ILIAS  release_9 Revision v9.13-25-g2c18ec4c24f
class.ilSamlSettingsGUI.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
21 use ILIAS\Refinery\Factory as Refinery;
22 use ILIAS\DI\RBACServices;
23 use ILIAS\HTTP\GlobalHttpState;
24 use ILIAS\Data\Factory;
25 
30 final class ilSamlSettingsGUI
31 {
32  private const VIEW_MODE_GLOBAL = 1;
33  private const VIEW_MODE_SINGLE = 2;
34 
35  public const DEFAULT_CMD = 'listIdps';
36 
37  private const PERMISSION_WRITE = 'write';
38 
39  private const REQUEST_PARAM_SAML_IDP_ID = 'saml_idp_id';
40 
41  private const MESSAGE_TYPE_FAILURE = 'failure';
42  private const MESSAGE_TYPE_SUCCESS = 'success';
43 
44  private const LNG_SAVED_SUCCESSFULLY = 'saved_successfully';
45  private const LNG_AUTH_SAML_USER_MAPPING = 'auth_saml_user_mapping';
46  private const LNG_LOGIN_FORM = 'login_form';
47  private const LNG_CANCEL = 'cancel';
48 
49  private const CMD_SAVE_NEW_IDP = 'saveNewIdp';
50  private const CMD_SAVE_SETTINGS = 'saveSettings';
51  private const CMD_SHOW_IDP_SETTINGS = 'showIdpSettings';
52  private const CMT_SAVE_IDP_SETTINGS = 'saveIdpSettings';
53  private const CMD_SAVE = 'save';
54  private const CMD_SAVE_USER_ATTRIBUTE_MAPPING = 'saveUserAttributeMapping';
55 
56  private const PROP_UPDATE_SUFFIX = '_update';
57 
58  private const METADATA_STORAGE_KEY = 'metadata';
59 
63  private const GLOBAL_COMMANDS = [
64  self::DEFAULT_CMD,
65  'showAddIdpForm',
66  'showSettings',
67  'saveSettings',
68  'showNewIdpForm',
69  'saveNewIdp',
70  ];
71 
75  private const GLOBAL_ENTITY_COMMANDS = [
76  'deactivateIdp',
77  'activateIdp',
78  'confirmDeleteIdp',
79  'deleteIdp',
80  ];
81 
85  private const IGNORED_USER_FIELDS = [
86  'mail_incoming_mail',
87  'preferences',
88  'hide_own_online_status',
89  'show_users_online',
90  'hits_per_page',
91  'roles',
92  'upload',
93  'password',
94  'username',
95  'language',
96  'skin_style',
97  'interests_general',
98  'interests_help_offered',
99  'interests_help_looking',
100  'bs_allow_to_contact_me',
101  'chat_osc_accept_msg',
102  'chat_broadcast_typing',
103  ];
104 
105  private readonly ilCtrlInterface $ctrl;
106  private readonly ilLanguage $lng;
107  private readonly ilGlobalTemplateInterface $tpl;
108  private readonly ilAccessHandler $access;
109  private readonly RBACServices $rbac;
110  private readonly ilErrorHandling $error_handler;
111  private readonly ilTabsGUI $tabs;
112  private readonly ilToolbarGUI $toolbar;
113  private readonly GlobalHttpState $httpState;
114  private readonly Refinery $refinery;
115  private readonly ilHelpGUI $help;
116  private ?ilExternalAuthUserAttributeMapping $mapping = null;
117  private ?ilSamlIdp $idp = null;
118  private ?ilSamlAuth $samlAuth = null;
119  private readonly \ILIAS\UI\Factory $ui_factory;
120  private readonly \ILIAS\UI\Renderer $ui_renderer;
121 
122  public function __construct(private readonly int $ref_id)
123  {
124  global $DIC;
125 
126  $this->ctrl = $DIC->ctrl();
127  $this->tpl = $DIC->ui()->mainTemplate();
128  $this->lng = $DIC->language();
129  $this->access = $DIC->access();
130  $this->rbac = $DIC->rbac();
131  $this->error_handler = $DIC['ilErr'];
132  $this->tabs = $DIC->tabs();
133  $this->toolbar = $DIC['ilToolbar'];
134  $this->help = $DIC['ilHelp'];
135  $this->httpState = $DIC->http();
136  $this->refinery = $DIC->refinery();
137  $this->ui_factory = $DIC->ui()->factory();
138  $this->ui_renderer = $DIC->ui()->renderer();
139 
140  $this->lng->loadLanguageModule('auth');
141  }
142 
143  private function ensureAccess(string $operation): void
144  {
145  if (!$this->rbac->system()->checkAccess($operation, $this->ref_id)) {
146  $this->error_handler->raiseError($this->lng->txt('msg_no_perm_read'), $this->error_handler->WARNING);
147  }
148  }
149 
150  private function ensureWriteAccess(): void
151  {
152  $this->ensureAccess(self::PERMISSION_WRITE);
153  }
154 
155  private function ensureReadAccess(): void
156  {
157  $this->ensureAccess('read');
158  }
159 
160  public function getRefId(): int
161  {
162  return $this->ref_id;
163  }
164 
165  private function getIdpIdOrZero(): int
166  {
167  $idpId = 0;
168  if ($this->httpState->wrapper()->query()->has(self::REQUEST_PARAM_SAML_IDP_ID)) {
169  $idpId = (int) $this->httpState->wrapper()->query()->retrieve(
170  self::REQUEST_PARAM_SAML_IDP_ID,
171  $this->refinery->kindlyTo()->int()
172  );
173  } elseif ($this->httpState->wrapper()->post()->has(self::REQUEST_PARAM_SAML_IDP_ID)) {
174  $idpId = (int) $this->httpState->wrapper()->post()->retrieve(
175  self::REQUEST_PARAM_SAML_IDP_ID,
176  $this->refinery->kindlyTo()->int()
177  );
178  }
179 
180  return $idpId;
181  }
182 
183  private function initIdp(): void
184  {
185  try {
186  $this->idp = ilSamlIdp::getInstanceByIdpId($this->getIdpIdOrZero());
187  } catch (Exception) {
188  $this->tpl->setOnScreenMessage(self::MESSAGE_TYPE_FAILURE, $this->lng->txt('auth_saml_unknow_idp'), true);
189  $this->ctrl->setParameter($this, self::REQUEST_PARAM_SAML_IDP_ID, null);
190  $this->ctrl->redirect($this, self::DEFAULT_CMD);
191  }
192  }
193 
194  public function executeCommand(): void
195  {
196  $this->ensureReadAccess();
197 
198  try {
199  $factory = new ilSamlAuthFactory();
200  $this->samlAuth = $factory->auth();
201  } catch (Throwable $e) {
202  if ('Database error: could not find driver' === $e->getMessage()) {
203  $this->tpl->setOnScreenMessage(self::MESSAGE_TYPE_FAILURE, $this->lng->txt('auth_saml_err_sqlite_driver'));
204  } else {
205  $this->tpl->setOnScreenMessage(self::MESSAGE_TYPE_FAILURE, $e->getMessage());
206  }
207  }
208 
209  $this->help->setScreenIdComponent('auth');
210  $cmd = $this->ctrl->getCmd();
211  if ($cmd === null || $cmd === '' || !method_exists($this, $cmd)) {
212  $cmd = self::DEFAULT_CMD;
213  }
214  $ipdId = $this->getIdpIdOrZero();
215  if ($ipdId > 0) {
216  $this->ctrl->saveParameter($this, self::REQUEST_PARAM_SAML_IDP_ID);
217  }
218  if (!in_array(strtolower($cmd), array_map('strtolower', self::GLOBAL_COMMANDS), true)) {
219  if (0 === $ipdId) {
220  $this->ctrl->redirect($this, self::DEFAULT_CMD);
221  }
222 
223  $this->initIdp();
224  $this->initUserAttributeMapping();
225  }
226  if (
227  in_array(strtolower($cmd), array_map('strtolower', self::GLOBAL_COMMANDS), true) ||
228  in_array(strtolower($cmd), array_map('strtolower', self::GLOBAL_ENTITY_COMMANDS), true)
229  ) {
230  $this->setSubTabs(self::VIEW_MODE_GLOBAL);
231  } else {
232  $this->setSubTabs(self::VIEW_MODE_SINGLE);
233  }
234  $this->$cmd();
235  }
236 
237  private function listIdps(): void
238  {
239  if ($this->samlAuth && $this->rbac->system()->checkAccess(self::PERMISSION_WRITE, $this->ref_id)) {
240  $this->toolbar->addStickyItem($this->ui_factory->button()->standard(
241  $this->lng->txt('auth_saml_add_idp_btn'),
242  $this->ctrl->getLinkTarget($this, 'showNewIdpForm')
243  ));
244  }
245 
246  $table = new ilSamlIdpTableGUI(
247  $this,
248  $this->ui_factory,
249  $this->ui_renderer,
250  self::DEFAULT_CMD,
251  $this->rbac->system()->checkAccess(self::PERMISSION_WRITE, $this->ref_id)
252  );
253  $this->tpl->setContent($table->getHTML());
254  }
255 
256  private function deactivateIdp(): void
257  {
258  $this->ensureWriteAccess();
259 
260  $this->idp->setActive(false);
261  $this->idp->persist();
262 
263  $this->tpl->setOnScreenMessage(self::MESSAGE_TYPE_SUCCESS, $this->lng->txt(self::LNG_SAVED_SUCCESSFULLY));
264  $this->listIdps();
265  }
266 
267  private function activateIdp(): void
268  {
269  $this->ensureWriteAccess();
270 
271  $this->idp->setActive(true);
272  $this->idp->persist();
273 
274  $this->tpl->setOnScreenMessage(self::MESSAGE_TYPE_SUCCESS, $this->lng->txt(self::LNG_SAVED_SUCCESSFULLY));
275  $this->listIdps();
276  }
277 
278  private function setSubTabs(int $a_view_mode): void
279  {
280  switch ($a_view_mode) {
281  case self::VIEW_MODE_GLOBAL:
282  $this->tabs->addSubTabTarget(
283  'auth_saml_idps',
284  $this->ctrl->getLinkTarget($this, self::DEFAULT_CMD),
285  array_merge(self::GLOBAL_ENTITY_COMMANDS, [self::DEFAULT_CMD, 'showNewIdpForm', self::CMD_SAVE_NEW_IDP]),
286  self::class
287  );
288 
289  $this->tabs->addSubTabTarget(
290  'settings',
291  $this->ctrl->getLinkTarget($this, 'showSettings'),
292  ['showSettings', self::CMD_SAVE_SETTINGS],
293  self::class
294  );
295  break;
296 
297  case self::VIEW_MODE_SINGLE:
298  $this->tabs->clearTargets();
299  $this->tabs->setBackTarget(
300  $this->lng->txt('back'),
301  $this->ctrl->getLinkTarget($this, self::DEFAULT_CMD)
302  );
303 
304  $this->tabs->addSubTabTarget(
305  'auth_saml_idp_settings',
306  $this->ctrl->getLinkTarget($this, self::CMD_SHOW_IDP_SETTINGS),
307  [self::CMD_SHOW_IDP_SETTINGS, self::CMT_SAVE_IDP_SETTINGS],
308  self::class
309  );
310 
311  $this->tabs->addSubTabTarget(
312  self::LNG_AUTH_SAML_USER_MAPPING,
313  $this->ctrl->getLinkTarget($this, 'showUserAttributeMappingForm'),
314  ['showUserAttributeMappingForm', self::CMD_SAVE_USER_ATTRIBUTE_MAPPING],
315  self::class
316  );
317  break;
318  }
319  }
320 
321  private function initUserAttributeMapping(): void
322  {
323  $this->mapping = new ilExternalAuthUserAttributeMapping('saml', $this->idp->getIdpId());
324  }
325 
326  private function getUserAttributeMappingForm(): ilPropertyFormGUI
327  {
328  $form = new ilPropertyFormGUI();
329  $form->setFormAction($this->ctrl->getFormAction($this, self::CMD_SAVE_USER_ATTRIBUTE_MAPPING));
330  $form->setTitle($this->lng->txt(self::LNG_AUTH_SAML_USER_MAPPING));
331 
332  $usr_profile = new ilUserProfile();
333  foreach (array_keys($usr_profile->getStandardFields()) as $id) {
334  if (in_array($id, self::IGNORED_USER_FIELDS, true)) {
335  continue;
336  }
337 
338  $this->addAttributeRuleFieldToForm($form, $this->lng->txt($id), $id);
339  }
340 
341  foreach (ilUserDefinedFields::_getInstance()->getDefinitions() as $definition) {
342  $this->addAttributeRuleFieldToForm($form, $definition['field_name'], 'udf_' . $definition['field_id']);
343  }
344 
345  if (!$this->access->checkAccess(self::PERMISSION_WRITE, '', $this->ref_id)) {
346  foreach ($form->getItems() as $item) {
347  $item->setDisabled(true);
348  }
349  } else {
350  $form->addCommandButton(self::CMD_SAVE_USER_ATTRIBUTE_MAPPING, $this->lng->txt(self::CMD_SAVE));
351  }
352 
353  return $form;
354  }
355 
356  private function addAttributeRuleFieldToForm(
357  ilPropertyFormGUI $form,
358  string $field_label,
359  string $field_name
360  ): void {
361  $field = new ilTextInputGUI($field_label, $field_name);
362  $form->addItem($field);
363 
364  $update_automatically = new ilCheckboxInputGUI('', $field_name . self::PROP_UPDATE_SUFFIX);
365  $update_automatically->setOptionTitle($this->lng->txt('auth_saml_update_field_info'));
366  $update_automatically->setValue('1');
367  $form->addItem($update_automatically);
368  }
369 
370  private function saveUserAttributeMapping(): void
371  {
372  $this->ensureWriteAccess();
373 
374  $form = $this->getUserAttributeMappingForm();
375  if ($form->checkInput()) {
376  $this->mapping->delete();
377 
378  $usr_profile = new ilUserProfile();
379  foreach (array_keys($usr_profile->getStandardFields()) as $id) {
380  if (in_array($id, self::IGNORED_USER_FIELDS, true)) {
381  continue;
382  }
383 
384  $rule = $this->mapping->getEmptyRule();
385  $rule->setAttribute($id);
386  $rule->setExternalAttribute((string) $form->getInput($rule->getAttribute()));
387  $rule->updateAutomatically((bool) $form->getInput($rule->getAttribute() . self::PROP_UPDATE_SUFFIX));
388  $this->mapping[$rule->getAttribute()] = $rule;
389  }
390 
391  foreach (ilUserDefinedFields::_getInstance()->getDefinitions() as $definition) {
392  $rule = $this->mapping->getEmptyRule();
393  $rule->setAttribute('udf_' . $definition['field_id']);
394  $rule->setExternalAttribute((string) $form->getInput($rule->getAttribute()));
395  $rule->updateAutomatically((bool) $form->getInput($rule->getAttribute() . self::PROP_UPDATE_SUFFIX));
396  $this->mapping[$rule->getAttribute()] = $rule;
397  }
398 
399  $this->mapping->save();
400 
401  $this->tpl->setOnScreenMessage(self::MESSAGE_TYPE_SUCCESS, $this->lng->txt(self::LNG_SAVED_SUCCESSFULLY));
402  }
403 
404  $form->setValuesByPost();
405 
406  $this->showUserAttributeMappingForm($form);
407  }
408 
409  private function showUserAttributeMappingForm(ilPropertyFormGUI $form = null): void
410  {
411  $this->tabs->setSubTabActive(self::LNG_AUTH_SAML_USER_MAPPING);
412 
413  if (!($form instanceof ilPropertyFormGUI)) {
414  $form = $this->getUserAttributeMappingForm();
415  $data = [];
416  foreach ($this->mapping as $rule) {
417  $data[$rule->getAttribute()] = $rule->getExternalAttribute();
418  $data[$rule->getAttribute() . self::PROP_UPDATE_SUFFIX] = $rule->isAutomaticallyUpdated();
419  }
420  $form->setValuesByArray($data);
421  }
422 
423  $this->tpl->setContent($form->getHTML());
424  }
425 
426  private function getSettingsForm(): ilPropertyFormGUI
427  {
428  $form = new ilPropertyFormGUI();
429  $form->setFormAction($this->ctrl->getFormAction($this, self::CMD_SAVE_SETTINGS));
430  $form->setTitle($this->lng->txt('auth_saml_configure'));
431 
432  $show_login_form = new ilCheckboxInputGUI($this->lng->txt('auth_saml_login_form'), self::LNG_LOGIN_FORM);
433  $show_login_form->setInfo($this->lng->txt('auth_saml_login_form_info'));
434  $show_login_form->setValue('1');
435  $form->addItem($show_login_form);
436 
437  if (!$this->access->checkAccess(self::PERMISSION_WRITE, '', $this->ref_id)) {
438  foreach ($form->getItems() as $item) {
439  $item->setDisabled(true);
440  }
441  } else {
442  $form->addCommandButton(self::CMD_SAVE_SETTINGS, $this->lng->txt(self::CMD_SAVE));
443  }
444 
445  return $form;
446  }
447 
451  private function prepareRoleSelection(): array
452  {
453  $select = [];
454  $global_roles = array_map('intval', ilUtil::_sortIds(
455  $this->rbac->review()->getGlobalRoles(),
456  'object_data',
457  'title',
458  'obj_id'
459  ));
460 
461  $select[0] = $this->lng->txt('links_select_one');
462  foreach ($global_roles as $role_id) {
463  $select[$role_id] = ilObject::_lookupTitle($role_id);
464  }
465 
466  return $select;
467  }
468 
469  private function saveSettings(): void
470  {
471  $this->ensureWriteAccess();
472 
473  $form = $this->getSettingsForm();
474  if ($form->checkInput()) {
475  ilSamlSettings::getInstance()->setLoginFormStatus((bool) $form->getInput(self::LNG_LOGIN_FORM));
476  $this->tpl->setOnScreenMessage(self::MESSAGE_TYPE_SUCCESS, $this->lng->txt(self::LNG_SAVED_SUCCESSFULLY));
477  }
478 
479  $form->setValuesByPost();
480 
481  $this->showSettings($form);
482  }
483 
484  private function showSettings(ilPropertyFormGUI $form = null): void
485  {
486  if (!($form instanceof ilPropertyFormGUI)) {
487  $form = $this->getSettingsForm();
488  $form->setValuesByArray([
489  self::LNG_LOGIN_FORM => ilSamlSettings::getInstance()->isDisplayedOnLoginPage(),
490  ]);
491  }
492 
493  $this->tpl->setContent($form->getHTML());
494  }
495 
496  private function getIdpSettingsForm(): ilPropertyFormGUI
497  {
498  $form = new ilPropertyFormGUI();
499  $form->setFormAction($this->ctrl->getFormAction($this, self::CMT_SAVE_IDP_SETTINGS));
500  $form->setTitle(sprintf($this->lng->txt('auth_saml_configure_idp'), $this->idp->getEntityId()));
501 
502  $idp = new ilTextInputGUI($this->lng->txt('auth_saml_idp'), 'entity_id');
503  $idp->setDisabled(true);
504  $form->addItem($idp);
505 
506  $this->addMetadataElement($form);
507 
508  $local = new ilCheckboxInputGUI($this->lng->txt('auth_allow_local'), 'allow_local_auth');
509  $local->setValue('1');
510  $local->setInfo($this->lng->txt('auth_allow_local_info'));
511  $form->addItem($local);
512 
513  $uid_claim = new ilTextInputGUI($this->lng->txt('auth_saml_uid_claim'), 'uid_claim');
514  $uid_claim->setInfo($this->lng->txt('auth_saml_uid_claim_info'));
515  $uid_claim->setRequired(true);
516  $form->addItem($uid_claim);
517 
518  $sync = new ilCheckboxInputGUI($this->lng->txt('auth_saml_sync'), 'sync_status');
519  $sync->setInfo($this->lng->txt('auth_saml_sync_info'));
520  $sync->setValue('1');
521 
522  $username_claim = new ilTextInputGUI($this->lng->txt('auth_saml_username_claim'), 'login_claim');
523  $username_claim->setInfo($this->lng->txt('auth_saml_username_claim_info'));
524  $username_claim->setRequired(true);
525  $sync->addSubItem($username_claim);
526 
527  $role = new ilSelectInputGUI($this->lng->txt('auth_saml_role_select'), 'default_role_id');
528  $role->setOptions($this->prepareRoleSelection());
529  $role->setRequired(true);
530  $sync->addSubItem($role);
531 
532  $migr = new ilCheckboxInputGUI($this->lng->txt('auth_saml_migration'), 'account_migr_status');
533  $migr->setInfo($this->lng->txt('auth_saml_migration_info'));
534  $migr->setValue('1');
535  $sync->addSubItem($migr);
536  $form->addItem($sync);
537 
538  if (!$this->access->checkAccess(self::PERMISSION_WRITE, '', $this->ref_id)) {
539  foreach ($form->getItems() as $item) {
540  $item->setDisabled(true);
541  }
542  } else {
543  $form->addCommandButton(self::CMT_SAVE_IDP_SETTINGS, $this->lng->txt(self::CMD_SAVE));
544  }
545  $form->addCommandButton(self::DEFAULT_CMD, $this->lng->txt(self::LNG_CANCEL));
546 
547  return $form;
548  }
549 
550  private function showIdpSettings(ilPropertyFormGUI $form = null): void
551  {
552  $this->tabs->setSubTabActive('auth_saml_idp_settings');
553 
554  if (null === $form) {
555  $form = $this->getIdpSettingsForm();
556  $data = $this->idp->toArray();
557  $this->populateWithMetadata($this->idp, $data);
558  $form->setValuesByArray($data);
559  } else {
560  $form->setValuesByPost();
561  }
562 
563  $this->help->setSubScreenId('edit_idp');
564 
565  $this->tpl->setContent($form->getHTML());
566  }
567 
568  private function saveIdpSettings(): void
569  {
570  $this->ensureWriteAccess();
571 
572  $form = $this->getIdpSettingsForm();
573  if ($form->checkInput()) {
574  $this->idp->bindForm($form);
575  $this->idp->persist();
576  $this->tpl->setOnScreenMessage(self::MESSAGE_TYPE_SUCCESS, $this->lng->txt(self::LNG_SAVED_SUCCESSFULLY));
577 
578  $this->storeMetadata($this->idp, $form->getInput(self::METADATA_STORAGE_KEY));
579  }
580 
581  $this->showIdpSettings($form);
582  }
583 
584  private function getIdpForm(): ilPropertyFormGUI
585  {
586  $form = new ilPropertyFormGUI();
587  $form->setFormAction($this->ctrl->getFormAction($this, self::CMD_SAVE_NEW_IDP));
588  $form->setTitle($this->lng->txt('auth_saml_add_idp_btn'));
589 
590  $this->addMetadataElement($form);
591 
592  $form->addCommandButton(self::CMD_SAVE_NEW_IDP, $this->lng->txt(self::CMD_SAVE));
593  $form->addCommandButton('listIdps', $this->lng->txt(self::LNG_CANCEL));
594 
595  return $form;
596  }
597 
598  private function saveNewIdp(): void
599  {
600  $this->ensureWriteAccess();
601 
602  $form = $this->getIdpForm();
603  if ($form->checkInput()) {
604  $idp = new ilSamlIdp();
605  $idp->bindForm($form);
606  $idp->persist();
607 
608  $this->storeMetadata($idp, $form->getInput(self::METADATA_STORAGE_KEY));
609 
610  $this->tpl->setOnScreenMessage(self::MESSAGE_TYPE_SUCCESS, $this->lng->txt(self::LNG_SAVED_SUCCESSFULLY), true);
611  $this->ctrl->setParameter($this, self::REQUEST_PARAM_SAML_IDP_ID, $idp->getIdpId());
612  $this->ctrl->redirect($this, self::CMD_SHOW_IDP_SETTINGS);
613  }
614 
615  $this->showNewIdpForm($form);
616  }
617 
618  private function showNewIdpForm(ilPropertyFormGUI $form = null): void
619  {
620  $this->ensureWriteAccess();
621 
622  if (null === $form) {
623  $form = $this->getIdpForm();
624  } else {
625  $form->setValuesByPost();
626  }
627 
628  $this->help->setSubScreenId('create_idp');
629 
630  $this->tpl->setContent($form->getHTML());
631  }
632 
633  private function addMetadataElement(ilPropertyFormGUI $form): void
634  {
635  $metadata = new ilSamlIdpMetadataInputGUI(
636  $this->lng->txt('auth_saml_add_idp_md_label'),
637  self::METADATA_STORAGE_KEY,
638  new ilSamlIdpXmlMetadataParser(
639  new Factory(),
640  new ilSamlIdpXmlMetadataErrorFormatter()
641  )
642  );
643  $metadata->setInfo($this->lng->txt('auth_saml_add_idp_md_info'));
644  $metadata->setRows(20);
645  $metadata->setRequired(true);
646 
647  $purifier = new ilHtmlPurifierComposite();
648  $purifier->addPurifier(new ilSamlIdpMetadataPurifier());
649 
650  $metadata->setPurifier($purifier);
651  $metadata->usePurifier(true);
652  $form->addItem($metadata);
653  }
654 
655  private function populateWithMetadata(ilSamlIdp $idp, array &$data): void
656  {
657  $idpDisco = $this->samlAuth->getIdpDiscovery();
658 
659  $data[self::METADATA_STORAGE_KEY] = $idpDisco->fetchIdpMetadata($idp->getIdpId());
660  }
661 
662  private function storeMetadata(ilSamlIdp $idp, string $metadata): void
663  {
664  $idpDisco = $this->samlAuth->getIdpDiscovery();
665  $idpDisco->storeIdpMetadata($idp->getIdpId(), $metadata);
666  }
667 
668  private function confirmDeleteIdp(): void
669  {
670  $this->ensureWriteAccess();
671 
672  $confirmation = new ilConfirmationGUI();
673  $confirmation->setFormAction($this->ctrl->getFormAction($this, 'deleteIdp'));
674  $confirmation->setConfirm($this->lng->txt('confirm'), 'deleteIdp');
675  $confirmation->setCancel($this->lng->txt(self::LNG_CANCEL), self::DEFAULT_CMD);
676  $confirmation->setHeaderText($this->lng->txt('auth_saml_sure_delete_idp'));
677  $confirmation->addItem('saml_idp_ids', (string) $this->idp->getIdpId(), $this->idp->getEntityId());
678 
679  $this->tpl->setContent($confirmation->getHTML());
680  }
681 
682  private function deleteIdp(): void
683  {
684  $this->ensureWriteAccess();
685 
686  $idpDisco = $this->samlAuth->getIdpDiscovery();
687  $idpDisco->deleteIdpMetadata($this->idp->getIdpId());
688 
689  $this->idp->delete();
690 
691  $this->tpl->setOnScreenMessage(self::MESSAGE_TYPE_SUCCESS, $this->lng->txt('auth_saml_deleted_idp'), true);
692 
693  $this->ctrl->setParameter($this, self::REQUEST_PARAM_SAML_IDP_ID, null);
694  $this->ctrl->redirect($this, self::DEFAULT_CMD);
695  }
696 }
ilSamlIdpTableGUI
Class ilSamlIdpTableGUI.
Definition: class.ilSamlIdpTableGUI.php:25
ILIAS\HTTP\GlobalHttpState
Interface GlobalHttpState.
Definition: GlobalHttpState.php:42
ilSamlSettingsGUI\showNewIdpForm
showNewIdpForm(ilPropertyFormGUI $form=null)
Definition: class.ilSamlSettingsGUI.php:618
ilSamlSettingsGUI\storeMetadata
storeMetadata(ilSamlIdp $idp, string $metadata)
Definition: class.ilSamlSettingsGUI.php:662
ilSamlSettingsGUI\$error_handler
readonly ilErrorHandling $error_handler
Definition: class.ilSamlSettingsGUI.php:110
ilSelectInputGUI
This class represents a selection list property in a property form.
Definition: class.ilSelectInputGUI.php:26
ilTabsGUI
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilTabsGUI.php:25
ilSamlSettingsGUI\$httpState
readonly GlobalHttpState $httpState
Definition: class.ilSamlSettingsGUI.php:113
ilSamlSettingsGUI\$help
readonly ilHelpGUI $help
Definition: class.ilSamlSettingsGUI.php:115
ilSamlSettingsGUI\setSubTabs
setSubTabs(int $a_view_mode)
Definition: class.ilSamlSettingsGUI.php:278
ilHelpGUI
Help GUI class.
Definition: class.ilHelpGUI.php:27
ilHtmlPurifierComposite
Composite for nesting multiple purifiers.
Definition: class.ilHtmlPurifierComposite.php:25
ilSamlSettingsGUI\showSettings
showSettings(ilPropertyFormGUI $form=null)
Definition: class.ilSamlSettingsGUI.php:484
ilUserProfile
Class ilUserProfile.
Definition: class.ilUserProfile.php:25
ilSelectInputGUI\setOptions
setOptions(array $a_options)
Definition: class.ilSelectInputGUI.php:48
ilSamlSettingsGUI\populateWithMetadata
populateWithMetadata(ilSamlIdp $idp, array &$data)
Definition: class.ilSamlSettingsGUI.php:655
ilSamlIdp\getInstanceByIdpId
static getInstanceByIdpId(int $a_idp_id)
Definition: class.ilSamlIdp.php:68
$DIC
global $DIC
Definition: feed.php:28
$ref_id
$ref_id
Definition: ltiauth.php:67
ilExternalAuthUserAttributeMapping
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilExternalAuthUserAttributeMapping.php:25
ilSamlSettingsGUI\showIdpSettings
showIdpSettings(ilPropertyFormGUI $form=null)
Definition: class.ilSamlSettingsGUI.php:550
ilSamlSettingsGUI\$rbac
readonly RBACServices $rbac
Definition: class.ilSamlSettingsGUI.php:109
ilObject\_lookupTitle
static _lookupTitle(int $obj_id)
Definition: class.ilObject.php:834
ilSamlSettingsGUI\$tpl
readonly ilGlobalTemplateInterface $tpl
Definition: class.ilSamlSettingsGUI.php:107
ilSamlSettingsGUI\$toolbar
readonly ilToolbarGUI $toolbar
Definition: class.ilSamlSettingsGUI.php:112
ILIAS\DI\RBACServices
Provides fluid interface to RBAC services.
Definition: RBACServices.php:23
ilSamlSettingsGUI\$ui_renderer
readonly ILIAS UI Renderer $ui_renderer
Definition: class.ilSamlSettingsGUI.php:120
ilSamlSettingsGUI\$mapping
ilExternalAuthUserAttributeMapping $mapping
Definition: class.ilSamlSettingsGUI.php:116
ilSamlSettingsGUI\ensureAccess
ensureAccess(string $operation)
Definition: class.ilSamlSettingsGUI.php:143
ilSamlSettingsGUI\__construct
__construct(private readonly int $ref_id)
Definition: class.ilSamlSettingsGUI.php:122
ilUtil\_sortIds
static _sortIds(array $a_ids, string $a_table, string $a_field, string $a_id_name)
Function that sorts ids by a given table field using WHERE IN E.g: __sort(array(6,7),&#39;usr_data&#39;,&#39;lastname&#39;,&#39;usr_id&#39;) => sorts by lastname.
Definition: class.ilUtil.php:1218
ilSamlSettingsGUI\$ctrl
readonly ilCtrlInterface $ctrl
Definition: class.ilSamlSettingsGUI.php:105
ilSamlSettingsGUI\$refinery
readonly Refinery $refinery
Definition: class.ilSamlSettingsGUI.php:114
ilSamlSettingsGUI\$ui_factory
readonly ILIAS UI Factory $ui_factory
Definition: class.ilSamlSettingsGUI.php:119
ilSamlIdp
Class ilSamlIdp.
Definition: class.ilSamlIdp.php:25
ilSamlSettingsGUI\$lng
readonly ilLanguage $lng
Definition: class.ilSamlSettingsGUI.php:106
ilErrorHandling
Error Handling & global info handling.
Definition: class.ilErrorHandling.php:37
ilSamlSettingsGUI
Class ilSamlSettingsGUI.
Definition: class.ilSamlSettingsGUI.php:30
RBACServices
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
ilSamlSettingsGUI\addAttributeRuleFieldToForm
addAttributeRuleFieldToForm(ilPropertyFormGUI $form, string $field_label, string $field_name)
Definition: class.ilSamlSettingsGUI.php:356
ilSamlSettingsGUI\$tabs
readonly ilTabsGUI $tabs
Definition: class.ilSamlSettingsGUI.php:111
$id
$id
plugin.php for ilComponentBuildPluginInfoObjectiveTest::testAddPlugins
Definition: plugin.php:23
ilSamlSettingsGUI\showUserAttributeMappingForm
showUserAttributeMappingForm(ilPropertyFormGUI $form=null)
Definition: class.ilSamlSettingsGUI.php:409
ilSamlSettingsGUI\$access
readonly ilAccessHandler $access
Definition: class.ilSamlSettingsGUI.php:108
ilSamlIdpMetadataPurifier
Class ilSamlIdpMetadataPurifier.
Definition: class.ilSamlIdpMetadataPurifier.php:25
ilSamlSettingsGUI\addMetadataElement
addMetadataElement(ilPropertyFormGUI $form)
Definition: class.ilSamlSettingsGUI.php:633