ILIAS  trunk Revision v11.0_alpha-3011-gc6b235a2e85
Public Member Functions | Data Fields | Protected Attributes
ilShibbolethWAYF Class Reference

Class ShibbolethWAYF. More...

+ Collaboration diagram for ilShibbolethWAYF:

Public Member Functions

 __construct ()
 
 isSelection ()
 
 isValidSelection ()
 
 generateSelection ()
 
 redirect ()
 @description Redirects user to the local Shibboleth session initatiotor with already set GET arguments for the right IdP and return location. More...
 
 setSAMLCookie ()
 @description Sets the standard SAML domain cookie that is also used to preselect the right entry on the local wayf More...
 
 showNotice ()
 @description Show notice in case no IdP was selected More...
 
 getIdplist ()
 @description Generate array of IdPs from ILIAS Shibboleth settings More...
 
 generateCookieArray (?string $value)
 @description Generates an array of IDPs using the cookie value More...
 
 generateCookieValue (array $arr_cookie)
 @description Generate the value that is stored in the cookie using the list of IDPs More...
 
 appendCookieValue (string $value, array $arr_cookie)
 @description Append a value to the array of IDPs More...
 

Data Fields

const COOKIE_NAME_SAML_IDP = '_saml_idp'
 
bool $is_selection = false
 
bool $is_valid_selection = false
 
string $selected_idp = '-'
 
array $idp_list = []
 

Protected Attributes

WrapperFactory $wrapper
 
ilLanguage $lng
 
ilSetting $settings
 
Refinery $refinery
 

Detailed Description

Class ShibbolethWAYF.

This class handles the Home Organization selection (also called Where Are You From service) process for Shibboleth users.

Author
Fabian Schmid fs@st.nosp@m.uder.nosp@m.-raim.nosp@m.ann..nosp@m.ch

Definition at line 32 of file class.ilShibbolethWAYF.php.

Constructor & Destructor Documentation

◆ __construct()

ilShibbolethWAYF::__construct ( )

Definition at line 44 of file class.ilShibbolethWAYF.php.

45 {
46 global $DIC;
47
48 // Was the WAYF form submitted?
49 $this->wrapper = $DIC->http()->wrapper();
50 $this->refinery = $DIC->refinery();
51 $this->settings = $DIC->settings();
52 $this->is_selection = $this->wrapper->post()->has('home_organization_selection');
53 $this->lng = $DIC->isDependencyAvailable('language')
54 ? $DIC->language()
55 : new ilLanguage(
56 $this->wrapper->query()->has('lang')
57 ? $this->wrapper->query()->retrieve('lang', $DIC->refinery()->to()->string())
58 : null
59 );
60
61 // Was selected IdP a valid
62 $this->idp_list = $this->getIdplist();
63 $idp_selection = $this->wrapper->post()->has('idp_selection')
64 ? $this->wrapper->post()->retrieve('idp_selection', $DIC->refinery()->to()->string())
65 : null;
66 if ($idp_selection !== null
67 && $idp_selection !== '-'
68 && isset($this->idp_list[$idp_selection])
69 ) {
70 $this->is_valid_selection = true;
71 $this->selected_idp = $idp_selection;
72 } else {
73 $this->is_valid_selection = false;
74 }
75 }
ilLanguage
language handling
Definition: class.ilLanguage.php:43
ilShibbolethWAYF\getIdplist
getIdplist()
@description Generate array of IdPs from ILIAS Shibboleth settings
Definition: class.ilShibbolethWAYF.php:170
$DIC
global $DIC
Definition: shib_login.php:26

References $DIC, getIdplist(), ILIAS\Repository\lng(), ILIAS\Repository\refinery(), and ILIAS\Repository\settings().

+ Here is the call graph for this function:

Member Function Documentation

◆ appendCookieValue()

ilShibbolethWAYF::appendCookieValue ( string  $value,
array  $arr_cookie 
)

@description Append a value to the array of IDPs

Definition at line 211 of file class.ilShibbolethWAYF.php.

211 : array
212 {
213 $arr_cookie[] = $value;
214 $arr_cookie = array_reverse($arr_cookie);
215 $arr_cookie = array_unique($arr_cookie);
216 return array_reverse($arr_cookie);
217 }

Referenced by setSAMLCookie().

+ Here is the caller graph for this function:

◆ generateCookieArray()

ilShibbolethWAYF::generateCookieArray ( ?string  $value)

@description Generates an array of IDPs using the cookie value

Returns
bool[]|string[]

Definition at line 190 of file class.ilShibbolethWAYF.php.

190 : array
191 {
192 if (null === $value) {
193 return [];
194 }
195 $arr_cookie = explode(' ', $value);
196 return array_map('base64_decode', $arr_cookie);
197 }

Referenced by generateSelection(), and setSAMLCookie().

+ Here is the caller graph for this function:

◆ generateCookieValue()

ilShibbolethWAYF::generateCookieValue ( array  $arr_cookie)

@description Generate the value that is stored in the cookie using the list of IDPs

Definition at line 202 of file class.ilShibbolethWAYF.php.

202 : string
203 {
204 $arr_cookie = array_map('base64_encode', $arr_cookie);
205 return implode(' ', $arr_cookie);
206 }

Referenced by setSAMLCookie().

+ Here is the caller graph for this function:

◆ generateSelection()

ilShibbolethWAYF::generateSelection ( )

Definition at line 87 of file class.ilShibbolethWAYF.php.

87 : string
88 {
89 $saml_idp = $this->wrapper->cookie()->has(self::COOKIE_NAME_SAML_IDP)
90 ? $this->wrapper->cookie()->retrieve(
91 self::COOKIE_NAME_SAML_IDP,
92 $this->refinery->kindlyTo()->string()
93 )
94 : null;
95 $idp_cookie = $this->generateCookieArray($saml_idp);
96
97 $selected_idp = null;
98 if ($idp_cookie !== [] && isset($this->idp_list[end($idp_cookie)])) {
99 $selected_idp = end($idp_cookie);
100 $select_element = '
101 <select name="idp_selection">
102 <option value="-">' . $this->lng->txt("shib_member_of") . '</option>';
103 } else {
104 $select_element = '
105 <select name="idp_selection">
106 <option value="-" selected="selected">' . $this->lng->txt("shib_member_of") . '</option>';
107 }
108
109 foreach ($this->idp_list as $idp_id => $idp_data) {
110 if ($idp_id === $selected_idp) {
111 $select_element .= '<option value="' . $idp_id . '" selected="selected">' . $idp_data[0] . '</option>';
112 } else {
113 $select_element .= '<option value="' . $idp_id . '">' . $idp_data[0] . '</option>';
114 }
115 }
116
117 return $select_element . '
118 </select>';
119 }
ilShibbolethWAYF\generateCookieArray
generateCookieArray(?string $value)
@description Generates an array of IDPs using the cookie value
Definition: class.ilShibbolethWAYF.php:190

References $selected_idp, generateCookieArray(), ILIAS\Repository\lng(), and ILIAS\Repository\refinery().

+ Here is the call graph for this function:

◆ getIdplist()

ilShibbolethWAYF::getIdplist ( )

@description Generate array of IdPs from ILIAS Shibboleth settings

Returns
array<string, string[]>

Definition at line 170 of file class.ilShibbolethWAYF.php.

170 : array
171 {
172 $idp_list = [];
173 $idp_raw_list = explode("\n", (string) $this->settings->get("shib_idp_list"));
174 foreach ($idp_raw_list as $idp_line) {
175 $idp_data = explode(',', $idp_line);
176 if (isset($idp_data[2])) {
177 $idp_list[trim($idp_data[0])] = [trim($idp_data[1]), trim($idp_data[2])];
178 } elseif (isset($idp_data[1])) {
179 $idp_list[trim($idp_data[0])] = [trim($idp_data[1])];
180 }
181 }
182
183 return $idp_list;
184 }

References $idp_list, and ILIAS\Repository\settings().

Referenced by __construct().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isSelection()

ilShibbolethWAYF::isSelection ( )

Definition at line 77 of file class.ilShibbolethWAYF.php.

77 : bool
78 {
79 return $this->is_selection;
80 }

References $is_selection.

Referenced by showNotice().

+ Here is the caller graph for this function:

◆ isValidSelection()

ilShibbolethWAYF::isValidSelection ( )

Definition at line 82 of file class.ilShibbolethWAYF.php.

82 : bool
83 {
84 return $this->is_valid_selection;
85 }

References $is_valid_selection.

Referenced by showNotice().

+ Here is the caller graph for this function:

◆ redirect()

ilShibbolethWAYF::redirect ( )

@description Redirects user to the local Shibboleth session initatiotor with already set GET arguments for the right IdP and return location.

Definition at line 124 of file class.ilShibbolethWAYF.php.

124 : void
125 {
126 // Where to return after the authentication process
127 $target = $this->wrapper->post()->has('il_target')
128 ? $this->wrapper->post()->retrieve('il_target', $this->refinery->kindlyTo()->string())
129 : '';
130 $target = trim(ILIAS_HTTP_PATH, '/') . '/shib_login.php?target=' . $target;
131 $idp_data = $this->idp_list[$this->selected_idp];
132 if (isset($idp_data[1])) {
133 ilUtil::redirect($idp_data[1] . '?providerId=' . urlencode($this->selected_idp) . '&target='
134 . urlencode($target));
135 } else {
136 // TODO: This has to be changed to /Shibboleth.sso/DS?entityId= for
137 // Shibboleth 2.x sometime...
138 ilUtil::redirect('/Shibboleth.sso?providerId=' . urlencode($this->selected_idp) . '&target='
139 . urlencode($target));
140 }
141 }
ilUtil\redirect
static redirect(string $a_script)
Definition: class.ilUtil.php:944

References $selected_idp, ilUtil\redirect(), and ILIAS\Repository\refinery().

+ Here is the call graph for this function:

◆ setSAMLCookie()

ilShibbolethWAYF::setSAMLCookie ( )

@description Sets the standard SAML domain cookie that is also used to preselect the right entry on the local wayf

Definition at line 146 of file class.ilShibbolethWAYF.php.

146 : void
147 {
148 $_saml_idp = $this->wrapper->cookie()->retrieve(self::COOKIE_NAME_SAML_IDP, $this->refinery->kindlyTo()->string());
149 $arr_idps = $_saml_idp ? $this->generateCookieArray($_saml_idp) : [];
150 $arr_idps = $this->appendCookieValue($this->selected_idp, $arr_idps);
151 setcookie(self::COOKIE_NAME_SAML_IDP, $this->generateCookieValue($arr_idps), ['expires' => time() + (100 * 24 * 3600), 'path' => '/']);
152 }
ilShibbolethWAYF\generateCookieValue
generateCookieValue(array $arr_cookie)
@description Generate the value that is stored in the cookie using the list of IDPs
Definition: class.ilShibbolethWAYF.php:202
ilShibbolethWAYF\appendCookieValue
appendCookieValue(string $value, array $arr_cookie)
@description Append a value to the array of IDPs
Definition: class.ilShibbolethWAYF.php:211

References appendCookieValue(), generateCookieArray(), generateCookieValue(), and ILIAS\Repository\refinery().

+ Here is the call graph for this function:

◆ showNotice()

ilShibbolethWAYF::showNotice ( )

@description Show notice in case no IdP was selected

Definition at line 157 of file class.ilShibbolethWAYF.php.

157 : string
158 {
159 if (!$this->isSelection() || $this->isValidSelection()) {
160 return '';
161 }
162
163 return $this->lng->txt("shib_invalid_home_organization");
164 }

References isSelection(), isValidSelection(), and ILIAS\Repository\lng().

+ Here is the call graph for this function:

Field Documentation

◆ $idp_list

array ilShibbolethWAYF::$idp_list = []

Definition at line 38 of file class.ilShibbolethWAYF.php.

Referenced by getIdplist().

◆ $is_selection

bool ilShibbolethWAYF::$is_selection = false

Definition at line 35 of file class.ilShibbolethWAYF.php.

Referenced by isSelection().

◆ $is_valid_selection

bool ilShibbolethWAYF::$is_valid_selection = false

Definition at line 36 of file class.ilShibbolethWAYF.php.

Referenced by isValidSelection().

◆ $lng

ilLanguage ilShibbolethWAYF::$lng
protected

Definition at line 40 of file class.ilShibbolethWAYF.php.

◆ $refinery

Refinery ilShibbolethWAYF::$refinery
protected

Definition at line 42 of file class.ilShibbolethWAYF.php.

◆ $selected_idp

string ilShibbolethWAYF::$selected_idp = '-'

Definition at line 37 of file class.ilShibbolethWAYF.php.

Referenced by generateSelection(), and redirect().

◆ $settings

ilSetting ilShibbolethWAYF::$settings
protected

Definition at line 41 of file class.ilShibbolethWAYF.php.

◆ $wrapper

WrapperFactory ilShibbolethWAYF::$wrapper
protected

Definition at line 39 of file class.ilShibbolethWAYF.php.

◆ COOKIE_NAME_SAML_IDP

const ilShibbolethWAYF::COOKIE_NAME_SAML_IDP = '_saml_idp'

Definition at line 34 of file class.ilShibbolethWAYF.php.

The documentation for this class was generated from the following file: