ILIAS  trunk Revision v11.0_alpha-3011-gc6b235a2e85
class.ilAuthModeDetermination.php
Go to the documentation of this file.
1<?php
2
19declare(strict_types=1);
20
21class ilAuthModeDetermination
22{
23 public const int TYPE_MANUAL = 0;
24 public const int TYPE_AUTOMATIC = 1;
25
26 private static ?ilAuthModeDetermination $instance = null;
27
28 private ilLogger $logger;
29 private ilSetting $settings;
30 private ilSetting $commonSettings;
31 private int $kind = self::TYPE_MANUAL;
33 private array $position = [];
34
35 private function __construct()
36 {
37 global $DIC;
38
39 $this->logger = $DIC->logger()->auth();
40
41 $this->commonSettings = $DIC->settings();
42
43 $this->settings = new ilSetting('auth_mode_determination');
44 $this->read();
45 }
46
47 public static function _getInstance(): ilAuthModeDetermination
48 {
49 return self::$instance ??= new ilAuthModeDetermination();
50 }
51
52 public function isManualSelection(): bool
53 {
54 return $this->kind === self::TYPE_MANUAL;
55 }
56
60 public function getKind(): int
61 {
62 return $this->kind;
63 }
64
68 public function setKind(int $a_kind): void
69 {
70 if (!in_array($a_kind, [self::TYPE_MANUAL, self::TYPE_AUTOMATIC], true)) {
71 throw new InvalidArgumentException('Invalid kind given');
72 }
73
74 $this->kind = $a_kind;
75 }
76
80 public function getAuthModeSequence(string $a_username = ''): array
81 {
82 if ($a_username === '') {
83 return $this->position;
84 }
85
86 $sorted = [];
87 foreach ($this->position as $auth_key) {
88 $sid = ilLDAPServer::getServerIdByAuthMode((string) $auth_key);
89 if ($sid) {
90 $server = ilLDAPServer::getInstanceByServerId($sid);
91 $this->logger->debug('Validating username filter for ' . $server->getName());
92 if ($server->getUsernameFilter() !== '') {
93 //#17731
94 $pattern = str_replace('*', '.*?', $server->getUsernameFilter());
95
96 foreach (ilAuthUtils::REGEX_DELIMITERS as $delimiter) {
97 $this->logger->debug('Trying pattern to match username:' . $pattern . ' => ' . $a_username);
98 set_error_handler(static function (int $severity, string $message, string $file, int $line): never {
99 throw new ErrorException($message, $severity, $severity, $file, $line);
100 });
101
102 try {
103 if (preg_match($delimiter . '^' . $pattern . '$' . $delimiter . 'i', $a_username) === 1) {
104 $this->logger->debug('Filter matches for ' . $a_username);
105 array_unshift($sorted, $auth_key);
106 continue 2;
107 }
108 break;
109 } catch (Exception $ex) {
110 $this->logger->warning('Error occurred in preg_match Ex.: ' . $ex->getMessage());
111 } finally {
112 restore_error_handler();
113 }
114 }
115
116 $this->logger->debug('Filter matches not for ' . $a_username . ' <-> ' . $server->getUsernameFilter());
117 }
118 }
119 $sorted[] = $auth_key;
120 }
121
122 return $sorted;
123 }
124
125 public function getCountActiveAuthModes(): int
126 {
127 return count($this->position);
128 }
129
134 public function setAuthModeSequence(array $a_pos): void
135 {
136 $this->position = $a_pos;
137 }
138
139 public function save(): void
140 {
141 $this->settings->deleteAll();
142
143 $this->settings->set('kind', (string) $this->getKind());
144
145 $counter = 0;
146 foreach ($this->position as $auth_mode) {
147 $this->settings->set((string) $counter++, (string) $auth_mode);
148 }
149 }
150
151
152 private function read(): void
153 {
154 $this->kind = (int) $this->settings->get('kind', (string) self::TYPE_MANUAL);
155
156 $soap_active = (bool) $this->commonSettings->get('soap_auth_active', '');
157
158 $apache_settings = new ilSetting('apache_auth');
159 $apache_active = $apache_settings->get('apache_enable_auth');
160
161 // Check if active
162 $i = 0;
163 while (true) {
164 $auth_mode = $this->settings->get((string) $i++, null);
165 if ($auth_mode === null) {
166 break;
167 }
168
169 if ($auth_mode) {
170 switch ((int) $auth_mode) {
171 case ilAuthUtils::AUTH_LOCAL:
172 $this->position[] = (int) $auth_mode;
173 break;
174
175 case ilAuthUtils::AUTH_LDAP:
176 $auth_id = ilLDAPServer::getServerIdByAuthMode($auth_mode);
177 if ($auth_id === null) {
178 break;
179 }
180
181 $server = ilLDAPServer::getInstanceByServerId($auth_id);
182 if ($server->isActive()) {
183 $this->position[] = $auth_mode;
184 }
185 break;
186
187 case ilAuthUtils::AUTH_SOAP:
188 if ($soap_active) {
189 $this->position[] = (int) $auth_mode;
190 }
191 break;
192
193 case ilAuthUtils::AUTH_APACHE:
194 if ($apache_active) {
195 $this->position[] = (int) $auth_mode;
196 }
197 break;
198
199 default:
200 foreach (ilAuthUtils::getAuthPlugins() as $pl) {
201 if ($pl->isAuthActive((int) $auth_mode)) {
202 $this->position[] = (int) $auth_mode;
203 }
204 }
205 break;
206 }
207 }
208 }
209
210 // Append missing active auth modes
211 if (!in_array(ilAuthUtils::AUTH_LOCAL, $this->position, true)) {
212 $this->position[] = ilAuthUtils::AUTH_LOCAL;
213 }
214 // begin-patch ldap_multiple
215 foreach (ilLDAPServer::_getActiveServerList() as $sid) {
216 $server = ilLDAPServer::getInstanceByServerId($sid);
217 if ($server->isActive() && !in_array(ilAuthUtils::AUTH_LDAP . '_' . $sid, $this->position, true)) {
218 $this->position[] = ilAuthUtils::AUTH_LDAP . '_' . $sid;
219 }
220 }
221 // end-patch ldap_multiple
222 if ($soap_active && !in_array(ilAuthUtils::AUTH_SOAP, $this->position, true)) {
223 $this->position[] = ilAuthUtils::AUTH_SOAP;
224 }
225 if ($apache_active && !in_array(ilAuthUtils::AUTH_APACHE, $this->position, true)) {
226 $this->position[] = ilAuthUtils::AUTH_APACHE;
227 }
228 // begin-patch auth_plugin
229 foreach (ilAuthUtils::getAuthPlugins() as $pl) {
230 foreach ($pl->getAuthIds() as $auth_id) {
231 if ($pl->isAuthActive($auth_id) && !in_array($auth_id, $this->position, true)) {
232 $this->position[] = $auth_id;
233 }
234 }
235 }
236 // end-patch auth_plugin
237 }
238}
ilAuthModeDetermination\$instance
static ilAuthModeDetermination $instance
Definition: class.ilAuthModeDetermination.php:26
ilAuthModeDetermination\getAuthModeSequence
getAuthModeSequence(string $a_username='')
Definition: class.ilAuthModeDetermination.php:80
ilAuthUtils\REGEX_DELIMITERS
const array REGEX_DELIMITERS
Definition: class.ilAuthUtils.php:72
ilAuthUtils\AUTH_LOCAL
const int AUTH_LOCAL
Definition: class.ilAuthUtils.php:29
ilAuthUtils\AUTH_LDAP
const int AUTH_LDAP
Definition: class.ilAuthUtils.php:30
ilAuthUtils\AUTH_APACHE
const int AUTH_APACHE
Definition: class.ilAuthUtils.php:36
ilAuthUtils\getAuthPlugins
static getAuthPlugins()
Definition: class.ilAuthUtils.php:618
ilAuthUtils\AUTH_SOAP
const int AUTH_SOAP
Definition: class.ilAuthUtils.php:33
ilLDAPServer\_getActiveServerList
static _getActiveServerList()
Get active server list.
Definition: class.ilLDAPServer.php:139
ilLDAPServer\getInstanceByServerId
static getInstanceByServerId(int $a_server_id)
Get instance by server id.
Definition: class.ilLDAPServer.php:101
ilLDAPServer\getServerIdByAuthMode
static getServerIdByAuthMode(string $a_auth_mode)
Get auth id by auth mode.
Definition: class.ilLDAPServer.php:401
ilLogger
Component logger with individual log levels by component id.
Definition: class.ilLogger.php:29
ilSetting
ILIAS Setting Class.
Definition: class.ilSetting.php:27
$DIC
global $DIC
Definition: shib_login.php:26
$server
$server
Definition: shib_login.php:28
$counter
$counter
Definition: shib_logout.php:170
$message
$message
Definition: xapiexit.php:31