d0/d20/class_8ilAuthProviderShibboleth_8php_source.html

 <?php

 class ilAuthProviderShibboleth extends ilAuthProvider
 {
     private ILIAS $ilias;
     private ilSetting $settings;

     public function __construct(ilAuthCredentials $credentials)
     {
         global $DIC;
         $this->ilias = $DIC['ilias'];
         $this->settings = $DIC->settings();
         parent::__construct($credentials);
     }

     public function doAuthentication(ilAuthStatus $status): bool
     {
         $shib_server_data = shibServerData::getInstance();

         if ($shib_server_data->getLogin() !== '' && $shib_server_data->getLogin() !== '0') {
             $shib_user = shibUser::buildInstance($shib_server_data);
             // for backword compatibility of hook environment variables
             $new_user = $shib_user->isNew(); // For shib_data_conv included Script
             $settings = new ilShibbolethSettings();
             $account_creation = $settings->getAccountCreation();
             if (!$new_user) {
                 $shib_user->updateFields();
                 // Include custom code that can be used to further modify
                 // certain Shibboleth user attributes
                 if (
                     $this->ilias->getSetting('shib_data_conv') &&
                     $this->ilias->getSetting('shib_data_conv') !== '' &&
                     is_readable($this->ilias->getSetting('shib_data_conv'))
                 ) {
                     include($this->ilias->getSetting('shib_data_conv'));
                 }
                 $shib_user = ilShibbolethPluginWrapper::getInstance()->beforeUpdateUser($shib_user);
                 $shib_user->update();
                 $shib_user = ilShibbolethPluginWrapper::getInstance()->afterUpdateUser($shib_user);
                 ilShibbolethRoleAssignmentRules::updateAssignments($shib_user->getId(), $_SERVER);
             } elseif ($account_creation !== ilShibbolethSettings::ACCOUNT_CREATION_DISABLED) {
                 $shib_user->createFields();
                 $shib_user->setPref('hits_per_page', $this->settings->get('hits_per_page'));

                 // Modify user data before creating the user
                 // Include custom code that can be used to further modify
                 // certain Shibboleth user attributes
                 if (
                     $this->ilias->getSetting('shib_data_conv') &&
                     $this->ilias->getSetting('shib_data_conv', '') !== '' &&
                     is_readable($this->ilias->getSetting('shib_data_conv'))
                 ) {
                     include($this->ilias->getSetting('shib_data_conv'));
                 }
                 $shib_user = ilShibbolethPluginWrapper::getInstance()->beforeCreateUser($shib_user);
                 if ($account_creation === ilShibbolethSettings::ACCOUNT_CREATION_WITH_APPROVAL) {
                     $shib_user->setActive(false);
                 }
                 $shib_user->create();
                 $shib_user->saveAsNew();
                 $shib_user->updateOwner();
                 $shib_user->writePrefs();
                 $shib_user = ilShibbolethPluginWrapper::getInstance()->afterCreateUser($shib_user);
                 ilShibbolethRoleAssignmentRules::doAssignments($shib_user->getId(), $_SERVER);
             }

             if (!$new_user || $account_creation === ilShibbolethSettings::ACCOUNT_CREATION_ENABLED) {
                 $status->setStatus(ilAuthStatus::STATUS_AUTHENTICATED);
                 $status->setAuthenticatedUserId(ilObjUser::_lookupId($shib_user->getLogin()));
             } elseif ($account_creation === ilShibbolethSettings::ACCOUNT_CREATION_WITH_APPROVAL) {
                 $status->setStatus(ilAuthStatus::STATUS_AUTHENTICATION_FAILED);
                 $status->setReason('err_inactive');
             } else {
                 $status->setStatus(ilAuthStatus::STATUS_AUTHENTICATION_FAILED);
                 $status->setReason('err_disabled');
             }

         } else {
             $this->getLogger()->info('Shibboleth authentication failed.');
             $this->handleAuthenticationFail($status, 'err_wrong_login');
             return false;
         }

         return true;
     }
 }
ilShibbolethSettings\ACCOUNT_CREATION_WITH_APPROVAL
const ACCOUNT_CREATION_WITH_APPROVAL
Definition: class.ilShibbolethSettings.php:28

ilAuthCredentials
Interface of auth credentials.
Definition: interface.ilAuthCredentials.php:27

ilShibbolethSettings\ACCOUNT_CREATION_DISABLED
const ACCOUNT_CREATION_DISABLED
Definition: class.ilShibbolethSettings.php:29

ilShibbolethPluginWrapper\getInstance
static getInstance()
Definition: class.ilShibbolethPluginWrapper.php:36

ilAuthStatus\STATUS_AUTHENTICATION_FAILED
const STATUS_AUTHENTICATION_FAILED
Definition: class.ilAuthStatus.php:35

ILIAS
Interface Observer  Contains several chained tasks and infos about them.
Definition: AccessControl.php:21

ilAuthProviderShibboleth\$settings
ilSetting $settings
Definition: class.ilAuthProviderShibboleth.php:26

ilShibbolethRoleAssignmentRules\doAssignments
static doAssignments(int $a_usr_id, array $a_data)
Definition: class.ilShibbolethRoleAssignmentRules.php:92

ilObjUser\_lookupId
static _lookupId($a_user_str)
Definition: class.ilObjUser.php:692

shibServerData\getInstance
static getInstance()
Definition: class.shibServerData.php:43

ilAuthProvider\$status
int $status
Definition: class.ilAuthProvider.php:39

ilAuthProvider\handleAuthenticationFail
handleAuthenticationFail(ilAuthStatus $status, string $a_reason)
Handle failed authentication.
Definition: class.ilAuthProvider.php:71

ilAuthProvider
Base class for authentication providers (ldap, apache, ...)
Definition: class.ilAuthProvider.php:27

ilShibbolethSettings\ACCOUNT_CREATION_ENABLED
const ACCOUNT_CREATION_ENABLED
Definition: class.ilShibbolethSettings.php:27

ilAuthStatus\setStatus
setStatus(int $a_status)
Set auth status.
Definition: class.ilAuthStatus.php:69

$_SERVER
$_SERVER['HTTP_HOST']
Definition: raiseError.php:26

$DIC
global $DIC
Definition: shib_login.php:22

ilAuthProvider\$credentials
ilAuthCredentials $credentials
Definition: class.ilAuthProvider.php:37

ilAuthProviderShibboleth\doAuthentication
doAuthentication(ilAuthStatus $status)
Definition: class.ilAuthProviderShibboleth.php:43

ilAuthProviderShibboleth\$ilias
ILIAS $ilias
Definition: class.ilAuthProviderShibboleth.php:25

ilShibbolethRoleAssignmentRules\updateAssignments
static updateAssignments(int $a_usr_id, array $a_data)
Definition: class.ilShibbolethRoleAssignmentRules.php:60

ilias
Class ilObjForumAdministration.

shibUser\buildInstance
static buildInstance(shibServerData $shibServerData)
Definition: class.shibUser.php:32

ILIAS\Repository\settings
settings()
Definition: trait.GlobalDICDomainServices.php:96

ilAuthProvider\getLogger
getLogger()
Get logger.
Definition: class.ilAuthProvider.php:55

$new_user
$new_user
Definition: dummy_client.php:30

ilAuthStatus\STATUS_AUTHENTICATED
const STATUS_AUTHENTICATED
Definition: class.ilAuthStatus.php:34

ILIAS\GlobalScreen\Provider\__construct
__construct(Container $dic, ilPlugin $plugin)
Definition: PluginProviderHelper.php:37

ilAuthProviderShibboleth
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: class.ilAuthProviderShibboleth.php:23

ilAuthStatus\setReason
setReason(string $a_reason)
Set reason.
Definition: class.ilAuthStatus.php:87

ilAuthStatus\setAuthenticatedUserId
setAuthenticatedUserId(int $a_id)
Definition: class.ilAuthStatus.php:120

ilAuthStatus
Auth status implementation.
Definition: class.ilAuthStatus.php:27

ilShibbolethSettings
Class ilShibbolethSettings.
Definition: class.ilShibbolethSettings.php:8

ilSetting

ilAuthProviderShibboleth\__construct
__construct(ilAuthCredentials $credentials)
Definition: class.ilAuthProviderShibboleth.php:28