ILIAS  trunk Revision v11.0_alpha-3011-gc6b235a2e85
Public Member Functions | Protected Member Functions | Private Attributes
ilAuthFrontendCredentialsApache Class Reference
+ Inheritance diagram for ilAuthFrontendCredentialsApache:
+ Collaboration diagram for ilAuthFrontendCredentialsApache:

Public Member Functions

 __construct (ServerRequestInterface $httpRequest, ilCtrlInterface $ctrl)
 
 tryAuthenticationOnLoginPage ()
 Check if an authentication attempt should be done when login page has been called. More...
 
 initFromRequest ()
 
 hasValidTargetUrl ()
 
 getTargetUrl ()
 
- Public Member Functions inherited from ilAuthFrontendCredentials
 __construct ()
 
 setUsername (string $a_name)
 
 getUsername ()
 
 setPassword (string $a_password)
 
 getPassword ()
 
 setAuthMode (string $a_auth_mode)
 
 getAuthMode ()
 
 setUsername (string $a_name)
 
 getUsername ()
 
 setPassword (string $a_password)
 
 getPassword ()
 
 setAuthMode (string $a_auth_mode)
 
 getAuthMode ()
 

Protected Member Functions

 getSettings ()
 

Private Attributes

ServerRequestInterface $httpRequest
 
ilCtrlInterface $ctrl
 
ilSetting $settings
 

Additional Inherited Members

- Protected Attributes inherited from ilAuthFrontendCredentials
ilLogger $logger
 

Detailed Description

Definition at line 23 of file class.ilAuthFrontendCredentialsApache.php.

Constructor & Destructor Documentation

◆ __construct()

ilAuthFrontendCredentialsApache::__construct ( ServerRequestInterface  $httpRequest,
ilCtrlInterface  $ctrl 
)

Definition at line 29 of file class.ilAuthFrontendCredentialsApache.php.

30 {
31 $this->httpRequest = $httpRequest;
32 $this->ctrl = $ctrl;
33 $this->settings = new ilSetting('apache_auth');
34 parent::__construct();
35 }
ilSetting
ILIAS Setting Class.
Definition: class.ilSetting.php:27
ILIAS\GlobalScreen\Provider\__construct
__construct(Container $dic, ilPlugin $plugin)
@inheritDoc
Definition: PluginProviderHelper.php:38

References $ctrl, $httpRequest, ILIAS\GlobalScreen\Provider\__construct(), ILIAS\Repository\ctrl(), and ILIAS\Repository\settings().

+ Here is the call graph for this function:

Member Function Documentation

◆ getSettings()

ilAuthFrontendCredentialsApache::getSettings ( )
protected

Definition at line 88 of file class.ilAuthFrontendCredentialsApache.php.

88 : ilSetting
89 {
90 return $this->settings;
91 }

References $settings.

Referenced by initFromRequest(), and tryAuthenticationOnLoginPage().

+ Here is the caller graph for this function:

◆ getTargetUrl()

ilAuthFrontendCredentialsApache::getTargetUrl ( )

Definition at line 133 of file class.ilAuthFrontendCredentialsApache.php.

133 : string
134 {
135 return ilUtil::appendUrlParameterString(trim($this->httpRequest->getQueryParams()['r']), 'passed_sso=1');
136 }
ilUtil\appendUrlParameterString
static appendUrlParameterString(string $a_url, string $a_par, bool $xml_style=false)
Definition: class.ilUtil.php:381

References ilUtil\appendUrlParameterString().

+ Here is the call graph for this function:

◆ hasValidTargetUrl()

ilAuthFrontendCredentialsApache::hasValidTargetUrl ( )

Definition at line 113 of file class.ilAuthFrontendCredentialsApache.php.

113 : bool
114 {
115 $targetUrl = trim((string) ($this->httpRequest->getQueryParams()['r'] ?? ''));
116 if ($targetUrl === '') {
117 return false;
118 }
119
120 $validDomains = [];
121 $path = ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt';
122 if (file_exists($path) && is_readable($path)) {
123 foreach (file($path) as $line) {
124 if (trim($line)) {
125 $validDomains[] = trim($line);
126 }
127 }
128 }
129
130 return (new ilWhiteListUrlValidator($targetUrl, $validDomains))->isValid();
131 }
CLIENT_ID
const CLIENT_ID
Definition: constants.php:41
ILIAS_DATA_DIR
const ILIAS_DATA_DIR
Definition: constants.php:44
$path
$path
Definition: ltiservices.php:30

References $path, CLIENT_ID, and ILIAS_DATA_DIR.

◆ initFromRequest()

ilAuthFrontendCredentialsApache::initFromRequest ( )

Definition at line 93 of file class.ilAuthFrontendCredentialsApache.php.

93 : void
94 {
95 $mappingFieldName = $this->getSettings()->get('apache_auth_username_direct_mapping_fieldname', '');
96
97 $this->logger->dump($this->httpRequest->getServerParams(), ilLogLevel::DEBUG);
98 $this->logger->debug($mappingFieldName);
99
100 switch ($this->getSettings()->get('apache_auth_username_config_type')) {
101 case ilAuthProviderApache::APACHE_AUTH_TYPE_DIRECT_MAPPING:
102 if (isset($this->httpRequest->getServerParams()[$mappingFieldName])) {
103 $this->setUsername($this->httpRequest->getServerParams()[$mappingFieldName]);
104 }
105 break;
106
107 case ilAuthProviderApache::APACHE_AUTH_TYPE_BY_FUNCTION:
108 $this->setUsername(ApacheCustom::getUsername());
109 break;
110 }
111 }

References ilAuthProviderApache\APACHE_AUTH_TYPE_BY_FUNCTION, ilAuthProviderApache\APACHE_AUTH_TYPE_DIRECT_MAPPING, ilLogLevel\DEBUG, getSettings(), ApacheCustom\getUsername(), ILIAS\Repository\logger(), and ilAuthFrontendCredentials\setUsername().

+ Here is the call graph for this function:

◆ tryAuthenticationOnLoginPage()

ilAuthFrontendCredentialsApache::tryAuthenticationOnLoginPage ( )

Check if an authentication attempt should be done when login page has been called.

Redirects in case no apache authentication has been tried before (GET['passed_sso'])

Definition at line 41 of file class.ilAuthFrontendCredentialsApache.php.

41 : void
42 {
43 $cmd = (string) ($this->httpRequest->getQueryParams()['cmd'] ?? '');
44 if ($cmd === '') {
45 $cmd = (string) ($this->httpRequest->getParsedBody()['cmd'] ?? '');
46 }
47
48 if ($cmd === 'force_login') {
49 return;
50 }
51
52 if (!$this->getSettings()->get('apache_enable_auth', '0')) {
53 return;
54 }
55
56 if (!$this->getSettings()->get('apache_auth_authenticate_on_login_page', '0')) {
57 return;
58 }
59
60 if (
61 (defined('IL_CERT_SSO') && (int) IL_CERT_SSO === 1) ||
62 !ilContext::supportsRedirects() ||
63 isset($this->httpRequest->getQueryParams()['passed_sso'])
64 ) {
65 return;
66 }
67
68 $path = (string) ($this->httpRequest->getServerParams()['REQUEST_URI'] ?? '');
69 if (str_starts_with($path, '/')) {
70 $path = substr($path, 1);
71 }
72
73 if (!str_starts_with($path, 'http')) {
74 $parts = parse_url(ILIAS_HTTP_PATH);
75 $path = $parts['scheme'] . '://' . $parts['host'] . '/' . $path;
76 }
77
78 $this->ctrl->redirectToURL(
79 ilUtil::getHtmlPath(
80 './public/sso/index.php?force_mode_apache=1&' .
81 'r=' . urlencode($path) .
82 '&cookie_path=' . urlencode(IL_COOKIE_PATH) .
83 '&ilias_path=' . urlencode(ILIAS_HTTP_PATH)
84 )
85 );
86 }
IL_COOKIE_PATH
const IL_COOKIE_PATH(isset($_GET['client_id']))
Definition: index.php:47
ilContext\supportsRedirects
static supportsRedirects()
Are redirects supported?
Definition: class.ilContext.php:89
ilUtil\getHtmlPath
static getHtmlPath(string $relative_path)
get url of path
Definition: class.ilUtil.php:111
$parts
if($clientAssertionType !='urn:ietf:params:oauth:client-assertion-type:jwt-bearer'|| $grantType !='client_credentials') $parts
Definition: ltitoken.php:61

References $parts, $path, ILIAS\Repository\ctrl(), ilUtil\getHtmlPath(), getSettings(), IL_COOKIE_PATH, ILIAS\Repository\int(), and ilContext\supportsRedirects().

+ Here is the call graph for this function:

Field Documentation

◆ $ctrl

ilCtrlInterface ilAuthFrontendCredentialsApache::$ctrl
private

Definition at line 26 of file class.ilAuthFrontendCredentialsApache.php.

Referenced by __construct().

◆ $httpRequest

ServerRequestInterface ilAuthFrontendCredentialsApache::$httpRequest
private

Definition at line 25 of file class.ilAuthFrontendCredentialsApache.php.

Referenced by __construct().

◆ $settings

ilSetting ilAuthFrontendCredentialsApache::$settings
private

Definition at line 27 of file class.ilAuthFrontendCredentialsApache.php.

Referenced by getSettings().

The documentation for this class was generated from the following file: