ILIAS  trunk Revision v11.0_alpha-2662-g519ff7d528f
Public Member Functions | Data Fields | Protected Attributes
ilShibbolethWAYF Class Reference

Class ShibbolethWAYF. More...

+ Collaboration diagram for ilShibbolethWAYF:

Public Member Functions

 __construct ()
 
 isSelection ()
 
 isValidSelection ()
 
 generateSelection ()
 
 redirect ()
 Redirects user to the local Shibboleth session initatiotor with already set GET arguments for the right IdP and return location. More...
 
 setSAMLCookie ()
 Sets the standard SAML domain cookie that is also used to preselect the right entry on the local wayf More...
 
 showNotice ()
 Show notice in case no IdP was selected More...
 
 getIdplist ()
 Generate array of IdPs from ILIAS Shibboleth settings More...
 
 generateCookieArray (?string $value)
 Generates an array of IDPs using the cookie value More...
 
 generateCookieValue (array $arr_cookie)
 Generate the value that is stored in the cookie using the list of IDPs More...
 
 appendCookieValue (string $value, array $arr_cookie)
 Append a value to the array of IDPs More...
 

Data Fields

const COOKIE_NAME_SAML_IDP = '_saml_idp'
 
bool $is_selection = false
 
bool $is_valid_selection = false
 
string $selected_idp = '-'
 
array $idp_list = []
 

Protected Attributes

WrapperFactory $wrapper
 
ilLanguage $lng
 
ilSetting $settings
 
Refinery $refinery
 

Detailed Description

Class ShibbolethWAYF.

This class handles the Home Organization selection (also called Where Are You From service) process for Shibboleth users.

Author
Fabian Schmid fs@st.nosp@m.uder.nosp@m.-raim.nosp@m.ann..nosp@m.ch

Definition at line 32 of file class.ilShibbolethWAYF.php.

Constructor & Destructor Documentation

◆ __construct()

ilShibbolethWAYF::__construct ( )

Definition at line 44 of file class.ilShibbolethWAYF.php.

References $DIC, getIdplist(), ILIAS\Repository\lng(), null, ILIAS\Repository\refinery(), and ILIAS\Repository\settings().

45  {
46  global $DIC;
47 
48  // Was the WAYF form submitted?
49  $this->wrapper = $DIC->http()->wrapper();
50  $this->refinery = $DIC->refinery();
51  $this->settings = $DIC->settings();
52  $this->is_selection = $this->wrapper->post()->has('home_organization_selection');
53  $this->lng = $DIC->isDependencyAvailable('language')
54  ? $DIC->language()
55  : new ilLanguage(
56  $this->wrapper->query()->has('lang')
57  ? $this->wrapper->query()->retrieve('lang', $DIC->refinery()->to()->string())
58  : null
59  );
60 
61  // Was selected IdP a valid
62  $this->idp_list = $this->getIdplist();
63  $idp_selection = $this->wrapper->post()->has('idp_selection')
64  ? $this->wrapper->post()->retrieve('idp_selection', $DIC->refinery()->to()->string())
65  : null;
66  if ($idp_selection !== null
67  && $idp_selection !== '-'
68  && isset($this->idp_list[$idp_selection])
69  ) {
70  $this->is_valid_selection = true;
71  $this->selected_idp = $idp_selection;
72  } else {
73  $this->is_valid_selection = false;
74  }
75  }
ilShibbolethWAYF\getIdplist
getIdplist()
Generate array of IdPs from ILIAS Shibboleth settings
Definition: class.ilShibbolethWAYF.php:170
null
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
Definition: shib_logout.php:144
$DIC
global $DIC
Definition: shib_login.php:26
+ Here is the call graph for this function:

Member Function Documentation

◆ appendCookieValue()

ilShibbolethWAYF::appendCookieValue ( string  $value,
array  $arr_cookie 
)

Append a value to the array of IDPs

Definition at line 211 of file class.ilShibbolethWAYF.php.

Referenced by setSAMLCookie().

211  : array
212  {
213  $arr_cookie[] = $value;
214  $arr_cookie = array_reverse($arr_cookie);
215  $arr_cookie = array_unique($arr_cookie);
216  return array_reverse($arr_cookie);
217  }
+ Here is the caller graph for this function:

◆ generateCookieArray()

ilShibbolethWAYF::generateCookieArray ( ?string  $value)

Generates an array of IDPs using the cookie value

Returns
bool[]|string[]

Definition at line 190 of file class.ilShibbolethWAYF.php.

References null.

Referenced by generateSelection(), and setSAMLCookie().

190  : array
191  {
192  if (null === $value) {
193  return [];
194  }
195  $arr_cookie = explode(' ', $value);
196  return array_map('base64_decode', $arr_cookie);
197  }
array_map
null
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
Definition: shib_logout.php:144
+ Here is the caller graph for this function:

◆ generateCookieValue()

ilShibbolethWAYF::generateCookieValue ( array  $arr_cookie)

Generate the value that is stored in the cookie using the list of IDPs

Definition at line 202 of file class.ilShibbolethWAYF.php.

Referenced by setSAMLCookie().

202  : string
203  {
204  $arr_cookie = array_map('base64_encode', $arr_cookie);
205  return implode(' ', $arr_cookie);
206  }
array_map
+ Here is the caller graph for this function:

◆ generateSelection()

ilShibbolethWAYF::generateSelection ( )

Definition at line 87 of file class.ilShibbolethWAYF.php.

References generateCookieArray(), ILIAS\Repository\lng(), null, and ILIAS\Repository\refinery().

87  : string
88  {
89  $saml_idp = $this->wrapper->cookie()->has(self::COOKIE_NAME_SAML_IDP)
90  ? $this->wrapper->cookie()->retrieve(
91  self::COOKIE_NAME_SAML_IDP,
92  $this->refinery->kindlyTo()->string()
93  )
94  : null;
95  $idp_cookie = $this->generateCookieArray($saml_idp);
96 
97  $selected_idp = null;
98  if ($idp_cookie !== [] && isset($this->idp_list[end($idp_cookie)])) {
99  $selected_idp = end($idp_cookie);
100  $select_element = '
101  <select name="idp_selection">
102  <option value="-">' . $this->lng->txt("shib_member_of") . '</option>';
103  } else {
104  $select_element = '
105  <select name="idp_selection">
106  <option value="-" selected="selected">' . $this->lng->txt("shib_member_of") . '</option>';
107  }
108 
109  foreach ($this->idp_list as $idp_id => $idp_data) {
110  if ($idp_id === $selected_idp) {
111  $select_element .= '<option value="' . $idp_id . '" selected="selected">' . $idp_data[0] . '</option>';
112  } else {
113  $select_element .= '<option value="' . $idp_id . '">' . $idp_data[0] . '</option>';
114  }
115  }
116 
117  return $select_element . '
118  </select>';
119  }
ilShibbolethWAYF\generateCookieArray
generateCookieArray(?string $value)
Generates an array of IDPs using the cookie value
Definition: class.ilShibbolethWAYF.php:190
null
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
Definition: shib_logout.php:144
+ Here is the call graph for this function:

◆ getIdplist()

ilShibbolethWAYF::getIdplist ( )

Generate array of IdPs from ILIAS Shibboleth settings

Returns
array<string, string[]>

Definition at line 170 of file class.ilShibbolethWAYF.php.

References $idp_list, and ILIAS\Repository\settings().

Referenced by __construct().

170  : array
171  {
172  $idp_list = [];
173  $idp_raw_list = explode("\n", (string) $this->settings->get("shib_idp_list"));
174  foreach ($idp_raw_list as $idp_line) {
175  $idp_data = explode(',', $idp_line);
176  if (isset($idp_data[2])) {
177  $idp_list[trim($idp_data[0])] = [trim($idp_data[1]), trim($idp_data[2])];
178  } elseif (isset($idp_data[1])) {
179  $idp_list[trim($idp_data[0])] = [trim($idp_data[1])];
180  }
181  }
182 
183  return $idp_list;
184  }
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isSelection()

ilShibbolethWAYF::isSelection ( )

Definition at line 77 of file class.ilShibbolethWAYF.php.

References $is_selection.

Referenced by showNotice().

77  : bool
78  {
79  return $this->is_selection;
80  }
+ Here is the caller graph for this function:

◆ isValidSelection()

ilShibbolethWAYF::isValidSelection ( )

Definition at line 82 of file class.ilShibbolethWAYF.php.

References $is_valid_selection.

Referenced by showNotice().

82  : bool
83  {
84  return $this->is_valid_selection;
85  }
+ Here is the caller graph for this function:

◆ redirect()

ilShibbolethWAYF::redirect ( )

Redirects user to the local Shibboleth session initatiotor with already set GET arguments for the right IdP and return location.

Definition at line 124 of file class.ilShibbolethWAYF.php.

References $selected_idp, ilUtil\redirect(), and ILIAS\Repository\refinery().

124  : void
125  {
126  // Where to return after the authentication process
127  $target = $this->wrapper->post()->has('il_target')
128  ? $this->wrapper->post()->retrieve('il_target', $this->refinery->kindlyTo()->string())
129  : '';
130  $target = trim(ILIAS_HTTP_PATH, '/') . '/shib_login.php?target=' . $target;
131  $idp_data = $this->idp_list[$this->selected_idp];
132  if (isset($idp_data[1])) {
133  ilUtil::redirect($idp_data[1] . '?providerId=' . urlencode($this->selected_idp) . '&target='
134  . urlencode($target));
135  } else {
136  // TODO: This has to be changed to /Shibboleth.sso/DS?entityId= for
137  // Shibboleth 2.x sometime...
138  ilUtil::redirect('/Shibboleth.sso?providerId=' . urlencode($this->selected_idp) . '&target='
139  . urlencode($target));
140  }
141  }
ilUtil\redirect
static redirect(string $a_script)
Definition: class.ilUtil.php:939
+ Here is the call graph for this function:

◆ setSAMLCookie()

ilShibbolethWAYF::setSAMLCookie ( )

Sets the standard SAML domain cookie that is also used to preselect the right entry on the local wayf

Definition at line 146 of file class.ilShibbolethWAYF.php.

References appendCookieValue(), generateCookieArray(), generateCookieValue(), and ILIAS\Repository\refinery().

146  : void
147  {
148  $_saml_idp = $this->wrapper->cookie()->retrieve(self::COOKIE_NAME_SAML_IDP, $this->refinery->kindlyTo()->string());
149  $arr_idps = $_saml_idp ? $this->generateCookieArray($_saml_idp) : [];
150  $arr_idps = $this->appendCookieValue($this->selected_idp, $arr_idps);
151  setcookie(self::COOKIE_NAME_SAML_IDP, $this->generateCookieValue($arr_idps), ['expires' => time() + (100 * 24 * 3600), 'path' => '/']);
152  }
ilShibbolethWAYF\generateCookieValue
generateCookieValue(array $arr_cookie)
Generate the value that is stored in the cookie using the list of IDPs
Definition: class.ilShibbolethWAYF.php:202
ilShibbolethWAYF\generateCookieArray
generateCookieArray(?string $value)
Generates an array of IDPs using the cookie value
Definition: class.ilShibbolethWAYF.php:190
ilShibbolethWAYF\appendCookieValue
appendCookieValue(string $value, array $arr_cookie)
Append a value to the array of IDPs
Definition: class.ilShibbolethWAYF.php:211
+ Here is the call graph for this function:

◆ showNotice()

ilShibbolethWAYF::showNotice ( )

Show notice in case no IdP was selected

Definition at line 157 of file class.ilShibbolethWAYF.php.

References isSelection(), isValidSelection(), and ILIAS\Repository\lng().

157  : string
158  {
159  if (!$this->isSelection() || $this->isValidSelection()) {
160  return '';
161  }
162 
163  return $this->lng->txt("shib_invalid_home_organization");
164  }
+ Here is the call graph for this function:

Field Documentation

◆ $idp_list

array ilShibbolethWAYF::$idp_list = []

Definition at line 38 of file class.ilShibbolethWAYF.php.

Referenced by getIdplist().

◆ $is_selection

bool ilShibbolethWAYF::$is_selection = false

Definition at line 35 of file class.ilShibbolethWAYF.php.

Referenced by isSelection().

◆ $is_valid_selection

bool ilShibbolethWAYF::$is_valid_selection = false

Definition at line 36 of file class.ilShibbolethWAYF.php.

Referenced by isValidSelection().

◆ $lng

ilLanguage ilShibbolethWAYF::$lng
protected

Definition at line 40 of file class.ilShibbolethWAYF.php.

◆ $refinery

Refinery ilShibbolethWAYF::$refinery
protected

Definition at line 42 of file class.ilShibbolethWAYF.php.

◆ $selected_idp

string ilShibbolethWAYF::$selected_idp = '-'

Definition at line 37 of file class.ilShibbolethWAYF.php.

Referenced by redirect().

◆ $settings

ilSetting ilShibbolethWAYF::$settings
protected

Definition at line 41 of file class.ilShibbolethWAYF.php.

◆ $wrapper

WrapperFactory ilShibbolethWAYF::$wrapper
protected

Definition at line 39 of file class.ilShibbolethWAYF.php.

◆ COOKIE_NAME_SAML_IDP

const ilShibbolethWAYF::COOKIE_NAME_SAML_IDP = '_saml_idp'

Definition at line 34 of file class.ilShibbolethWAYF.php.

The documentation for this class was generated from the following file: