ILIAS  trunk Revision v11.0_alpha-1753-gb21ca8c4367
All Data Structures Namespaces Files Functions Variables Enumerations Enumerator Modules Pages
class.ilAuthModeDetermination.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
24 class ilAuthModeDetermination
25 {
26  public const TYPE_MANUAL = 0;
27  public const TYPE_AUTOMATIC = 1;
28 
29  private static ?ilAuthModeDetermination $instance = null;
30 
31  private ilLogger $logger;
32 
33  private ilSetting $settings;
34  private ilSetting $commonSettings;
35 
36  private int $kind = self::TYPE_MANUAL;
37  private array $position = [];
38 
39 
46  private function __construct()
47  {
48  global $DIC;
49 
50  $this->logger = $DIC->logger()->auth();
51 
52  $this->commonSettings = $DIC->settings();
53 
54  $this->settings = new ilSetting("auth_mode_determination");
55  $this->read();
56  }
57 
61  public static function _getInstance(): ilAuthModeDetermination
62  {
63  if (self::$instance) {
64  return self::$instance;
65  }
66  return self::$instance = new ilAuthModeDetermination();
67  }
68 
72  public function isManualSelection(): bool
73  {
74  return $this->kind === self::TYPE_MANUAL;
75  }
76 
80  public function getKind(): int
81  {
82  return $this->kind;
83  }
84 
91  public function setKind(int $a_kind): void
92  {
93  // TODO check value range
94  $this->kind = $a_kind;
95  }
96 
100  public function getAuthModeSequence(string $a_username = ''): array
101  {
102  if ($a_username === '') {
103  return $this->position ?: array();
104  }
105  $sorted = array();
106 
107  foreach ($this->position as $auth_key) {
108  $sid = ilLDAPServer::getServerIdByAuthMode((string) $auth_key);
109  if ($sid) {
110  $server = ilLDAPServer::getInstanceByServerId($sid);
111  $this->logger->debug('Validating username filter for ' . $server->getName());
112  if ($server->getUsernameFilter() !== '') {
113  //#17731
114  $pattern = str_replace('*', '.*?', $server->getUsernameFilter());
115 
116  foreach (ilAuthUtils::REGEX_DELIMITERS as $delimiter) {
117  $this->logger->debug('Trying pattern to match username:' . $pattern . ' => ' . $a_username);
118  set_error_handler(static function (int $severity, string $message, string $file, int $line): never {
119  throw new ErrorException($message, $severity, $severity, $file, $line);
120  });
121 
122  try {
123  if (preg_match($delimiter . "^" . $pattern . '$' . $delimiter . 'i', $a_username) === 1) {
124  $this->logger->debug('Filter matches for ' . $a_username);
125  array_unshift($sorted, $auth_key);
126  continue 2;
127  }
128  break;
129  } catch (Exception $ex) {
130  $this->logger->warning('Error occurred in preg_match Ex.: ' . $ex->getMessage());
131  } finally {
132  restore_error_handler();
133  }
134  }
135 
136  $this->logger->debug('Filter matches not for ' . $a_username . ' <-> ' . $server->getUsernameFilter());
137  }
138  }
139  $sorted[] = $auth_key;
140  }
141 
142  return $sorted;
143  }
144 
148  public function getCountActiveAuthModes(): int
149  {
150  return count($this->position);
151  }
152 
159  public function setAuthModeSequence(array $a_pos): void
160  {
161  $this->position = $a_pos;
162  }
163 
167  public function save(): void
168  {
169  $this->settings->deleteAll();
170 
171  $this->settings->set('kind', (string) $this->getKind());
172 
173  $counter = 0;
174  foreach ($this->position as $auth_mode) {
175  $this->settings->set((string) $counter++, (string) $auth_mode);
176  }
177  }
178 
179 
183  private function read(): void
184  {
185  $this->kind = (int) $this->settings->get('kind', (string) self::TYPE_MANUAL);
186 
187  $soap_active = (bool) $this->commonSettings->get('soap_auth_active', "");
188 
189  // apache settings
190  $apache_settings = new ilSetting('apache_auth');
191  $apache_active = $apache_settings->get('apache_enable_auth');
192 
193  // Check if active
194  $i = 0;
195  while (true) {
196  $auth_mode = $this->settings->get((string) $i++, null);
197  if ($auth_mode === null) {
198  break;
199  }
200  if ($auth_mode) {
201  switch ((int) $auth_mode) {
202  case ilAuthUtils::AUTH_LOCAL:
203  $this->position[] = (int) $auth_mode;
204  break;
205  case ilAuthUtils::AUTH_LDAP:
206  $auth_id = ilLDAPServer::getServerIdByAuthMode($auth_mode);
207  if ($auth_id === null) {
208  break;
209  }
210  $server = ilLDAPServer::getInstanceByServerId($auth_id);
211 
212  if ($server->isActive()) {
213  $this->position[] = $auth_mode;
214  }
215  break;
216 
217  case ilAuthUtils::AUTH_SOAP:
218  if ($soap_active) {
219  $this->position[] = (int) $auth_mode;
220  }
221  break;
222 
223  case ilAuthUtils::AUTH_APACHE:
224  if ($apache_active) {
225  $this->position[] = (int) $auth_mode;
226  }
227  break;
228 
229  default:
230  foreach (ilAuthUtils::getAuthPlugins() as $pl) {
231  if ($pl->isAuthActive((int) $auth_mode)) {
232  $this->position[] = $auth_mode;
233  }
234  }
235  break;
236  }
237  }
238  }
239 
240  // Append missing active auth modes
241  if (!in_array(ilAuthUtils::AUTH_LOCAL, $this->position, true)) {
242  $this->position[] = ilAuthUtils::AUTH_LOCAL;
243  }
244  // begin-patch ldap_multiple
245  foreach (ilLDAPServer::_getActiveServerList() as $sid) {
246  $server = ilLDAPServer::getInstanceByServerId($sid);
247  if ($server->isActive() && !in_array(ilAuthUtils::AUTH_LDAP . '_' . $sid, $this->position, true)) {
248  $this->position[] = (ilAuthUtils::AUTH_LDAP . '_' . $sid);
249  }
250  }
251  // end-patch ldap_multiple
252  if ($soap_active && !in_array(ilAuthUtils::AUTH_SOAP, $this->position, true)) {
253  $this->position[] = ilAuthUtils::AUTH_SOAP;
254  }
255  if ($apache_active && !in_array(ilAuthUtils::AUTH_APACHE, $this->position, true)) {
256  $this->position[] = ilAuthUtils::AUTH_APACHE;
257  }
258  // begin-patch auth_plugin
259  foreach (ilAuthUtils::getAuthPlugins() as $pl) {
260  foreach ($pl->getAuthIds() as $auth_id) {
261  if ($pl->isAuthActive($auth_id) && !in_array($auth_id, $this->position, true)) {
262  $this->position[] = $auth_id;
263  }
264  }
265  }
266  // end-patch auth_plugin
267  }
268 }
ilLDAPServer\getInstanceByServerId
static getInstanceByServerId(int $a_server_id)
Get instance by server id.
Definition: class.ilLDAPServer.php:101
ilAuthModeDetermination\getAuthModeSequence
getAuthModeSequence(string $a_username='')
get auth mode sequence
Definition: class.ilAuthModeDetermination.php:100
ilLDAPServer\_getActiveServerList
static _getActiveServerList()
Get active server list.
Definition: class.ilLDAPServer.php:139
null
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
Definition: shib_logout.php:142
ilLDAPServer\getServerIdByAuthMode
static getServerIdByAuthMode(string $a_auth_mode)
Get auth id by auth mode.
Definition: class.ilLDAPServer.php:401
ilAuthUtils\getAuthPlugins
static getAuthPlugins()
Get active enabled auth plugins.
Definition: class.ilAuthUtils.php:664
ilAuthModeDetermination\setKind
setKind(int $a_kind)
set kind of determination
Definition: class.ilAuthModeDetermination.php:91
$DIC
global $DIC
Definition: shib_login.php:22
ilAuthModeDetermination\__construct
__construct()
Constructor (Singleton)
Definition: class.ilAuthModeDetermination.php:46
ilAuthModeDetermination\setAuthModeSequence
setAuthModeSequence(array $a_pos)
set auth mode sequence
Definition: class.ilAuthModeDetermination.php:159
ilAuthModeDetermination\$instance
static ilAuthModeDetermination $instance
Definition: class.ilAuthModeDetermination.php:29
ilAuthModeDetermination\getCountActiveAuthModes
getCountActiveAuthModes()
get number of auth modes
Definition: class.ilAuthModeDetermination.php:148
$message
$message
Definition: xapiexit.php:31
$server
$server
Definition: shib_login.php:24