d0/d20/class_8ilAuthProviderShibboleth_8php_source.html

<?php


class ilAuthProviderShibboleth extends ilAuthProvider

{

    private ILIAS $ilias;

    private ilSetting $settings;


    public function __construct(ilAuthCredentials $credentials)

    {

        global $DIC;

        $this->ilias = $DIC['ilias'];

        $this->settings = $DIC->settings();

        parent::__construct($credentials);

    }


    public function doAuthentication(ilAuthStatus $status): bool

    {

        $shib_server_data = shibServerData::getInstance();


        if ($shib_server_data->getLogin() !== '' && $shib_server_data->getLogin() !== '0') {

            $shib_user = shibUser::buildInstance($shib_server_data);

            // for backword compatibility of hook environment variables

            $new_user = $shib_user->isNew(); // For shib_data_conv included Script

            $settings = new ilShibbolethSettings();

            $account_creation = $settings->getAccountCreation();

            if (!$new_user) {

                $shib_user->updateFields();

                // Include custom code that can be used to further modify

                // certain Shibboleth user attributes

                if (

                    $this->ilias->getSetting('shib_data_conv') &&

                    $this->ilias->getSetting('shib_data_conv') !== '' &&

                    is_readable($this->ilias->getSetting('shib_data_conv'))

                ) {

                    include($this->ilias->getSetting('shib_data_conv'));

                }

                $shib_user = ilShibbolethPluginWrapper::getInstance()->beforeUpdateUser($shib_user);

                $shib_user->update();

                $shib_user = ilShibbolethPluginWrapper::getInstance()->afterUpdateUser($shib_user);

                ilShibbolethRoleAssignmentRules::updateAssignments($shib_user->getId(), $_SERVER);

            } elseif ($account_creation !== ilShibbolethSettings::ACCOUNT_CREATION_DISABLED) {

                $shib_user->createFields();

                $shib_user->setPref('hits_per_page', $this->settings->get('hits_per_page'));


                // Modify user data before creating the user

                // Include custom code that can be used to further modify

                // certain Shibboleth user attributes

                if (

                    $this->ilias->getSetting('shib_data_conv') &&

                    $this->ilias->getSetting('shib_data_conv', '') !== '' &&

                    is_readable($this->ilias->getSetting('shib_data_conv'))

                ) {

                    include($this->ilias->getSetting('shib_data_conv'));

                }

                $shib_user = ilShibbolethPluginWrapper::getInstance()->beforeCreateUser($shib_user);

                if ($account_creation === ilShibbolethSettings::ACCOUNT_CREATION_WITH_APPROVAL) {

                    $shib_user->setActive(false);

                }

                $shib_user->create();

                $shib_user->saveAsNew();

                $shib_user->updateOwner();

                $shib_user->writePrefs();

                $shib_user = ilShibbolethPluginWrapper::getInstance()->afterCreateUser($shib_user);

                ilShibbolethRoleAssignmentRules::doAssignments($shib_user->getId(), $_SERVER);

            }


            if (!$new_user || $account_creation === ilShibbolethSettings::ACCOUNT_CREATION_ENABLED) {

                $status->setStatus(ilAuthStatus::STATUS_AUTHENTICATED);

                $status->setAuthenticatedUserId(ilObjUser::_lookupId($shib_user->getLogin()));

            } elseif ($account_creation === ilShibbolethSettings::ACCOUNT_CREATION_WITH_APPROVAL) {

                $status->setStatus(ilAuthStatus::STATUS_AUTHENTICATION_FAILED);

                $status->setReason('err_inactive');

            } else {

                $status->setStatus(ilAuthStatus::STATUS_AUTHENTICATION_FAILED);

                $status->setReason('err_disabled');

            }


        } else {

            $this->getLogger()->info('Shibboleth authentication failed.');

            $this->handleAuthenticationFail($status, 'err_wrong_login');

            return false;

        }


        return true;

    }

}

ilAuthProviderShibboleth
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilAuthProviderShibboleth.php:24

ilAuthProviderShibboleth\$settings
ilSetting $settings
Definition: class.ilAuthProviderShibboleth.php:26

ilAuthProviderShibboleth\$ilias
ILIAS $ilias
Definition: class.ilAuthProviderShibboleth.php:25

ilAuthProviderShibboleth\__construct
__construct(ilAuthCredentials $credentials)
Definition: class.ilAuthProviderShibboleth.php:28

ilAuthProviderShibboleth\doAuthentication
doAuthentication(ilAuthStatus $status)
Definition: class.ilAuthProviderShibboleth.php:43

ilAuthProvider
Definition: class.ilAuthProvider.php:22

ilAuthProvider\getLogger
getLogger()
Definition: class.ilAuthProvider.php:33

ilAuthProvider\handleAuthenticationFail
handleAuthenticationFail(ilAuthStatus $status, string $a_reason)
Definition: class.ilAuthProvider.php:43

ilAuthProvider\$credentials
ilAuthCredentials $credentials
Definition: class.ilAuthProvider.php:24

ilAuthStatus
Definition: class.ilAuthStatus.php:22

ilAuthStatus\STATUS_AUTHENTICATION_FAILED
const int STATUS_AUTHENTICATION_FAILED
Definition: class.ilAuthStatus.php:29

ilAuthStatus\setReason
setReason(string $a_reason)
Set reason.
Definition: class.ilAuthStatus.php:81

ilAuthStatus\setAuthenticatedUserId
setAuthenticatedUserId(int $a_id)
Definition: class.ilAuthStatus.php:114

ilAuthStatus\setStatus
setStatus(int $a_status)
Set auth status.
Definition: class.ilAuthStatus.php:63

ilAuthStatus\STATUS_AUTHENTICATED
const int STATUS_AUTHENTICATED
Definition: class.ilAuthStatus.php:28

ilObjUser\_lookupId
static _lookupId(string|array $a_user_str)
Definition: class.ilObjUser.php:2915

ilSetting
ILIAS Setting Class.
Definition: class.ilSetting.php:27

ilShibbolethPluginWrapper\getInstance
static getInstance()
Definition: class.ilShibbolethPluginWrapper.php:37

ilShibbolethRoleAssignmentRules\doAssignments
static doAssignments(int $a_usr_id, array $a_data)
Definition: class.ilShibbolethRoleAssignmentRules.php:93

ilShibbolethRoleAssignmentRules\updateAssignments
static updateAssignments(int $a_usr_id, array $a_data)
Definition: class.ilShibbolethRoleAssignmentRules.php:61

ilShibbolethSettings
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilShibbolethSettings.php:25

ilShibbolethSettings\ACCOUNT_CREATION_ENABLED
const ACCOUNT_CREATION_ENABLED
Definition: class.ilShibbolethSettings.php:43

ilShibbolethSettings\ACCOUNT_CREATION_DISABLED
const ACCOUNT_CREATION_DISABLED
Definition: class.ilShibbolethSettings.php:45

ilShibbolethSettings\ACCOUNT_CREATION_WITH_APPROVAL
const ACCOUNT_CREATION_WITH_APPROVAL
Definition: class.ilShibbolethSettings.php:44

shibServerData\getInstance
static getInstance()
Definition: class.shibServerData.php:44

shibUser\buildInstance
static buildInstance(shibServerData $shibServerData)
Definition: class.shibUser.php:35

$new_user
$new_user
Definition: dummy_client.php:30

ilAuthCredentials
Definition: interface.ilAuthCredentials.php:22

ILIAS\GlobalScreen\Provider\__construct
__construct(Container $dic, ilPlugin $plugin)
@inheritDoc
Definition: PluginProviderHelper.php:38

ILIAS\Repository\settings
settings()
Definition: trait.GlobalDICDomainServices.php:96

ILIAS
Interface Observer \BackgroundTasks Contains several chained tasks and infos about them.
Definition: AccessControl.php:21

ilias
Class ilObjForumAdministration.

$_SERVER
$_SERVER['HTTP_HOST']
Definition: raiseError.php:26

$DIC
global $DIC
Definition: shib_login.php:26