ilAuthProviderShibboleth Class Reference

This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Learning e.V. More...

Inheritance diagram for ilAuthProviderShibboleth:

Collaboration diagram for ilAuthProviderShibboleth:

Public Member Functions
	__construct (ilAuthCredentials $credentials)
	doAuthentication (ilAuthStatus $status)
Public Member Functions inherited from ilAuthProvider
	__construct (ilAuthCredentials $credentials)
	getLogger ()
	getCredentials ()
	doAuthentication (ilAuthStatus $status)

Private Attributes
ILIAS	$ilias
ilSetting	$settings

Additional Inherited Members
Protected Member Functions inherited from ilAuthProvider
	handleAuthenticationFail (ilAuthStatus $status, string $a_reason)

Detailed Description

This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Learning e.V.

ILIAS is licensed with the GPL-3.0, see https://www.gnu.org/licenses/gpl-3.0.en.html You should have received a copy of said license along with the source code, too.

If this is not the case or you just want to try ILIAS, you'll find us at: https://www.ilias.de https://github.com/ILIAS-eLearning Shibboleth authentication provider

Definition at line 23 of file class.ilAuthProviderShibboleth.php.

Constructor & Destructor Documentation

__construct()

ilAuthProviderShibboleth::__construct

(

ilAuthCredentials

$credentials

)

Reimplemented from ilAuthProvider.

Definition at line 28 of file class.ilAuthProviderShibboleth.php.

    {
        global $DIC;
        $this->ilias = $DIC['ilias'];
        $this->settings = $DIC->settings();
        parent::__construct($credentials);
    }

References ilAuthProvider\$credentials, $DIC, ILIAS\GlobalScreen\Provider\__construct(), and ILIAS\Repository\settings().

Here is the call graph for this function:

Member Function Documentation

doAuthentication()

ilAuthProviderShibboleth::doAuthentication

(

ilAuthStatus

$status

)

Exceptions

ilObjectNotFoundException
ilSystemStyleException
ilPasswordException
ilObjectTypeMismatchException
ilUserException

@noRector

@noRector

Implements ilAuthProviderInterface.

Definition at line 43 of file class.ilAuthProviderShibboleth.php.

                                                          : bool
    {
        $shib_server_data = shibServerData::getInstance();
 
        if ($shib_server_data->getLogin() !== '' && $shib_server_data->getLogin() !== '0') {
            $shib_user = shibUser::buildInstance($shib_server_data);
            // for backword compatibility of hook environment variables
            $new_user = $shib_user->isNew(); // For shib_data_conv included Script
            $settings = new ilShibbolethSettings();
            $account_creation = $settings->getAccountCreation();
            if (!$new_user) {
                $shib_user->updateFields();
                // Include custom code that can be used to further modify
                // certain Shibboleth user attributes
                if (
                    $this->ilias->getSetting('shib_data_conv') &&
                    $this->ilias->getSetting('shib_data_conv') !== '' &&
                    is_readable($this->ilias->getSetting('shib_data_conv'))
                ) {
                    include($this->ilias->getSetting('shib_data_conv'));
                }
                $shib_user = ilShibbolethPluginWrapper::getInstance()->beforeUpdateUser($shib_user);
                $shib_user->update();
                $shib_user = ilShibbolethPluginWrapper::getInstance()->afterUpdateUser($shib_user);
                ilShibbolethRoleAssignmentRules::updateAssignments($shib_user->getId(), $_SERVER);
            } elseif ($account_creation !== ilShibbolethSettings::ACCOUNT_CREATION_DISABLED) {
                $shib_user->createFields();
                $shib_user->setPref('hits_per_page', $this->settings->get('hits_per_page'));
 
                // Modify user data before creating the user
                // Include custom code that can be used to further modify
                // certain Shibboleth user attributes
                if (
                    $this->ilias->getSetting('shib_data_conv') &&
                    $this->ilias->getSetting('shib_data_conv', '') !== '' &&
                    is_readable($this->ilias->getSetting('shib_data_conv'))
                ) {
                    include($this->ilias->getSetting('shib_data_conv'));
                }
                $shib_user = ilShibbolethPluginWrapper::getInstance()->beforeCreateUser($shib_user);
                if ($account_creation === ilShibbolethSettings::ACCOUNT_CREATION_WITH_APPROVAL) {
                    $shib_user->setActive(false);
                }
                $shib_user->create();
                $shib_user->saveAsNew();
                $shib_user->updateOwner();
                $shib_user->writePrefs();
                $shib_user = ilShibbolethPluginWrapper::getInstance()->afterCreateUser($shib_user);
                ilShibbolethRoleAssignmentRules::doAssignments($shib_user->getId(), $_SERVER);
            }
 
            if (!$new_user || $account_creation === ilShibbolethSettings::ACCOUNT_CREATION_ENABLED) {
                $status->setStatus(ilAuthStatus::STATUS_AUTHENTICATED);
                $status->setAuthenticatedUserId(ilObjUser::_lookupId($shib_user->getLogin()));
            } elseif ($account_creation === ilShibbolethSettings::ACCOUNT_CREATION_WITH_APPROVAL) {
                $status->setStatus(ilAuthStatus::STATUS_AUTHENTICATION_FAILED);
                $status->setReason('err_inactive');
            } else {
                $status->setStatus(ilAuthStatus::STATUS_AUTHENTICATION_FAILED);
                $status->setReason('err_disabled');
            }
 
        } else {
            $this->getLogger()->info('Shibboleth authentication failed.');
            $this->handleAuthenticationFail($status, 'err_wrong_login');
            return false;
        }
 
        return true;
    }

References $_SERVER, $new_user, $settings, ilObjUser\_lookupId(), ilShibbolethSettings\ACCOUNT_CREATION_DISABLED, ilShibbolethSettings\ACCOUNT_CREATION_ENABLED, ilShibbolethSettings\ACCOUNT_CREATION_WITH_APPROVAL, shibUser\buildInstance(), ilShibbolethRoleAssignmentRules\doAssignments(), ilShibbolethPluginWrapper\getInstance(), shibServerData\getInstance(), ilAuthProvider\getLogger(), ilAuthProvider\handleAuthenticationFail(), ilAuthStatus\setAuthenticatedUserId(), ilAuthStatus\setReason(), ilAuthStatus\setStatus(), ILIAS\Repository\settings(), ilAuthStatus\STATUS_AUTHENTICATED, ilAuthStatus\STATUS_AUTHENTICATION_FAILED, and ilShibbolethRoleAssignmentRules\updateAssignments().

Here is the call graph for this function:

Field Documentation

$ilias

ILIAS ilAuthProviderShibboleth::$ilias

private

Definition at line 25 of file class.ilAuthProviderShibboleth.php.

$settings

ilSetting ilAuthProviderShibboleth::$settings

private

Definition at line 26 of file class.ilAuthProviderShibboleth.php.

Referenced by doAuthentication().

---

The documentation for this class was generated from the following file:

• components/ILIAS/AuthShibboleth/classes/class.ilAuthProviderShibboleth.php