ()
 
 setSynchronizationStatus (bool $sync)
 
 isAccountMigrationEnabled ()
 
 setAccountMigrationStatus (bool $status)
 

Static Public Member Functions

static getFirstActiveIdp ()
 
static getInstanceByIdpId (int $a_idp_id)
 
static isAuthModeSaml (string $a_auth_mode)
 
static getIdpIdByAuthMode (string $a_auth_mode)
 
static geIdpIdByEntityId (string $entityId)
 
static getActiveIdpList ()
 
static getAllIdps ()
 
static getAuthModeByKey (string $a_auth_key)
 
static getKeyByAuthMode (string $a_auth_mode)
 

Protected Attributes

ilDBInterface $db
 
int $idp_id
 
bool $is_active = false
 
bool $allow_local_auth = false
 
int $default_role_id = 0
 
string $uid_claim = ''
 
string $login_claim = ''
 
bool $sync_status = false
 
string $entity_id = ''
 
bool $account_migration_status = false
 

Static Protected Attributes

static array $idp_as_data = []
 

Private Member Functions

 read ()
 

Static Private Attributes

static array $instances = []
 

Detailed Description

Class ilSamlIdp.

Author
Michael Jansen mjans.nosp@m.en@d.nosp@m.ataba.nosp@m.y.de

Definition at line 25 of file class.ilSamlIdp.php.

Constructor & Destructor Documentation

◆ __construct()

ilSamlIdp::__construct ( int  $a_idp_id = 0)

Definition at line 42 of file class.ilSamlIdp.php.

43 {
44 $this->db = $GLOBALS['DIC']->database();
45 $this->idp_id = $a_idp_id;
46
47 if ($this->idp_id > 0) {
48 $this->read();
49 }
50 }
$GLOBALS
if(!defined('PATH_SEPARATOR')) $GLOBALS['_PEAR_default_error_mode']
Definition: PEAR.php:64

References $GLOBALS, and read().

+ Here is the call graph for this function:

Member Function Documentation

◆ allowLocalAuthentication()

ilSamlIdp::allowLocalAuthentication ( )

Definition at line 297 of file class.ilSamlIdp.php.

297 : bool
298 {
299 return $this->allow_local_auth;
300 }
ilSamlIdp\$allow_local_auth
bool $allow_local_auth
Definition: class.ilSamlIdp.php:32

References $allow_local_auth.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ bindDbRecord()

ilSamlIdp::bindDbRecord ( array  $record)
Parameters
array<string,mixed>$record

Definition at line 149 of file class.ilSamlIdp.php.

149 : void
150 {
151 $this->setIdpId((int) $record['idp_id']);
152 $this->setActive((bool) $record['is_active']);
153 $this->setDefaultRoleId((int) $record['default_role_id']);
154 $this->setUidClaim((string) $record['uid_claim']);
155 $this->setLoginClaim((string) $record['login_claim']);
156 $this->setSynchronizationStatus((bool) $record['sync_status']);
157 $this->setAccountMigrationStatus((bool) $record['account_migr_status']);
158 $this->setLocalLocalAuthenticationStatus((bool) $record['allow_local_auth']);
159 $this->setEntityId((string) $record['entity_id']);
160 }
ilSamlIdp\setLocalLocalAuthenticationStatus
setLocalLocalAuthenticationStatus(bool $status)
Definition: class.ilSamlIdp.php:302
ilSamlIdp\setUidClaim
setUidClaim(string $claim)
Definition: class.ilSamlIdp.php:317
ilSamlIdp\setLoginClaim
setLoginClaim(string $claim)
Definition: class.ilSamlIdp.php:327
ilSamlIdp\setDefaultRoleId
setDefaultRoleId(int $role_id)
Definition: class.ilSamlIdp.php:312
ilSamlIdp\setIdpId
setIdpId(int $idp_id)
Definition: class.ilSamlIdp.php:292
ilSamlIdp\setSynchronizationStatus
setSynchronizationStatus(bool $sync)
Definition: class.ilSamlIdp.php:342
ilSamlIdp\setAccountMigrationStatus
setAccountMigrationStatus(bool $status)
Definition: class.ilSamlIdp.php:352
ilSamlIdp\setActive
setActive(bool $is_active)
Definition: class.ilSamlIdp.php:282
ilSamlIdp\setEntityId
setEntityId(string $entity_id)
Definition: class.ilSamlIdp.php:272

References setAccountMigrationStatus(), setActive(), setDefaultRoleId(), setEntityId(), setIdpId(), setLocalLocalAuthenticationStatus(), setLoginClaim(), setSynchronizationStatus(), and setUidClaim().

Referenced by read().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ delete()

ilSamlIdp::delete ( )

Deletes an idp with all relevant mapping rules.

Furthermore, the auth_mode of the relevant user accounts will be switched to 'default'

Definition at line 111 of file class.ilSamlIdp.php.

111 : void
112 {
113 $mapping = new ilExternalAuthUserAttributeMapping('saml', $this->getIdpId());
114 $mapping->delete();
115
116 $this->db->manipulateF(
117 'UPDATE usr_data SET auth_mode = %s WHERE auth_mode = %s',
118 array('text', 'text'),
119 array('default', ilAuthUtils::AUTH_SAML . '_' . $this->getIdpId())
120 );
121
122 $this->db->manipulate('DELETE FROM saml_idp_settings WHERE idp_id = ' . $this->db->quote(
123 $this->getIdpId(),
124 'integer'
125 ));
126 }

References ilAuthUtils\AUTH_SAML, and getIdpId().

+ Here is the call graph for this function:

◆ geIdpIdByEntityId()

static ilSamlIdp::geIdpIdByEntityId ( string  $entityId)
static

Definition at line 200 of file class.ilSamlIdp.php.

200 : int
201 {
202 foreach (self::getAllIdps() as $idp) {
203 if ($idp->isActive() && $idp->getEntityId() === $entityId) {
204 return $idp->getIdpId();
205 }
206 }
207
208 return 0;
209 }
$entityId
if( $source===null) if(!($source instanceof SP)) $entityId
Definition: metadata.php:105

References $entityId.

Referenced by ilStartUpGUI\doSamlAuthentication().

+ Here is the caller graph for this function:

◆ getActiveIdpList()

static ilSamlIdp::getActiveIdpList ( )
static
Returns
self[]

Definition at line 214 of file class.ilSamlIdp.php.

214 : array
215 {
216 $idps = [];
217
218 foreach (self::getAllIdps() as $idp) {
219 if ($idp->isActive()) {
220 $idps[] = $idp;
221 }
222 }
223
224 return $idps;
225 }

Referenced by ilAuthUtils\_getActiveAuthModes(), ilAuthUtils\_isExternalAccountEnabled(), ilStartUpGUI\doSamlAuthentication(), getFirstActiveIdp(), ilUserImportParser\importBeginTag(), ilStartUpGUI\showSamlLoginForm(), and ilUserImportParser\verifyBeginTag().

+ Here is the caller graph for this function:

◆ getAllIdps()

static ilSamlIdp::getAllIdps ( )
static
Returns
self[]

Definition at line 230 of file class.ilSamlIdp.php.

230 : array
231 {
232 global $DIC;
233
234 $res = $DIC->database()->query('SELECT * FROM saml_idp_settings');
235
236 $idps = [];
237 while ($row = $DIC->database()->fetchAssoc($res)) {
238 $idp = new self();
239 $idp->bindDbRecord($row);
240
241 $idps[] = $idp;
242 }
243
244 return $idps;
245 }
$DIC
global $DIC
Definition: feed.php:28
$res
$res
Definition: ltiservices.php:69

References $DIC, and $res.

Referenced by ilAuthUtils\_getAllAuthModes(), and ilSamlIdpTableGUI\getItems().

+ Here is the caller graph for this function:

◆ getAuthModeByKey()

static ilSamlIdp::getAuthModeByKey ( string  $a_auth_key)
static

Definition at line 247 of file class.ilSamlIdp.php.

247 : string
248 {
249 $auth_arr = explode('_', $a_auth_key);
250 if (count((array) $auth_arr) > 1) {
251 return 'saml_' . $auth_arr[1];
252 }
253
254 return 'saml';
255 }

Referenced by ilAuthUtils\_getAuthModeName().

+ Here is the caller graph for this function:

◆ getDefaultRoleId()

ilSamlIdp::getDefaultRoleId ( )

Definition at line 307 of file class.ilSamlIdp.php.

307 : int
308 {
309 return $this->default_role_id;
310 }
ilSamlIdp\$default_role_id
int $default_role_id
Definition: class.ilSamlIdp.php:33

References $default_role_id.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ getEntityId()

ilSamlIdp::getEntityId ( )

Definition at line 267 of file class.ilSamlIdp.php.

267 : string
268 {
269 return $this->entity_id;
270 }
ilSamlIdp\$entity_id
string $entity_id
Definition: class.ilSamlIdp.php:37

References $entity_id.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ getFirstActiveIdp()

static ilSamlIdp::getFirstActiveIdp ( )
static

Definition at line 52 of file class.ilSamlIdp.php.

52 : self
53 {
54 $idps = self::getActiveIdpList();
55 if (count($idps) > 0) {
56 return current($idps);
57 }
58
59 throw new ilSamlException('No active SAML IDP found');
60 }
ilSamlException
Class ilSamlException.
Definition: class.ilSamlException.php:26
ilSamlIdp\getActiveIdpList
static getActiveIdpList()
Definition: class.ilSamlIdp.php:214

References getActiveIdpList().

Referenced by ilAuthProviderSaml\__construct().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getIdpId()

ilSamlIdp::getIdpId ( )

Definition at line 287 of file class.ilSamlIdp.php.

287 : int
288 {
289 return $this->idp_id;
290 }

References $idp_id.

Referenced by delete(), persist(), ilSamlSettingsGUI\populateWithMetadata(), read(), ilSamlSettingsGUI\saveNewIdp(), ilSamlSettingsGUI\storeMetadata(), and toArray().

+ Here is the caller graph for this function:

◆ getIdpIdByAuthMode()

static ilSamlIdp::getIdpIdByAuthMode ( string  $a_auth_mode)
static

Definition at line 190 of file class.ilSamlIdp.php.

190 : ?int
191 {
192 if (self::isAuthModeSaml($a_auth_mode)) {
193 $auth_arr = explode('_', $a_auth_mode);
194 return (int) $auth_arr[1];
195 }
196
197 return null;
198 }

Referenced by ilObjAuthSettingsGUI\authSettingsObject(), ilAuthUtils\getAuthModeTranslation(), ilAuthProviderFactory\getProviderByAuthMode(), and ilAuthUtils\isLocalPasswordEnabledForAuthMode().

+ Here is the caller graph for this function:

◆ getInstanceByIdpId()

static ilSamlIdp::getInstanceByIdpId ( int  $a_idp_id)
static

Definition at line 62 of file class.ilSamlIdp.php.

62 : self
63 {
64 if (!isset(self::$instances[$a_idp_id]) || !(self::$instances[$a_idp_id] instanceof self)) {
65 self::$instances[$a_idp_id] = new self($a_idp_id);
66 }
67
68 return self::$instances[$a_idp_id];
69 }

Referenced by ilAuthProviderSaml\__construct(), ilObjAuthSettingsGUI\authSettingsObject(), ilAuthUtils\getAuthModeTranslation(), ilSamlSettingsGUI\initIdp(), and ilAuthUtils\isLocalPasswordEnabledForAuthMode().

+ Here is the caller graph for this function:

◆ getKeyByAuthMode()

static ilSamlIdp::getKeyByAuthMode ( string  $a_auth_mode)
static

Definition at line 257 of file class.ilSamlIdp.php.

257 : string
258 {
259 $auth_arr = explode('_', $a_auth_mode);
260 if (count((array) $auth_arr) > 1) {
261 return ilAuthUtils::AUTH_SAML . '_' . $auth_arr[1];
262 }
263
264 return (string) ilAuthUtils::AUTH_SAML;
265 }

References ilAuthUtils\AUTH_SAML.

Referenced by ilAuthUtils\_getAuthMode().

+ Here is the caller graph for this function:

◆ getLoginClaim()

ilSamlIdp::getLoginClaim ( )

Definition at line 332 of file class.ilSamlIdp.php.

332 : string
333 {
334 return $this->login_claim;
335 }
ilSamlIdp\$login_claim
string $login_claim
Definition: class.ilSamlIdp.php:35

References $login_claim.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ getUidClaim()

ilSamlIdp::getUidClaim ( )

Definition at line 322 of file class.ilSamlIdp.php.

322 : string
323 {
324 return $this->uid_claim;
325 }
ilSamlIdp\$uid_claim
string $uid_claim
Definition: class.ilSamlIdp.php:34

References $uid_claim.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ isAccountMigrationEnabled()

ilSamlIdp::isAccountMigrationEnabled ( )

Definition at line 347 of file class.ilSamlIdp.php.

347 : bool
348 {
349 return $this->account_migration_status;
350 }
ilSamlIdp\$account_migration_status
bool $account_migration_status
Definition: class.ilSamlIdp.php:38

References $account_migration_status.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ isActive()

ilSamlIdp::isActive ( )

Definition at line 277 of file class.ilSamlIdp.php.

277 : bool
278 {
279 return $this->is_active;
280 }

References $is_active.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ isAuthModeSaml()

static ilSamlIdp::isAuthModeSaml ( string  $a_auth_mode)
static

Definition at line 176 of file class.ilSamlIdp.php.

176 : bool
177 {
178 if ('' === $a_auth_mode) {
179 return false;
180 }
181
182 $auth_arr = explode('_', $a_auth_mode);
183 return (
184 count($auth_arr) === 2 &&
185 (int) $auth_arr[0] === ilAuthUtils::AUTH_SAML &&
186 is_string($auth_arr[1]) && $auth_arr[1] !== ''
187 );
188 }

References ilAuthUtils\AUTH_SAML.

Referenced by ilObjAuthSettingsGUI\authSettingsObject().

+ Here is the caller graph for this function:

◆ isSynchronizationEnabled()

ilSamlIdp::isSynchronizationEnabled ( )

Definition at line 337 of file class.ilSamlIdp.php.

337 : bool
338 {
339 return $this->sync_status;
340 }

References $sync_status.

Referenced by persist(), and toArray().

+ Here is the caller graph for this function:

◆ persist()

ilSamlIdp::persist ( )

Definition at line 83 of file class.ilSamlIdp.php.

83 : void
84 {
85 if (!$this->getIdpId()) {
86 $this->setIdpId($this->db->nextId('saml_idp_settings'));
87 }
88
89 $this->db->replace(
90 'saml_idp_settings',
91 [
92 'idp_id' => ['integer', $this->getIdpId()]
93 ],
94 [
95 'is_active' => ['integer', (int) $this->isActive()],
96 'default_role_id' => ['integer', $this->getDefaultRoleId()],
97 'uid_claim' => ['text', $this->getUidClaim()],
98 'login_claim' => ['text', $this->getLoginClaim()],
99 'entity_id' => ['text', $this->getEntityId()],
100 'sync_status' => ['integer', (int) $this->isSynchronizationEnabled()],
101 'allow_local_auth' => ['integer', (int) $this->allowLocalAuthentication()],
102 'account_migr_status' => ['integer', (int) $this->isAccountMigrationEnabled()]
103 ]
104 );
105 }
ilSamlIdp\isAccountMigrationEnabled
isAccountMigrationEnabled()
Definition: class.ilSamlIdp.php:347
ilSamlIdp\isSynchronizationEnabled
isSynchronizationEnabled()
Definition: class.ilSamlIdp.php:337
ilSamlIdp\allowLocalAuthentication
allowLocalAuthentication()
Definition: class.ilSamlIdp.php:297

References allowLocalAuthentication(), getDefaultRoleId(), getEntityId(), getIdpId(), getLoginClaim(), getUidClaim(), isAccountMigrationEnabled(), isActive(), isSynchronizationEnabled(), and setIdpId().

Referenced by ilSamlSettingsGUI\saveNewIdp().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ read()

ilSamlIdp::read ( )
private

Definition at line 71 of file class.ilSamlIdp.php.

71 : void
72 {
73 $query = 'SELECT * FROM saml_idp_settings WHERE idp_id = ' . $this->db->quote($this->getIdpId(), 'integer');
74 $res = $this->db->query($query);
75 while ($record = $this->db->fetchAssoc($res)) {
76 $this->bindDbRecord($record);
77 return;
78 }
79
80 throw new ilException('Could not find idp');
81 }
ilException
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilException.php:26
ilSamlIdp\bindDbRecord
bindDbRecord(array $record)
Definition: class.ilSamlIdp.php:149
$query
$query
Definition: proxy_ylocal.php:13

References $query, $res, bindDbRecord(), and getIdpId().

Referenced by __construct().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ setAccountMigrationStatus()

ilSamlIdp::setAccountMigrationStatus ( bool  $status)

Definition at line 352 of file class.ilSamlIdp.php.

352 : void
353 {
354 $this->account_migration_status = $status;
355 }

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ setActive()

ilSamlIdp::setActive ( bool  $is_active)

Definition at line 282 of file class.ilSamlIdp.php.

282 : void
283 {
284 $this->is_active = $is_active;
285 }

References $is_active.

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ setDefaultRoleId()

ilSamlIdp::setDefaultRoleId ( int  $role_id)

Definition at line 312 of file class.ilSamlIdp.php.

312 : void
313 {
314 $this->default_role_id = $role_id;
315 }

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ setEntityId()

ilSamlIdp::setEntityId ( string  $entity_id)

Definition at line 272 of file class.ilSamlIdp.php.

272 : void
273 {
274 $this->entity_id = $entity_id;
275 }

References $entity_id.

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ setIdpId()

ilSamlIdp::setIdpId ( int  $idp_id)

Definition at line 292 of file class.ilSamlIdp.php.

292 : void
293 {
294 $this->idp_id = $idp_id;
295 }

References $idp_id.

Referenced by bindDbRecord(), and persist().

+ Here is the caller graph for this function:

◆ setLocalLocalAuthenticationStatus()

ilSamlIdp::setLocalLocalAuthenticationStatus ( bool  $status)

Definition at line 302 of file class.ilSamlIdp.php.

302 : void
303 {
304 $this->allow_local_auth = $status;
305 }

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ setLoginClaim()

ilSamlIdp::setLoginClaim ( string  $claim)

Definition at line 327 of file class.ilSamlIdp.php.

327 : void
328 {
329 $this->login_claim = $claim;
330 }

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ setSynchronizationStatus()

ilSamlIdp::setSynchronizationStatus ( bool  $sync)

Definition at line 342 of file class.ilSamlIdp.php.

342 : void
343 {
344 $this->sync_status = $sync;
345 }

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ setUidClaim()

ilSamlIdp::setUidClaim ( string  $claim)

Definition at line 317 of file class.ilSamlIdp.php.

317 : void
318 {
319 $this->uid_claim = $claim;
320 }

Referenced by bindDbRecord().

+ Here is the caller graph for this function:

◆ toArray()

ilSamlIdp::toArray ( )
Returns
array<string, mixed>

Definition at line 131 of file class.ilSamlIdp.php.

131 : array
132 {
133 return [
134 'idp_id' => $this->getIdpId(),
135 'is_active' => $this->isActive(),
136 'default_role_id' => $this->getDefaultRoleId(),
137 'uid_claim' => $this->getUidClaim(),
138 'login_claim' => $this->getLoginClaim(),
139 'sync_status' => $this->isSynchronizationEnabled(),
140 'account_migr_status' => $this->isAccountMigrationEnabled(),
141 'allow_local_auth' => $this->allowLocalAuthentication(),
142 'entity_id' => $this->getEntityId()
143 ];
144 }

References allowLocalAuthentication(), getDefaultRoleId(), getEntityId(), getIdpId(), getLoginClaim(), getUidClaim(), isAccountMigrationEnabled(), isActive(), and isSynchronizationEnabled().

+ Here is the call graph for this function:

Field Documentation

◆ $account_migration_status

bool ilSamlIdp::$account_migration_status = false
protected

Definition at line 38 of file class.ilSamlIdp.php.

Referenced by isAccountMigrationEnabled().

◆ $allow_local_auth

bool ilSamlIdp::$allow_local_auth = false
protected

Definition at line 32 of file class.ilSamlIdp.php.

Referenced by allowLocalAuthentication().

◆ $db

ilDBInterface ilSamlIdp::$db
protected

Definition at line 27 of file class.ilSamlIdp.php.

◆ $default_role_id

int ilSamlIdp::$default_role_id = 0
protected

Definition at line 33 of file class.ilSamlIdp.php.

Referenced by getDefaultRoleId().

◆ $entity_id

string ilSamlIdp::$entity_id = ''
protected

Definition at line 37 of file class.ilSamlIdp.php.

Referenced by getEntityId(), and setEntityId().

◆ $idp_as_data

array ilSamlIdp::$idp_as_data = []
staticprotected

Definition at line 40 of file class.ilSamlIdp.php.

◆ $idp_id

int ilSamlIdp::$idp_id
protected

Definition at line 30 of file class.ilSamlIdp.php.

Referenced by getIdpId(), and setIdpId().

◆ $instances

array ilSamlIdp::$instances = []
staticprivate

Definition at line 29 of file class.ilSamlIdp.php.

◆ $is_active

bool ilSamlIdp::$is_active = false
protected

Definition at line 31 of file class.ilSamlIdp.php.

Referenced by isActive(), and setActive().

◆ $login_claim

string ilSamlIdp::$login_claim = ''
protected

Definition at line 35 of file class.ilSamlIdp.php.

Referenced by getLoginClaim().

◆ $sync_status

bool ilSamlIdp::$sync_status = false
protected

Definition at line 36 of file class.ilSamlIdp.php.

Referenced by isSynchronizationEnabled().

◆ $uid_claim

string ilSamlIdp::$uid_claim = ''
protected

Definition at line 34 of file class.ilSamlIdp.php.

Referenced by getUidClaim().

The documentation for this class was generated from the following file: