ILIAS  trunk Revision v11.0_alpha-2638-g80c1d007f79
class.ilObjAuthSettingsGUI.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
21 use ILIAS\Authentication\Form\ApacheAuthSettingsForm;
22 use ILIAS\Style\Content\GUIService;
23 use ILIAS\components\Authentication\Pages\AuthPageEditorContext;
24 use ILIAS\UI\Component\Input\Container\Form\Standard as StandardForm;
25 use ILIAS\UICore\GlobalTemplate;
26 
33 class ilObjAuthSettingsGUI extends ilObjectGUI
34 {
35  private const string CMD_SHOW_APACHE_SETTINGS = 'apacheAuthSettings';
36  private const string CMD_SAVE_APACHE_SETTINGS = 'saveApacheSettings';
37  private const string PROP_AUTH_MODE_KIND = 'kind';
38  private const string PROP_AUTH_MODE_SEQUENCE = 'sequence';
39 
40  private ilLogger $logger;
41 
42  private GUIService $content_style_gui;
43 
44  public function __construct($a_data, int $a_id, bool $a_call_by_reference, bool $a_prepare_output = true)
45  {
46  $this->type = 'auth';
47  parent::__construct($a_data, $a_id, $a_call_by_reference, $a_prepare_output);
48 
49  global $DIC;
50  $this->logger = $DIC->logger()->auth();
51 
52  $this->lng->loadLanguageModule('registration');
53  $this->lng->loadLanguageModule('auth');
54  $this->lng->loadLanguageModule('content');
55  $this->content_style_gui = $DIC->contentStyle()->gui();
56  }
57 
58  public function viewObject(): void
59  {
60  $this->authSettingsObject();
61  }
62 
63  private function authSettingsObject(
64  ?ILIAS\UI\Component\Input\Container\Form\Form $auth_mode_determination_form = null,
65  ?ILIAS\UI\Component\Input\Container\Form\Form $registration_role_mapping_form = null
66  ): void {
67  if (!$this->rbac_system->checkAccess('visible,read', $this->object->getRefId())) {
68  $this->ilias->raiseError($this->lng->txt('permission_denied'), $this->ilias->error_obj->MESSAGE);
69  }
70 
71  $this->tabs_gui->setTabActive('authentication_settings');
72  $this->setSubTabs('authSettings');
73  $this->tabs_gui->setSubTabActive('auth_settings');
74 
75  $generalSettingsTpl = new ilTemplate('tpl.auth_general.html', true, true, 'components/ILIAS/Authentication');
76 
77  $generalSettingsTpl->setVariable('FORMACTION', $this->ctrl->getFormAction($this));
78 
79  $generalSettingsTpl->setVariable('TXT_AUTH_MODE', $this->lng->txt('auth_mode'));
80  $generalSettingsTpl->setVariable('TXT_AUTH_DEFAULT', $this->lng->txt('default'));
81  $generalSettingsTpl->setVariable('TXT_AUTH_ACTIVE', $this->lng->txt('active'));
82  $generalSettingsTpl->setVariable('TXT_AUTH_NUM_USERS', $this->lng->txt('num_users'));
83 
84  $generalSettingsTpl->setVariable('TXT_LOCAL', $this->lng->txt('auth_local'));
85  $generalSettingsTpl->setVariable('TXT_LDAP', $this->lng->txt('auth_ldap'));
86  $generalSettingsTpl->setVariable('TXT_SHIB', $this->lng->txt('auth_shib'));
87 
88  $generalSettingsTpl->setVariable('TXT_SCRIPT', $this->lng->txt('auth_script'));
89 
90  $generalSettingsTpl->setVariable('TXT_APACHE', $this->lng->txt('auth_apache'));
91 
92  $auth_cnt = ilObjUser::_getNumberOfUsersPerAuthMode();
93  $auth_modes = ilAuthUtils::_getAllAuthModes();
94  $valid_modes = [
95  ilAuthUtils::AUTH_LOCAL,
96  ilAuthUtils::AUTH_LDAP,
97  ilAuthUtils::AUTH_SHIBBOLETH,
98  ilAuthUtils::AUTH_SAML,
99  ilAuthUtils::AUTH_APACHE,
100  ilAuthUtils::AUTH_OPENID_CONNECT
101  ];
102 
103  $icon_ok = $this->ui_renderer->render(
104  $this->ui_factory->symbol()->icon()->custom(
105  ilUtil::getImagePath('standard/icon_ok.svg'),
106  $this->lng->txt('enabled')
107  )
108  );
109  $icon_not_ok = $this->ui_renderer->render(
110  $this->ui_factory->symbol()->icon()->custom(
111  ilUtil::getImagePath('standard/icon_not_ok.svg'),
112  $this->lng->txt('disabled')
113  )
114  );
115 
116  $this->logger->debug(print_r($auth_modes, true));
117  foreach ($auth_modes as $mode => $mode_name) {
118  if (!in_array($mode, $valid_modes, true) && !ilLDAPServer::isAuthModeLDAP(
119  (string) $mode
120  ) && !ilSamlIdp::isAuthModeSaml((string) $mode)) {
121  continue;
122  }
123 
124  $generalSettingsTpl->setCurrentBlock('auth_mode');
125 
126  if (ilLDAPServer::isAuthModeLDAP((string) $mode)) {
127  $server = ilLDAPServer::getInstanceByServerId(ilLDAPServer::getServerIdByAuthMode($mode));
128  $generalSettingsTpl->setVariable('AUTH_NAME', $server->getName());
129  $generalSettingsTpl->setVariable('AUTH_ACTIVE', $server->isActive() ? $icon_ok : $icon_not_ok);
130  } elseif (ilSamlIdp::isAuthModeSaml((string) $mode)) {
131  $idp = ilSamlIdp::getInstanceByIdpId(ilSamlIdp::getIdpIdByAuthMode($mode));
132  $generalSettingsTpl->setVariable('AUTH_NAME', $idp->getEntityId());
133  $generalSettingsTpl->setVariable('AUTH_ACTIVE', $idp->isActive() ? $icon_ok : $icon_not_ok);
134  } elseif ($mode === ilAuthUtils::AUTH_OPENID_CONNECT) {
135  $generalSettingsTpl->setVariable('AUTH_NAME', $this->lng->txt('auth_' . $mode_name));
136  $generalSettingsTpl->setVariable(
137  'AUTH_ACTIVE',
138  ilOpenIdConnectSettings::getInstance()->getActive() ? $icon_ok : $icon_not_ok
139  );
140  } else {
141  $generalSettingsTpl->setVariable('AUTH_NAME', $this->lng->txt('auth_' . $mode_name));
142  $generalSettingsTpl->setVariable(
143  'AUTH_ACTIVE',
144  $this->ilias->getSetting(
145  $mode_name . '_active'
146  ) || (int) $mode === ilAuthUtils::AUTH_LOCAL ? $icon_ok : $icon_not_ok
147  );
148  }
149 
150  $auth_cnt_mode = $auth_cnt[$mode_name] ?? 0;
151  if ($this->settings->get('auth_mode') === (string) $mode) {
152  $generalSettingsTpl->setVariable('AUTH_CHECKED', 'checked="checked"');
153  $auth_cnt_default = $auth_cnt['default'] ?? 0;
154  $generalSettingsTpl->setVariable(
155  'AUTH_USER_NUM',
156  ((int) $auth_cnt_mode + $auth_cnt_default) . ' (' . $this->lng->txt('auth_per_default') .
157  ': ' . $auth_cnt_default . ')'
158  );
159  } else {
160  $generalSettingsTpl->setVariable(
161  'AUTH_USER_NUM',
162  (int) $auth_cnt_mode
163  );
164  }
165  $generalSettingsTpl->setVariable('AUTH_ID', $mode_name);
166  $generalSettingsTpl->setVariable('AUTH_VAL', $mode);
167  $generalSettingsTpl->parseCurrentBlock();
168  }
169 
170  $generalSettingsTpl->setVariable('TXT_CONFIGURE', $this->lng->txt('auth_configure'));
171 
172  if ($this->rbac_system->checkAccess('write', $this->object->getRefId())) {
173  $generalSettingsTpl->setVariable('TXT_AUTH_REMARK', $this->lng->txt('auth_remark_non_local_auth'));
174  $generalSettingsTpl->setCurrentBlock('auth_mode_submit');
175  $generalSettingsTpl->setVariable('TXT_SUBMIT', $this->lng->txt('save'));
176  $generalSettingsTpl->setVariable('CMD_SUBMIT', 'setAuthMode');
177  $generalSettingsTpl->parseCurrentBlock();
178  }
179 
180  $page_content = [
181  $this->ui_factory->panel()->standard(
182  $this->lng->txt('auth_select'),
183  $this->ui_factory->legacy()->content(implode('', [
184  $this->ui_renderer->render($this->ui_factory->messageBox()->info(
185  $this->lng->txt('auth_mode_default_change_info')
186  )),
187  $generalSettingsTpl->get()
188  ])),
189  )
190  ];
191 
192  $auth_mode_determination_form = $auth_mode_determination_form ?? $this->buildAuthModeDeterminationForm();
193  if ($auth_mode_determination_form !== null) {
194  $page_content[] = $this->ui_factory->panel()->standard(
195  $this->lng->txt('auth_auth_mode_determination'),
196  $auth_mode_determination_form
197  );
198  }
199 
200  $page_content[] = $this->ui_factory->panel()->standard(
201  $this->lng->txt('auth_active_roles'),
202  $registration_role_mapping_form ?? $this->buildRegistrationRoleMappingForm()
203  );
204 
205  $this->tpl->setContent(
206  $this->ui_renderer->render($page_content)
207  );
208  }
209 
210  private function buildRegistrationRoleMappingForm(): ILIAS\UI\Component\Input\Container\Form\Form
211  {
212  $disabled_fields = !$this->rbac_system->checkAccess('write', $this->object->getRefId());
213 
214  $fields = [];
215  $reg_roles = ilObjRole::_lookupRegisterAllowed();
216 
217  $excluded_auth_names = ['default', 'saml', 'shibboleth', 'ldap', 'apache', 'ecs', 'openid'];
218  // do not list auth modes with external login screen
219  // even not default, because it can easily be set to
220  // a non-working auth mode
221  $active_auth_modes = array_filter(
222  ilAuthUtils::_getActiveAuthModes(),
223  static fn(string $auth_name): bool => in_array($auth_name, $excluded_auth_names, true),
224  ARRAY_FILTER_USE_KEY
225  );
226 
227  foreach ($reg_roles as $role) {
228  $options = [];
229  $value = null;
230  foreach ($active_auth_modes as $auth_name => $auth_key) {
231  if ($auth_name === 'default') {
232  $name = $this->lng->txt('auth_' . $auth_name) . ' (' . $this->lng->txt(
233  'auth_' . ilAuthUtils::_getAuthModeName($auth_key)
234  ) . ')';
235  } elseif ($id = ilLDAPServer::getServerIdByAuthMode((string) $auth_key)) {
236  $server = ilLDAPServer::getInstanceByServerId($id);
237  $name = $server->getName();
238  } elseif ($id = ilSamlIdp::getIdpIdByAuthMode((string) $auth_key)) {
239  $idp = ilSamlIdp::getInstanceByIdpId($id);
240  $name = $idp->getEntityId();
241  } else {
242  $name = $this->lng->txt('auth_' . $auth_name);
243  }
244 
245  $options[$auth_name] = $name;
246 
247  if ($role['auth_mode'] === $auth_name) {
248  $value = $auth_name;
249  }
250  }
251 
252  if ($options === []) {
253  continue;
254  }
255 
256  $value = $value ?? ilAuthUtils::AUTH_LOCAL;
257 
258  $fields['r_' . $role['id']] = $this->ui_factory
259  ->input()
260  ->field()
261  ->select(
262  $role['title'],
263  $options,
264  $this->lng->txt('auth_role_auth_mode')
265  )
266  ->withRequired(true)
267  ->withValue($value)
268  ->withDedicatedName('r_' . $role['id'])
269  ->withDisabled($disabled_fields);
270  }
271 
272  return $this->ui_factory
273  ->input()
274  ->container()
275  ->form()
276  ->standard($this->ctrl->getFormAction($this, 'updateRegistrationRoleMapping'), $fields)
277  ->withDedicatedName('registration_role_mapping');
278  }
279 
280  private function updateRegistrationRoleMappingObject(): void
281  {
282  if (!$this->rbac_system->checkAccess('write', $this->object->getRefId())) {
283  $this->ilias->raiseError($this->lng->txt('permission_denied'), $this->ilias->error_obj->MESSAGE);
284  }
285 
286  $form = $this->buildRegistrationRoleMappingForm();
287  $form_valid = false;
288  $form_data = null;
289  if ($this->http->request()->getMethod() === 'POST') {
290  $form = $form->withRequest($this->http->request());
291  $form_data = $form->getData();
292  $form_valid = $form_data !== null;
293  }
294 
295  if (!$form_valid) {
296  $this->tpl->setOnScreenMessage(
297  $this->tpl::MESSAGE_TYPE_FAILURE,
298  $this->lng->txt('err_wrong_login')
299  );
300  $this->authSettingsObject(null, $form);
301  return;
302  }
303 
304  $f_object = [];
305  foreach ($form_data as $role_id => $auth_mode) {
306  $f_object[substr($role_id, 2)] = $auth_mode;
307  }
308  ilObjRole::_updateAuthMode($f_object);
309 
310  $this->tpl->setOnScreenMessage(
311  $this->tpl::MESSAGE_TYPE_SUCCESS,
312  $this->lng->txt('auth_mode_roles_changed'),
313  true
314  );
315  $this->ctrl->redirect($this, 'authSettings');
316  }
317 
318  private function buildAuthModeDeterminationForm(): ?ILIAS\UI\Component\Input\Container\Form\Form
319  {
320  $det = ilAuthModeDetermination::_getInstance();
321  if ($det->getCountActiveAuthModes() <= 1) {
322  return null;
323  }
324 
325  $disabled_fields = !$this->rbac_system->checkAccess('write', $this->object->getRefId());
326 
327  $automatic_options = [];
328  $counter = 1;
329  $auth_sequenced = $det->getAuthModeSequence();
330  foreach ($auth_sequenced as $auth_mode) {
331  $text = '';
332  switch ($auth_mode) {
333  case ilLDAPServer::isAuthModeLDAP((string) $auth_mode):
334  $auth_id = ilLDAPServer::getServerIdByAuthMode($auth_mode);
335  $server = ilLDAPServer::getInstanceByServerId($auth_id);
336  $text = $server->getName();
337  break;
338  case ilAuthUtils::AUTH_LOCAL:
339  $text = $this->lng->txt('auth_local');
340  break;
341  case ilAuthUtils::AUTH_SOAP:
342  $text = $this->lng->txt('auth_soap');
343  break;
344  case ilAuthUtils::AUTH_APACHE:
345  $text = $this->lng->txt('auth_apache');
346  break;
347  default:
348  foreach (ilAuthUtils::getAuthPlugins() as $pl) {
349  $option = $pl->getMultipleAuthModeOptions($auth_mode);
350  $text = $option[$auth_mode]['txt'];
351  }
352  break;
353  }
354 
355  $automatic_options['m' . $auth_mode] = $this->ui_factory
356  ->input()
357  ->field()
358  ->numeric($text)
359  ->withDedicatedName('m' . $auth_mode)
360  ->withValue($counter++)
361  ->withDisabled($disabled_fields);
362  }
363 
364  $options = [
365  (string) ilAuthModeDetermination::TYPE_MANUAL => $this->ui_factory
366  ->input()
367  ->field()
368  ->group(
369  [],
370  $this->lng->txt('auth_by_user')
371  )
372  ->withDedicatedName((string) ilAuthModeDetermination::TYPE_MANUAL)
373  ->withDisabled($disabled_fields),
374  (string) ilAuthModeDetermination::TYPE_AUTOMATIC => $this->ui_factory
375  ->input()
376  ->field()
377  ->group(
378  $automatic_options,
379  $this->lng->txt('auth_automatic')
380  )
381  ->withDedicatedName((string) ilAuthModeDetermination::TYPE_AUTOMATIC)
382  ->withDisabled($disabled_fields)
383  ];
384 
385  $sections = [
386  self::PROP_AUTH_MODE_KIND => $this->ui_factory
387  ->input()
388  ->field()
389  ->switchableGroup(
390  $options,
391  $this->lng->txt('auth_kind_determination'),
392  $this->lng->txt('auth_mode_determination_info')
393  )
394  ->withDedicatedName(self::PROP_AUTH_MODE_KIND)
395  ->withValue((string) $det->getKind())
396  ->withDisabled($disabled_fields)
397  ->withRequired(true)
398  ];
399 
400  return $this->ui_factory
401  ->input()
402  ->container()
403  ->form()
404  ->standard($this->ctrl->getFormAction($this, 'updateAuthModeDetermination'), $sections)
405  ->withDedicatedName('auth_mode_determination')
406  ->withAdditionalTransformation(
407  $this->refinery->custom()->transformation(function ($value): array {
408  $auth_mode_kind = (int) ($value[self::PROP_AUTH_MODE_KIND][0] ?? ilAuthModeDetermination::TYPE_MANUAL);
409  $sequence = [];
410  if ($auth_mode_kind === ilAuthModeDetermination::TYPE_AUTOMATIC) {
411  $sequence = (array) ($value[self::PROP_AUTH_MODE_KIND][1] ?? []);
412  }
413 
414  $merged_values = array_merge(
415  [
416  self::PROP_AUTH_MODE_KIND => $auth_mode_kind,
417  ],
418  [
419  self::PROP_AUTH_MODE_SEQUENCE => $sequence
420  ]
421  );
422 
423  return $merged_values;
424  })
425  );
426  }
427 
428  private function updateAuthModeDeterminationObject(): void
429  {
430  if (!$this->rbac_system->checkAccess('write', $this->object->getRefId())) {
431  $this->ilias->raiseError($this->lng->txt('permission_denied'), $this->ilias->error_obj->MESSAGE);
432  }
433 
434  $form = $this->buildAuthModeDeterminationForm();
435  if ($form === null) {
436  $this->authSettingsObject();
437  return;
438  }
439 
440  $form_valid = false;
441  $form_data = null;
442  if ($this->http->request()->getMethod() === 'POST') {
443  $form = $form->withRequest($this->http->request());
444  $form_data = $form->getData();
445  $form_valid = $form_data !== null;
446  }
447 
448  if (!$form_valid) {
449  $this->tpl->setOnScreenMessage(
450  $this->tpl::MESSAGE_TYPE_FAILURE,
451  $this->lng->txt('err_wrong_login')
452  );
453  $this->authSettingsObject($form);
454  return;
455  }
456 
457  $det = ilAuthModeDetermination::_getInstance();
458  $kind = (int) $form_data[self::PROP_AUTH_MODE_KIND];
459  $det->setKind($kind);
460  if ($kind === ilAuthModeDetermination::TYPE_AUTOMATIC) {
461  $sequence = $form_data[self::PROP_AUTH_MODE_SEQUENCE];
462  $this->logger->debug('pos mode:' . print_r($sequence, true));
463  asort($sequence, SORT_NUMERIC);
464  $this->logger->debug('pos mode:' . print_r($sequence, true));
465  $counter = 0;
466  $position = [];
467  foreach (array_keys($sequence) as $auth_mode) {
468  $position[$counter++] = substr($auth_mode, 1);
469  }
470  $this->logger->debug('position mode:' . print_r($position, true));
471  $det->setAuthModeSequence($position);
472  }
473  $det->save();
474 
475  $this->tpl->setOnScreenMessage(
476  $this->tpl::MESSAGE_TYPE_SUCCESS,
477  $this->lng->txt('settings_saved'),
478  true
479  );
480  $this->ctrl->redirect($this, 'authSettings');
481  }
482 
483  public function cancelObject(): void
484  {
485  $this->ctrl->redirect($this, 'authSettings');
486  }
487 
488  public function setAuthModeObject(): void
489  {
490  if (!$this->rbac_system->checkAccess('write', $this->object->getRefId())) {
491  $this->ilias->raiseError($this->lng->txt('permission_denied'), $this->ilias->error_obj->MESSAGE);
492  }
493  $this->logger->debug('auth mode available:' . $this->request_wrapper->has('auth_mode'));
494 
495  if (!$this->http->wrapper()->post()->has('auth_mode')) {
496  $this->ilias->raiseError($this->lng->txt('auth_err_no_mode_selected'), $this->ilias->error_obj->MESSAGE);
497  }
498  $new_auth_mode = $this->http->wrapper()->post()->retrieve('auth_mode', $this->refinery->to()->string());
499  $this->logger->debug('auth mode:' . $new_auth_mode);
500  $current_auth_mode = $this->settings->get('auth_mode', '');
501  if ($new_auth_mode === $current_auth_mode) {
502  $this->tpl->setOnScreenMessage(
503  'info',
504  $this->lng->txt('auth_mode') . ': ' . $this->getAuthModeTitle() . ' ' . $this->lng->txt(
505  'auth_mode_not_changed'
506  ),
507  true
508  );
509  $this->ctrl->redirect($this, 'authSettings');
510  }
511 
512  switch ((int) $new_auth_mode) {
513  case ilAuthUtils::AUTH_SAML:
514  break;
515 
516  // @fix changed from AUTH_SHIB > is not defined
517  case ilAuthUtils::AUTH_SHIBBOLETH:
518  if ($this->object->checkAuthSHIB() !== true) {
519  $this->tpl->setOnScreenMessage('failure', $this->lng->txt('auth_shib_not_configured'), true);
520  ilUtil::redirect(
521  $this->getReturnLocation(
522  'authSettings',
523  $this->ctrl->getLinkTargetByClass(
524  ilAuthShibbolethSettingsGUI::class,
525  'settings',
526  '',
527  false,
528  false
529  )
530  )
531  );
532  }
533  break;
534 
535  case ilAuthUtils::AUTH_SCRIPT:
536  if ($this->object->checkAuthScript() !== true) {
537  $this->tpl->setOnScreenMessage('failure', $this->lng->txt('auth_script_not_configured'), true);
538  ilUtil::redirect(
539  $this->getReturnLocation(
540  'authSettings',
541  $this->ctrl->getLinkTarget($this, 'editScript', '', false, false)
542  )
543  );
544  }
545  break;
546  }
547 
548  $this->ilias->setSetting('auth_mode', $new_auth_mode);
549 
550  $this->tpl->setOnScreenMessage(
551  'success',
552  $this->lng->txt('auth_default_mode_changed_to') . ' ' . $this->getAuthModeTitle(),
553  true
554  );
555  $this->ctrl->redirect($this, 'authSettings');
556  }
557 
558  private function buildSOAPForm(
559  string $submit_action
560  ): \ILIAS\UI\Component\Input\Container\Form\Form {
561  $role_list = $this->rbac_review->getRolesByFilter(2, $this->object->getId());
562  $roles = [];
563 
564  foreach ($role_list as $role) {
565  $roles[$role['obj_id']] = $role['title'];
566  }
567 
568  $active = $this->ui_factory
569  ->input()
570  ->field()
571  ->checkbox($this->lng->txt('active'))
572  ->withValue((bool) $this->settings->get('soap_auth_active', ''));
573 
574  $server = $this->ui_factory
575  ->input()
576  ->field()
577  ->text(
578  $this->lng->txt('server'),
579  $this->lng->txt('auth_soap_server_desc')
580  )
581  ->withMaxLength(256)
582  ->withRequired(true)
583  ->withValue($this->settings->get('soap_auth_server', ''));
584 
585  $port = $this->ui_factory
586  ->input()
587  ->field()
588  ->numeric(
589  $this->lng->txt('port'),
590  $this->lng->txt('auth_soap_port_desc')
591  )
592  ->withAdditionalTransformation($this->refinery->int()->isGreaterThan(0))
593  ->withAdditionalTransformation(
594  $this->refinery->int()->isLessThan(65536)
595  )
596  ->withValue((int) $this->settings->get('soap_auth_port', '0'));
597 
598  $use_https = $this->ui_factory
599  ->input()
600  ->field()
601  ->checkbox($this->lng->txt('auth_soap_use_https'))
602  ->withValue((bool) $this->settings->get('soap_auth_use_https', ''));
603 
604  $uri = $this->ui_factory
605  ->input()
606  ->field()
607  ->text(
608  $this->lng->txt('uri'),
609  $this->lng->txt('auth_soap_uri_desc')
610  )
611  ->withMaxLength(256)
612  ->withValue($this->settings->get('soap_auth_uri', ''));
613 
614  $namespace = $this->ui_factory
615  ->input()
616  ->field()
617  ->text(
618  $this->lng->txt('auth_soap_namespace'),
619  $this->lng->txt('auth_soap_namespace_desc')
620  )
621  ->withMaxLength(256)
622  ->withValue($this->settings->get('soap_auth_namespace', ''));
623 
624  $dotnet = $this->ui_factory
625  ->input()
626  ->field()
627  ->checkbox($this->lng->txt('auth_soap_use_dotnet'))
628  ->withValue((bool) $this->settings->get('soap_auth_use_dotnet', ''));
629 
630  $createuser = $this->ui_factory
631  ->input()
632  ->field()
633  ->checkbox(
634  $this->lng->txt('auth_create_users'),
635  $this->lng->txt('auth_soap_create_users_desc')
636  )
637  ->withValue((bool) $this->settings->get('soap_auth_create_users', ''));
638 
639  $sendmail = $this->ui_factory
640  ->input()
641  ->field()
642  ->checkbox(
643  $this->lng->txt('user_send_new_account_mail'),
644  $this->lng->txt('auth_new_account_mail_desc')
645  )
646  ->withValue((bool) $this->settings->get('soap_auth_account_mail', ''));
647 
648  $defaultrole = $this->ui_factory
649  ->input()
650  ->field()
651  ->select(
652  $this->lng->txt('auth_user_default_role'),
653  $roles,
654  $this->lng->txt('auth_soap_user_default_role_desc')
655  )
656  ->withValue($this->settings->get('soap_auth_user_default_role', '4'))
657  ->withAdditionalTransformation($this->refinery->int()->isGreaterThan(0));
658 
659  $allowlocal = $this->ui_factory
660  ->input()
661  ->field()
662  ->checkbox(
663  $this->lng->txt('auth_allow_local'),
664  $this->lng->txt('auth_soap_allow_local_desc')
665  )
666  ->withValue((bool) $this->settings->get('soap_auth_user_default_role', ''));
667 
668  $form = $this->ui_factory->input()->container()->form()->standard(
669  $submit_action,
670  [
671  'active' => $active,
672  'server' => $server,
673  'port' => $port,
674  'use_https' => $use_https,
675  'uri' => $uri,
676  'namespace' => $namespace,
677  'dotnet' => $dotnet,
678  'createuser' => $createuser,
679  'sendmail' => $sendmail,
680  'defaultrole' => $defaultrole,
681  'allowlocal' => $allowlocal
682  ]
683  );
684  return $form;
685  }
686 
687  private function buildSOAPTestForm(
688  string $submit_action
689  ): \ILIAS\UI\Component\Input\Container\Form\Form {
690  $ext_uid = $this->ui_factory->input()->field()->text(
691  'ext_uid'
692  );
693  $soap_pw = $this->ui_factory->input()->field()->text(
694  'soap_pw'
695  );
696  $new_user = $this->ui_factory->input()->field()
697  ->checkbox('new_user');
698  return $this->ui_factory->input()->container()->form()->standard(
699  $submit_action,
700  [
701  'ext_uid' => $ext_uid,
702  'soap_pw' => $soap_pw,
703  'new_user' => $new_user
704  ]
705  )->withSubmitLabel('Send');
706  }
707 
708  public function editSOAPObject(): void
709  {
710  if (!$this->rbac_system->checkAccess('read', $this->object->getRefId())) {
711  $this->ilias->raiseError($this->lng->txt('permission_denied'), $this->ilias->error_obj->MESSAGE);
712  }
713 
714  $soap_form = $this->buildSOAPForm($this->ctrl->getFormAction($this, 'saveSOAP'));
715  $test_form = $this->buildSOAPTestForm($this->ctrl->getFormAction($this, 'testSoapAuthConnection'));
716 
717  $this->tabs_gui->setTabActive('auth_soap');
718  $panel = $this->ui_factory->panel()->standard('SOAP', [$soap_form, $test_form]);
719  $this->tpl->setContent($this->ui_renderer->render($panel));
720  }
721 
722  public function testSoapAuthConnectionObject(): void
723  {
724  if (!$this->rbac_system->checkAccess('read', $this->object->getRefId())) {
725  $this->ilias->raiseError($this->lng->txt('permission_denied'), $this->ilias->error_obj->MESSAGE);
726  }
727 
728  $soap_form = $this->buildSOAPForm($this->ctrl->getFormAction($this, 'saveSOAP'));
729  $test_form = $this->buildSOAPTestForm($this->ctrl->getFormAction($this, 'testSoapAuthConnection'));
730  $panel_content = [$soap_form, $test_form];
731  if ($this->request->getMethod() === 'POST') {
732  $test_form = $test_form->withRequest($this->request);
733  $result = $test_form->getData();
734  if ($result !== null) {
735  $panel_content[] = $this->ui_factory->legacy()->content(
736  ilSOAPAuth::testConnection($result['ext_uid'], $result['soap_pw'], $result['new_user'])
737  );
738  }
739  }
740  $this->tabs_gui->setTabActive('auth_soap');
741  $panel = $this->ui_factory->panel()->standard('SOAP', $panel_content);
742  $this->tpl->setContent($this->ui_renderer->render($panel));
743  }
744 
745  public function saveSOAPObject(): void
746  {
747  if (!$this->rbac_system->checkAccess('write', $this->object->getRefId())) {
748  $this->ilias->raiseError($this->lng->txt('permission_denied'), $this->ilias->error_obj->MESSAGE);
749  }
750 
751  $soap_form = $this->buildSOAPForm($this->ctrl->getFormAction($this, 'saveSOAP'));
752  $test_form = $this->buildSOAPTestForm($this->ctrl->getFormAction($this, 'testSoapAuthConnection'));
753  if ($this->request->getMethod() === 'POST') {
754  $soap_form = $soap_form->withRequest($this->request);
755  $result = $soap_form->getData();
756  if ($result !== null) {
757  $this->settings->set('soap_auth_active', (string) $result['active']);
758  $this->settings->set('soap_auth_server', $result['server']);
759  $this->settings->set('soap_auth_port', (string) $result['port']);
760  $this->settings->set('soap_auth_use_https', (string) $result['use_https']);
761  $this->settings->set('soap_auth_uri', $result['uri']);
762  $this->settings->set('soap_auth_namespace', $result['namespace']);
763  $this->settings->set('soap_auth_use_dotnet', (string) $result['dotnet']);
764  $this->settings->set('soap_auth_create_users', (string) $result['createuser']);
765  $this->settings->set('soap_auth_account_mail', (string) $result['sendmail']);
766  $this->settings->set('soap_auth_user_default_role', (string) $result['defaultrole']);
767  $this->settings->set('soap_auth_allow_local', (string) $result['allowlocal']);
768 
769  $this->tpl->setOnScreenMessage('success', $this->lng->txt('auth_soap_settings_saved'), true);
770  $this->logger->info('data' . print_r($result, true));
771  $this->ctrl->redirect($this, 'editSOAP');
772  }
773  }
774 
775  $this->tabs_gui->setTabActive('auth_soap');
776  $panel = $this->ui_factory->panel()->standard('SOAP', [$soap_form, $test_form]);
777  $this->tpl->setContent($this->ui_renderer->render($panel));
778  }
779 
780  public function editScriptObject(): void
781  {
782  if (!$this->rbac_system->checkAccess('write', $this->object->getRefId())) {
783  $this->ilias->raiseError($this->lng->txt('permission_denied'), $this->ilias->error_obj->MESSAGE);
784  }
785 
786  if ($_SESSION['error_post_vars']) {
787  $this->tpl->setVariable('AUTH_SCRIPT_NAME', $_SESSION['error_post_vars']['auth_script']['name']);
788  } else {
789  $settings = $this->ilias->getAllSettings();
790 
791  $this->tpl->setVariable('AUTH_SCRIPT_NAME', $settings['auth_script_name']);
792  }
793 
794  $this->tabs_gui->setTabActive('auth_script');
795 
796  $this->tpl->addBlockFile(
797  'ADM_CONTENT',
798  'adm_content',
799  'tpl.auth_script.html',
800  'components/ILIAS/Authentication'
801  );
802 
803  $this->tpl->setVariable('FORMACTION', $this->ctrl->getFormAction($this));
804  $this->tpl->setVariable('COLSPAN', 3);
805  $this->tpl->setVariable('TXT_AUTH_SCRIPT_TITLE', $this->lng->txt('auth_script_configure'));
806  $this->tpl->setVariable('TXT_OPTIONS', $this->lng->txt('options'));
807  $this->tpl->setVariable('TXT_AUTH_SCRIPT_NAME', $this->lng->txt('auth_script_name'));
808 
809  $this->tpl->setVariable('TXT_REQUIRED_FLD', $this->lng->txt('required_field'));
810  $this->tpl->setVariable('TXT_CANCEL', $this->lng->txt('cancel'));
811  $this->tpl->setVariable('TXT_SUBMIT', $this->lng->txt('save'));
812  $this->tpl->setVariable('CMD_SUBMIT', 'saveScript');
813  }
814 
815  public function saveScriptObject(): void
816  {
817  if (!$_POST['auth_script']['name']) {
818  $this->ilias->raiseError($this->lng->txt('fill_out_all_required_fields'), $this->ilias->error_obj->MESSAGE);
819  }
820 
821  $this->ilias->setSetting('auth_script_name', $_POST['auth_script']['name']);
822  $this->ilias->setSetting('auth_mode', (string) ilAuthUtils::AUTH_SCRIPT);
823 
824  $this->tpl->setOnScreenMessage(
825  'success',
826  $this->lng->txt('auth_mode_changed_to') . ' ' . $this->getAuthModeTitle(),
827  true
828  );
829  $this->ctrl->redirect($this, 'editScript');
830  }
831 
832  private function getAuthModeTitle(): string
833  {
834  return match ((int) $this->ilias->getSetting('auth_mode')) {
835  ilAuthUtils::AUTH_LOCAL => $this->lng->txt('auth_local'),
836  ilAuthUtils::AUTH_LDAP => $this->lng->txt('auth_ldap'),
837  ilAuthUtils::AUTH_SHIBBOLETH => $this->lng->txt('auth_shib'),
838  ilAuthUtils::AUTH_SAML => $this->lng->txt('auth_saml'),
839  ilAuthUtils::AUTH_SCRIPT => $this->lng->txt('auth_script'),
840  ilAuthUtils::AUTH_APACHE => $this->lng->txt('auth_apache'),
841  default => $this->lng->txt('unknown'),
842  };
843  }
844 
845  public function executeCommand(): void
846  {
847  $next_class = $this->ctrl->getNextClass($this) ?? '';
848  $cmd = $this->ctrl->getCmd() ?? '';
849  $this->prepareOutput();
850 
851  if (!$this->rbac_system->checkAccess('visible,read', $this->object->getRefId())) {
852  $this->error->raiseError($this->lng->txt('msg_no_perm_read'), $this->error->WARNING);
853  }
854 
855  switch ($next_class) {
856  case 'ilopenidconnectsettingsgui':
857  $this->tabs_gui->activateTab('auth_oidconnect');
858 
859  $oid = new ilOpenIdConnectSettingsGUI($this->object->getRefId());
860  $this->ctrl->forwardCommand($oid);
861  break;
862 
863  case 'ilsamlsettingsgui':
864  $this->tabs_gui->setTabActive('auth_saml');
865 
866  $os = new ilSamlSettingsGUI($this->object->getRefId());
867  $this->ctrl->forwardCommand($os);
868  break;
869 
870  case 'ilregistrationsettingsgui':
871  $this->tabs_gui->setTabActive('registration_settings');
872 
873  $registration_gui = new ilRegistrationSettingsGUI();
874  $this->ctrl->forwardCommand($registration_gui);
875  break;
876 
877  case 'ilpermissiongui':
878  $this->tabs_gui->setTabActive('perm_settings');
879 
880  $perm_gui = new ilPermissionGUI($this);
881  $this->ctrl->forwardCommand($perm_gui);
882  break;
883 
884  case 'illdapsettingsgui':
885  $this->tabs_gui->setTabActive('auth_ldap');
886 
887  $ldap_settings_gui = new ilLDAPSettingsGUI($this->object->getRefId());
888  $this->ctrl->forwardCommand($ldap_settings_gui);
889  break;
890 
891  case 'ilauthshibbolethsettingsgui':
892  $this->tabs_gui->setTabActive('auth_shib');
893 
894  $shib_settings_gui = new ilAuthShibbolethSettingsGUI($this->object->getRefId());
895  $this->ctrl->forwardCommand($shib_settings_gui);
896  break;
897 
898  case strtolower(ilAuthPageEditorGUI::class):
899  $this->setSubTabs('authSettings');
900  $this->tabs_gui->setTabActive('authentication_settings');
901  $this->tabs_gui->setSubTabActive('auth_login_editor');
902 
903  $lpe = new ilAuthPageEditorGUI($this->object->getRefId());
904  $this->ctrl->forwardCommand($lpe);
905  break;
906 
907  case strtolower(ilObjectContentStyleSettingsGUI::class):
908  $this->checkPermission('write');
909  $this->setTitleAndDescription();
910  $this->setSubTabs('authSettings');
911  $this->tabs_gui->activateTab('authentication_settings');
912  $this->tabs_gui->activateSubTab('style');
913 
914  $settings_gui = $this->content_style_gui
915  ->objectSettingsGUIForRefId(
916  null,
917  $this->object->getRefId()
918  );
919  $this->ctrl->forwardCommand($settings_gui);
920  break;
921 
922  case strtolower(ilAuthLogoutBehaviourGUI::class):
923  $this->setSubTabs('authSettings');
924  $this->tabs_gui->setTabActive('authentication_settings');
925  $this->tabs_gui->setSubTabActive('logout_behaviour');
926 
927  $gui = new ilAuthLogoutBehaviourGUI();
928  $this->ctrl->forwardCommand($gui);
929  break;
930 
931  default:
932  if (!$cmd) {
933  $cmd = 'authSettings';
934  }
935  $cmd .= 'Object';
936  $this->$cmd();
937 
938  break;
939  }
940  }
941 
942  public function getAdminTabs(): void
943  {
944  $this->getTabs();
945  }
946 
947  protected function getTabs(): void
948  {
949  $this->ctrl->setParameter($this, 'ref_id', $this->object->getRefId());
950 
951  if ($this->rbac_system->checkAccess('visible,read', $this->object->getRefId())) {
952  $this->tabs_gui->addTarget(
953  'authentication_settings',
954  $this->ctrl->getLinkTarget($this, 'authSettings'),
955  '',
956  '',
957  ''
958  );
959 
960  $this->tabs_gui->addTarget(
961  'registration_settings',
962  $this->ctrl->getLinkTargetByClass('ilregistrationsettingsgui', 'view')
963  );
964 
965  $this->tabs_gui->addTarget(
966  'auth_ldap',
967  $this->ctrl->getLinkTargetByClass('illdapsettingsgui', 'serverList'),
968  '',
969  '',
970  ''
971  );
972 
973  $this->tabs_gui->addTarget(
974  'auth_shib',
975  $this->ctrl->getLinkTargetByClass('ilauthshibbolethsettingsgui', 'settings')
976  );
977 
978  $this->tabs_gui->addTarget(
979  'auth_soap',
980  $this->ctrl->getLinkTarget($this, 'editSOAP'),
981  '',
982  '',
983  ''
984  );
985 
986  $this->tabs_gui->addTarget(
987  'apache_auth_settings',
988  $this->ctrl->getLinkTarget($this, self::CMD_SHOW_APACHE_SETTINGS),
989  '',
990  '',
991  ''
992  );
993 
994  $this->tabs_gui->addTarget(
995  'auth_saml',
996  $this->ctrl->getLinkTargetByClass('ilsamlsettingsgui', ilSamlSettingsGUI::DEFAULT_CMD),
997  '',
998  '',
999  ''
1000  );
1001 
1002  $this->tabs_gui->addTab(
1003  'auth_oidconnect',
1004  $this->lng->txt('auth_oidconnect'),
1005  $this->ctrl->getLinkTargetByClass('ilopenidconnectsettingsgui')
1006  );
1007  }
1008 
1009  if ($this->rbac_system->checkAccess('edit_permission', $this->object->getRefId())) {
1010  $this->tabs_gui->addTarget(
1011  'perm_settings',
1012  $this->ctrl->getLinkTargetByClass([get_class($this), 'ilpermissiongui'], 'perm'),
1013  ['perm', 'info', 'owner'],
1014  'ilpermissiongui'
1015  );
1016  }
1017  }
1018 
1019  public function setSubTabs(string $a_tab): void
1020  {
1021  $this->lng->loadLanguageModule('auth');
1022 
1023  if ($a_tab === 'authSettings' && $this->access->checkAccess('write', '', $this->object->getRefId())) {
1024  $this->tabs_gui->addSubTabTarget(
1025  'auth_settings',
1026  $this->ctrl->getLinkTarget($this, 'authSettings'),
1027  ''
1028  );
1029 
1030  foreach (AuthPageEditorContext::cases() as $auth_ipe_context) {
1031  $this->ctrl->setParameterByClass(
1032  ilAuthPageEditorGUI::class,
1033  ilAuthPageEditorGUI::CONTEXT_HTTP_PARAM,
1034  $auth_ipe_context->value
1035  );
1036  $this->tabs_gui->addSubTabTarget(
1037  $auth_ipe_context->tabIdentifier(),
1038  $this->ctrl->getLinkTargetByClass(
1039  ilAuthPageEditorGUI::class,
1040  ilAuthPageEditorGUI::DEFAULT_COMMAND
1041  )
1042  );
1043  $this->ctrl->setParameterByClass(
1044  ilAuthPageEditorGUI::class,
1045  ilAuthPageEditorGUI::CONTEXT_HTTP_PARAM,
1046  null
1047  );
1048  }
1049 
1050  $this->tabs_gui->addSubTabTarget(
1051  'logout_behaviour',
1052  $this->ctrl->getLinkTargetByClass(ilAuthLogoutBehaviourGUI::class, ''),
1053  ''
1054  );
1055 
1056  $this->tabs_gui->addSubTab(
1057  'style',
1058  $this->lng->txt('cont_style'),
1059  $this->ctrl->getLinkTargetByClass(ilObjectContentStyleSettingsGUI::class)
1060  );
1061  }
1062  }
1063 
1064  public function apacheAuthSettingsObject(?StandardForm $form = null): void
1065  {
1066  $this->tabs_gui->setTabActive('apache_auth_settings');
1067 
1068  if (!$form) {
1069  $settings = new ilSetting('apache_auth');
1070  $settingsMap = $settings->getAll();
1071 
1072  $path = ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt';
1073  if (file_exists($path) && is_readable($path)) {
1074  $settingsMap['apache_auth_domains'] = file_get_contents($path);
1075  }
1076 
1077  $form = (new ApacheAuthSettingsForm(
1078  $this->ref_id,
1079  $this,
1080  self::CMD_SHOW_APACHE_SETTINGS,
1081  self::CMD_SAVE_APACHE_SETTINGS,
1082  $settingsMap
1083  ))->buildForm();
1084 
1085  }
1086 
1087  $this->tpl->setContent($this->ui_renderer->render([
1088  $this->ui_factory->item()->standard($this->lng->txt('apache_settings')),
1089  $form
1090  ]));
1091  }
1092 
1093  public function saveApacheSettingsObject(): void
1094  {
1095  $form = (new ApacheAuthSettingsForm(
1096  $this->ref_id,
1097  $this,
1098  self::CMD_SHOW_APACHE_SETTINGS,
1099  self::CMD_SAVE_APACHE_SETTINGS
1100  ))->buildForm()->withRequest($this->http->request());
1101  if (!$form->getError()) {
1102  $data = $form->getData();
1103 
1104  $settings = new ilSetting('apache_auth');
1105 
1106  $fields = [
1107  'apache_auth_indicator_name',
1108  'apache_auth_indicator_value',
1109  'apache_enable_auth',
1110  'apache_enable_local',
1111  'apache_local_autocreate',
1112  'apache_enable_ldap',
1113  'apache_auth_username_config_type',
1114  'apache_auth_username_direct_mapping_fieldname',
1115  'apache_default_role',
1116  'apache_auth_target_override_login_page',
1117  'apache_auth_enable_override_login_page',
1118  'apache_auth_authenticate_on_login_page',
1119  'apache_ldap_sid'
1120  ];
1121 
1122  foreach ($fields as $field) {
1123  $value = match ($field) {
1124  'apache_enable_auth',
1125  'apache_auth_enable_override_login_page',
1126  'apache_auth_username_config',
1127  'apache_auth_security',
1128  'apache_enable_ldap' => (bool) ($data[$field] ?? false),
1129  'apache_auth_username_config_type' => $data['apache_auth_username_config'][$field][0] ?? 1,
1130  'apache_auth_target_override_login_page' => $data['apache_auth_enable_override_login_page'][$field] ?? '',
1131  'apache_auth_username_direct_mapping_fieldname' => $data['apache_auth_username_config']['apache_auth_username_config_type'][1][$field] ?? '',
1132  'apache_auth_domains' => $data['apache_auth_security'][$field] ?? '',
1133  'apache_local_autocreate' => (bool) ($data['apache_enable_auth'][$field] ?? false),
1134  'apache_default_role' => $data['apache_enable_auth']['apache_local_autocreate'][$field] ?? 4,
1135  'apache_ldap_sid' => $data['apache_enable_ldap'][$field] ?? '',
1136  default => $data[$field],
1137  };
1138 
1139  $settings->set(
1140  $field,
1141  ilUtil::stripSlashes(trim((string) ($value === false ? '0' : $value)))
1142  );
1143  }
1144 
1145  if ($data[$field] ?? false) {
1146  $this->ilias->setSetting('apache_active', '1');
1147  } else {
1148  $this->ilias->setSetting('apache_active', '0');
1149  if ($this->ilias->getSetting('auth_mode', '0') === ilAuthUtils::AUTH_APACHE) {
1150  $this->ilias->setSetting('auth_mode', (string) ilAuthUtils::AUTH_LOCAL);
1151  }
1152  }
1153 
1154  $allowed_domains = $this->validateApacheAuthAllowedDomains($data['apache_auth_security']['apache_auth_domains'] ?? '');
1155  file_put_contents(ILIAS_DATA_DIR . '/' . CLIENT_ID . '/apache_auth_allowed_domains.txt', $allowed_domains);
1156 
1157  $this->tpl->setOnScreenMessage(
1158  $this->tpl::MESSAGE_TYPE_SUCCESS,
1159  $this->lng->txt('apache_settings_changed_success'),
1160  true
1161  );
1162  $this->ctrl->redirect($this, self::CMD_SHOW_APACHE_SETTINGS);
1163  }
1164 
1165  $this->ctrl->redirect($this, self::CMD_SHOW_APACHE_SETTINGS);
1166  }
1167 
1168  private function validateApacheAuthAllowedDomains(string $text): string
1169  {
1170  return implode("\n", preg_split("/[\r\n]+/", $text));
1171  }
1172 
1173  public function registrationSettingsObject(): void
1174  {
1175  $registration_gui = new ilRegistrationSettingsGUI();
1176  $this->ctrl->redirect($registration_gui);
1177  }
1178 }
$namespace
if($err=$client->getError()) $namespace
Definition: dummy_client.php:57
ilAuthUtils\AUTH_SOAP
const int AUTH_SOAP
Definition: class.ilAuthUtils.php:31
ilSamlIdp\isAuthModeSaml
static isAuthModeSaml(string $a_auth_mode)
Definition: class.ilSamlIdp.php:184
ilAuthShibbolethSettingsGUI
Class ilAuthShibbolethSettingsGUI.
Definition: class.ilAuthShibbolethSettingsGUI.php:31
ilAuthUtils\AUTH_SHIBBOLETH
const int AUTH_SHIBBOLETH
Definition: class.ilAuthUtils.php:30
ilObjRole\_lookupRegisterAllowed
static _lookupRegisterAllowed()
get all roles that are activated in user registration
Definition: class.ilObjRole.php:217
ilLDAPServer\getInstanceByServerId
static getInstanceByServerId(int $a_server_id)
Get instance by server id.
Definition: class.ilLDAPServer.php:101
ilObjectGUI\prepareOutput
prepareOutput(bool $show_sub_objects=true)
Definition: class.ilObjectGUI.php:307
ilAuthPageEditorGUI\DEFAULT_COMMAND
final const string DEFAULT_COMMAND
Definition: class.ilAuthPageEditorGUI.php:31
ILIAS
Interface Observer Contains several chained tasks and infos about them.
Definition: AccessControl.php:21
ilSetting\set
set(string $a_key, string $a_val)
Definition: class.ilSetting.php:145
ilUtil\stripSlashes
static stripSlashes(string $a_str, bool $a_strip_html=true, string $a_allow="")
Definition: class.ilUtil.php:392
ilObjAuthSettingsGUI\__construct
__construct($a_data, int $a_id, bool $a_call_by_reference, bool $a_prepare_output=true)
Definition: class.ilObjAuthSettingsGUI.php:44
$ext_uid
$ext_uid
Definition: dummy_client.php:26
ILIAS\Style\Content\GUIService
Facade for consumer gui interface.
Definition: class.GUIService.php:31
ilAuthUtils\_getActiveAuthModes
static _getActiveAuthModes()
Definition: class.ilAuthUtils.php:229
ilAuthUtils\AUTH_APACHE
const int AUTH_APACHE
Definition: class.ilAuthUtils.php:34
ilObjAuthSettingsGUI\buildSOAPTestForm
buildSOAPTestForm(string $submit_action)
Definition: class.ilObjAuthSettingsGUI.php:687
ilSamlIdp\getInstanceByIdpId
static getInstanceByIdpId(int $a_idp_id)
Definition: class.ilSamlIdp.php:66
ilAuthPageEditorGUI\CONTEXT_HTTP_PARAM
final const string CONTEXT_HTTP_PARAM
Definition: class.ilAuthPageEditorGUI.php:33
ilSamlIdp\getIdpIdByAuthMode
static getIdpIdByAuthMode(string $a_auth_mode)
Definition: class.ilSamlIdp.php:198
ilAuthUtils\_getAuthModeName
static _getAuthModeName($a_auth_key)
Definition: class.ilAuthUtils.php:180
ilAuthLogoutBehaviourGUI
ilAuthLogoutBehaviourGUI: ilObjAuthSettingsGUI ilAuthLogoutBehaviourGUI: ilLoginPageGUI ...
Definition: class.ilAuthLogoutBehaviourGUI.php:34
$path
$path
Definition: ltiservices.php:29
ilObjAuthSettingsGUI\buildSOAPForm
buildSOAPForm(string $submit_action)
Definition: class.ilObjAuthSettingsGUI.php:558
null
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
Definition: shib_logout.php:144
ilLDAPServer\getServerIdByAuthMode
static getServerIdByAuthMode(string $a_auth_mode)
Get auth id by auth mode.
Definition: class.ilLDAPServer.php:401
ilAuthUtils\getAuthPlugins
static getAuthPlugins()
Definition: class.ilAuthUtils.php:616
ilAuthUtils\AUTH_SCRIPT
const int AUTH_SCRIPT
Definition: class.ilAuthUtils.php:29
ilAuthUtils\AUTH_LOCAL
const int AUTH_LOCAL
Definition: class.ilAuthUtils.php:27
ILIAS\FileDelivery\http
static http()
Fetches the global http state from ILIAS.
Definition: HttpServiceAware.php:55
ilObjAuthSettingsGUI\authSettingsObject
authSettingsObject(?ILIAS\UI\Component\Input\Container\Form\Form $auth_mode_determination_form=null, ?ILIAS\UI\Component\Input\Container\Form\Form $registration_role_mapping_form=null)
Definition: class.ilObjAuthSettingsGUI.php:63
ilObjUser\_getNumberOfUsersPerAuthMode
static _getNumberOfUsersPerAuthMode()
get number of users per auth mode
Definition: class.ilObjUser.php:2807
ilObjectGUI
Class ilObjectGUI Basic methods of all Output classes.
Definition: class.ilObjectGUI.php:48
ilAuthPageEditorGUI
ilAuthPageEditorGUI: ilObjAuthSettingsGUI ilAuthPageEditorGUI: ilLoginPageGUI, ilLogoutPageGUI ...
Definition: class.ilAuthPageEditorGUI.php:29
$soap_pw
$soap_pw
Definition: dummy_client.php:28
CLIENT_ID
const CLIENT_ID
Definition: constants.php:41
$DIC
global $DIC
Definition: shib_login.php:26
ilUtil\getImagePath
static getImagePath(string $image_name, string $module_path="", string $mode="output", bool $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:68
ilRegistrationSettingsGUI
Class ilRegistrationSettingsGUI.
Definition: class.ilRegistrationSettingsGUI.php:35
ilias
Class ilObjForumAdministration.
ILIAS\UI\Implementation\Component\Input\withValue
withValue($value)
Get an input like this with another value displayed on the client side.
Definition: Group.php:61
ILIAS_DATA_DIR
const ILIAS_DATA_DIR
Definition: constants.php:44
ilUtil\redirect
static redirect(string $a_script)
Definition: class.ilUtil.php:939
$new_user
$new_user
Definition: dummy_client.php:30
ilAuthUtils\_getAllAuthModes
static _getAllAuthModes()
Definition: class.ilAuthUtils.php:289
ilObjAuthSettingsGUI
ilObjAuthSettingsGUI: ilPermissionGUI, ilRegistrationSettingsGUI, ilLDAPSettingsGUI ilObjAuthSetting...
Definition: class.ilObjAuthSettingsGUI.php:33
ilObjRole\_updateAuthMode
static _updateAuthMode(array $a_roles)
Definition: class.ilObjRole.php:439
ILIAS\GlobalScreen\Provider\__construct
__construct(Container $dic, ilPlugin $plugin)
Definition: PluginProviderHelper.php:37
ilObjectGUI\getReturnLocation
getReturnLocation(string $cmd, string $default_location="")
Get return location for command (command is method name without "Object", e.g.
Definition: class.ilObjectGUI.php:1590
ilLDAPServer\isAuthModeLDAP
static isAuthModeLDAP(string $a_auth_mode)
Check if user auth mode is LDAP.
Definition: class.ilLDAPServer.php:382
ilAuthUtils\AUTH_LDAP
const int AUTH_LDAP
Definition: class.ilAuthUtils.php:28
$server
$server
Definition: shib_login.php:28
ilObjAuthSettingsGUI\apacheAuthSettingsObject
apacheAuthSettingsObject(?StandardForm $form=null)
Definition: class.ilObjAuthSettingsGUI.php:1064
ilObjectGUI\$settings
ilSetting $settings
Definition: class.ilObjectGUI.php:68
ilObjectGUI\checkPermission
checkPermission(string $perm, string $cmd="", string $type="", ?int $ref_id=null)
Definition: class.ilObjectGUI.php:1942
ilAuthUtils\AUTH_SAML
const int AUTH_SAML
Definition: class.ilAuthUtils.php:35
ilAuthUtils\AUTH_OPENID_CONNECT
const int AUTH_OPENID_CONNECT
Definition: class.ilAuthUtils.php:36