ILIAS  trunk Revision v11.0_alpha-2638-g80c1d007f79
class.ilSimpleSAMLphpWrapper.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
21 final readonly class ilSimpleSAMLphpWrapper implements ilSamlAuth
22 {
23  private const string ILIAS = 'ilias';
24 
25  private SimpleSAML\Configuration $config;
26  private SimpleSAML\Auth\Simple $authSource;
27 
28  public function __construct(string $authSourceName, string $configurationPath)
29  {
30  $this->initConfigFiles($configurationPath);
31 
32  SimpleSAML\Configuration::setConfigDir($configurationPath);
33  $this->config = SimpleSAML\Configuration::getInstance();
34 
35  $storageType = $this->config->getString('store.type');
36 
37  if (in_array($storageType, ['phpsession', ''], true)) {
38  throw new RuntimeException('Invalid SimpleSAMLphp session handler: Must not be phpsession or empty');
39  }
40 
41  $this->authSource = new SimpleSAML\Auth\Simple($authSourceName);
42  }
43 
44  private function initConfigFiles(string $configurationPath): void
45  {
46  global $DIC;
47 
48  $templateHandler = new ilSimpleSAMLphpConfigTemplateHandler($DIC->filesystem()->storage());
49  $templateHandler->copy('../components/ILIAS/Saml/resources/config.php.dist', 'auth/saml/config/config.php', [
50  'DB_PATH' => rtrim($configurationPath, '/') . '/ssphp.sq3',
51  'SQL_INITIAL_PASSWORD' => static function (): string {
52  return substr(str_replace('+', '.', base64_encode(ilPasswordUtils::getBytes(20))), 0, 10);
53  },
54  'COOKIE_PATH' => IL_COOKIE_PATH,
55  'LOG_DIRECTORY' => ilLoggingDBSettings::getInstance()->getLogDir()
56  ]);
57  $templateHandler->copy('../components/ILIAS/Saml/resources/authsources.php.dist', 'auth/saml/config/authsources.php', [
58  'RELAY_STATE' => rtrim(ILIAS_HTTP_PATH, '/') . '/saml.php',
59  'SP_ENTITY_ID' => rtrim(ILIAS_HTTP_PATH, '/') . '/metadata.php'
60  ]);
61  }
62 
63  public function getAuthId(): string
64  {
65  return $this->authSource->getAuthSource()->getAuthId();
66  }
67 
68  public function protectResource(): void
69  {
70  $this->authSource->requireAuth();
71  }
72 
73  public function storeParam(string $key, mixed $value): void
74  {
75  $session = SimpleSAML\Session::getSessionFromRequest();
76  $session->setData(self::ILIAS, $key, $value);
77  }
78 
79  public function getParam(string $key)
80  {
81  $session = SimpleSAML\Session::getSessionFromRequest();
82 
83  return $session->getData(self::ILIAS, $key);
84  }
85 
86  public function popParam(string $key)
87  {
88  $session = SimpleSAML\Session::getSessionFromRequest();
89  $value = $this->getParam($key);
90  $session->deleteData(self::ILIAS, $key);
91 
92  return $value;
93  }
94 
95  public function isAuthenticated(): bool
96  {
97  return $this->authSource->isAuthenticated();
98  }
99 
100  public function getAttributes(): array
101  {
102  return $this->authSource->getAttributes();
103  }
104 
105  public function logout(string $returnUrl = ''): void
106  {
107  ilSession::clear('used_external_auth_mode');
108 
109  $params = [
110  'ReturnStateParam' => 'LogoutState',
111  'ReturnStateStage' => 'ilLogoutState'
112  ];
113 
114  if ($returnUrl !== '') {
115  $params['ReturnTo'] = $returnUrl;
116  }
117 
118  $this->authSource->logout($params);
119  }
120 
121  public function getIdpDiscovery(): ilSamlIdpDiscovery
122  {
123  return new ilSimpleSAMLphplIdpDiscovery();
124  }
125 
126  public function getAuthDataArray(): array
127  {
128  return $this->authSource->getAuthDataArray();
129  }
130 }
ilSimpleSAMLphpWrapper\storeParam
storeParam(string $key, mixed $value)
Definition: class.ilSimpleSAMLphpWrapper.php:73
ilSimpleSAMLphpWrapper\$config
SimpleSAML Configuration $config
Definition: class.ilSimpleSAMLphpWrapper.php:25
ilSimpleSAMLphpConfigTemplateHandler\copy
copy(string $sourcePath, string $destinationPath, array $placeholders=[])
Definition: class.ilSimpleSAMLphpConfigTemplateHandler.php:32
$params
if(! $DIC->user() ->getId()||!ilLTIConsumerAccess::hasCustomProviderCreationAccess()) $params
Definition: ltiregstart.php:31
ilSimpleSAMLphpWrapper\protectResource
protectResource()
Protect a script resource with a SAML auth.
Definition: class.ilSimpleSAMLphpWrapper.php:68
ILIAS
Interface Observer Contains several chained tasks and infos about them.
Definition: AccessControl.php:21
ilSimpleSAMLphpWrapper\__construct
__construct(string $authSourceName, string $configurationPath)
Definition: class.ilSimpleSAMLphpWrapper.php:28
ilSimpleSAMLphpWrapper\$authSource
SimpleSAML Auth Simple $authSource
Definition: class.ilSimpleSAMLphpWrapper.php:26
$DIC
global $DIC
Definition: shib_login.php:26
ilPasswordUtils\getBytes
static getBytes(int $length)
Generate random bytes using OpenSSL or Mcrypt and mt_rand() as fallback.
Definition: class.ilPasswordUtils.php:32
ilSimpleSAMLphpWrapper\initConfigFiles
initConfigFiles(string $configurationPath)
Definition: class.ilSimpleSAMLphpWrapper.php:44
ilSession\clear
static clear(string $a_var)
Definition: class.ilSession.php:398
IL_COOKIE_PATH
const IL_COOKIE_PATH(isset($_GET['client_id']))
Definition: index.php:47