ILIAS  trunk Revision v11.0_alpha-2638-g80c1d007f79
class.ilAuthModeDetermination.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
21 class ilAuthModeDetermination
22 {
23  public const int TYPE_MANUAL = 0;
24  public const int TYPE_AUTOMATIC = 1;
25 
26  private static ?ilAuthModeDetermination $instance = null;
27 
28  private ilLogger $logger;
29  private ilSetting $settings;
30  private ilSetting $commonSettings;
31  private int $kind = self::TYPE_MANUAL;
33  private array $position = [];
34 
35  private function __construct()
36  {
37  global $DIC;
38 
39  $this->logger = $DIC->logger()->auth();
40 
41  $this->commonSettings = $DIC->settings();
42 
43  $this->settings = new ilSetting('auth_mode_determination');
44  $this->read();
45  }
46 
47  public static function _getInstance(): ilAuthModeDetermination
48  {
49  return self::$instance ??= new ilAuthModeDetermination();
50  }
51 
52  public function isManualSelection(): bool
53  {
54  return $this->kind === self::TYPE_MANUAL;
55  }
56 
60  public function getKind(): int
61  {
62  return $this->kind;
63  }
64 
68  public function setKind(int $a_kind): void
69  {
70  if (!in_array($a_kind, [self::TYPE_MANUAL, self::TYPE_AUTOMATIC], true)) {
71  throw new InvalidArgumentException('Invalid kind given');
72  }
73 
74  $this->kind = $a_kind;
75  }
76 
80  public function getAuthModeSequence(string $a_username = ''): array
81  {
82  if ($a_username === '') {
83  return $this->position;
84  }
85 
86  $sorted = [];
87  foreach ($this->position as $auth_key) {
88  $sid = ilLDAPServer::getServerIdByAuthMode((string) $auth_key);
89  if ($sid) {
90  $server = ilLDAPServer::getInstanceByServerId($sid);
91  $this->logger->debug('Validating username filter for ' . $server->getName());
92  if ($server->getUsernameFilter() !== '') {
93  //#17731
94  $pattern = str_replace('*', '.*?', $server->getUsernameFilter());
95 
96  foreach (ilAuthUtils::REGEX_DELIMITERS as $delimiter) {
97  $this->logger->debug('Trying pattern to match username:' . $pattern . ' => ' . $a_username);
98  set_error_handler(static function (int $severity, string $message, string $file, int $line): never {
99  throw new ErrorException($message, $severity, $severity, $file, $line);
100  });
101 
102  try {
103  if (preg_match($delimiter . '^' . $pattern . '$' . $delimiter . 'i', $a_username) === 1) {
104  $this->logger->debug('Filter matches for ' . $a_username);
105  array_unshift($sorted, $auth_key);
106  continue 2;
107  }
108  break;
109  } catch (Exception $ex) {
110  $this->logger->warning('Error occurred in preg_match Ex.: ' . $ex->getMessage());
111  } finally {
112  restore_error_handler();
113  }
114  }
115 
116  $this->logger->debug('Filter matches not for ' . $a_username . ' <-> ' . $server->getUsernameFilter());
117  }
118  }
119  $sorted[] = $auth_key;
120  }
121 
122  return $sorted;
123  }
124 
125  public function getCountActiveAuthModes(): int
126  {
127  return count($this->position);
128  }
129 
134  public function setAuthModeSequence(array $a_pos): void
135  {
136  $this->position = $a_pos;
137  }
138 
139  public function save(): void
140  {
141  $this->settings->deleteAll();
142 
143  $this->settings->set('kind', (string) $this->getKind());
144 
145  $counter = 0;
146  foreach ($this->position as $auth_mode) {
147  $this->settings->set((string) $counter++, (string) $auth_mode);
148  }
149  }
150 
151 
152  private function read(): void
153  {
154  $this->kind = (int) $this->settings->get('kind', (string) self::TYPE_MANUAL);
155 
156  $soap_active = (bool) $this->commonSettings->get('soap_auth_active', '');
157 
158  $apache_settings = new ilSetting('apache_auth');
159  $apache_active = $apache_settings->get('apache_enable_auth');
160 
161  // Check if active
162  $i = 0;
163  while (true) {
164  $auth_mode = $this->settings->get((string) $i++, null);
165  if ($auth_mode === null) {
166  break;
167  }
168 
169  if ($auth_mode) {
170  switch ((int) $auth_mode) {
171  case ilAuthUtils::AUTH_LOCAL:
172  $this->position[] = (int) $auth_mode;
173  break;
174 
175  case ilAuthUtils::AUTH_LDAP:
176  $auth_id = ilLDAPServer::getServerIdByAuthMode($auth_mode);
177  if ($auth_id === null) {
178  break;
179  }
180 
181  $server = ilLDAPServer::getInstanceByServerId($auth_id);
182  if ($server->isActive()) {
183  $this->position[] = $auth_mode;
184  }
185  break;
186 
187  case ilAuthUtils::AUTH_SOAP:
188  if ($soap_active) {
189  $this->position[] = (int) $auth_mode;
190  }
191  break;
192 
193  case ilAuthUtils::AUTH_APACHE:
194  if ($apache_active) {
195  $this->position[] = (int) $auth_mode;
196  }
197  break;
198 
199  default:
200  foreach (ilAuthUtils::getAuthPlugins() as $pl) {
201  if ($pl->isAuthActive((int) $auth_mode)) {
202  $this->position[] = (int) $auth_mode;
203  }
204  }
205  break;
206  }
207  }
208  }
209 
210  // Append missing active auth modes
211  if (!in_array(ilAuthUtils::AUTH_LOCAL, $this->position, true)) {
212  $this->position[] = ilAuthUtils::AUTH_LOCAL;
213  }
214  // begin-patch ldap_multiple
215  foreach (ilLDAPServer::_getActiveServerList() as $sid) {
216  $server = ilLDAPServer::getInstanceByServerId($sid);
217  if ($server->isActive() && !in_array(ilAuthUtils::AUTH_LDAP . '_' . $sid, $this->position, true)) {
218  $this->position[] = ilAuthUtils::AUTH_LDAP . '_' . $sid;
219  }
220  }
221  // end-patch ldap_multiple
222  if ($soap_active && !in_array(ilAuthUtils::AUTH_SOAP, $this->position, true)) {
223  $this->position[] = ilAuthUtils::AUTH_SOAP;
224  }
225  if ($apache_active && !in_array(ilAuthUtils::AUTH_APACHE, $this->position, true)) {
226  $this->position[] = ilAuthUtils::AUTH_APACHE;
227  }
228  // begin-patch auth_plugin
229  foreach (ilAuthUtils::getAuthPlugins() as $pl) {
230  foreach ($pl->getAuthIds() as $auth_id) {
231  if ($pl->isAuthActive($auth_id) && !in_array($auth_id, $this->position, true)) {
232  $this->position[] = $auth_id;
233  }
234  }
235  }
236  // end-patch auth_plugin
237  }
238 }
ilAuthUtils\AUTH_SOAP
const int AUTH_SOAP
Definition: class.ilAuthUtils.php:31
ilLDAPServer\getInstanceByServerId
static getInstanceByServerId(int $a_server_id)
Get instance by server id.
Definition: class.ilLDAPServer.php:101
ilAuthModeDetermination\getAuthModeSequence
getAuthModeSequence(string $a_username='')
Definition: class.ilAuthModeDetermination.php:80
ilAuthUtils\AUTH_APACHE
const int AUTH_APACHE
Definition: class.ilAuthUtils.php:34
ilLDAPServer\_getActiveServerList
static _getActiveServerList()
Get active server list.
Definition: class.ilLDAPServer.php:139
ilAuthUtils\REGEX_DELIMITERS
const array REGEX_DELIMITERS
Definition: class.ilAuthUtils.php:70
null
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
Definition: shib_logout.php:144
ilLDAPServer\getServerIdByAuthMode
static getServerIdByAuthMode(string $a_auth_mode)
Get auth id by auth mode.
Definition: class.ilLDAPServer.php:401
ilAuthUtils\getAuthPlugins
static getAuthPlugins()
Definition: class.ilAuthUtils.php:616
ilAuthUtils\AUTH_LOCAL
const int AUTH_LOCAL
Definition: class.ilAuthUtils.php:27
$DIC
global $DIC
Definition: shib_login.php:26
ilAuthModeDetermination\$instance
static ilAuthModeDetermination $instance
Definition: class.ilAuthModeDetermination.php:26
ilAuthUtils\AUTH_LDAP
const int AUTH_LDAP
Definition: class.ilAuthUtils.php:28
$message
$message
Definition: xapiexit.php:31
$server
$server
Definition: shib_login.php:28