19 declare(strict_types=1);
39 $this->
logger = $DIC->logger()->auth();
64 return $this->int_account ===
'';
76 $importParser->setXMLContent($this->writer->xmlDumpMem(
false));
79 $importParser->setRoleAssignment($roles);
82 $importParser->startParsing();
83 $debug = $importParser->getProtocol();
84 $this->
logger->debug(json_encode($debug, JSON_THROW_ON_ERROR | JSON_PRETTY_PRINT));
97 $this->writer->xmlStartTag(
'Users');
100 $this->writer->xmlStartTag(
'User', [
'Action' =>
'Insert']);
103 $this->writer->xmlStartTag(
110 $this->writer->xmlElement(
'Login', [], $this->int_account);
113 $this->writer->xmlElement(
'ExternalAccount', [], $this->ext_account);
114 $this->writer->xmlElement(
'AuthMode', [
'type' => self::AUTH_MODE],
null);
119 $this->writer->xmlElement(
'Active', [],
'true');
120 $this->writer->xmlElement(
'TimeLimitOwner', [], 7);
121 $this->writer->xmlElement(
'TimeLimitUnlimited', [], 1);
122 $this->writer->xmlElement(
'TimeLimitFrom', [], time());
123 $this->writer->xmlElement(
'TimeLimitUntil', [], time());
126 $profile_fields = $this->
settings->getProfileMappingFields();
129 foreach ($this->udf->getDefinitions() as $definition) {
130 $field = self::UDF_STRING . $definition[
'field_id'];
131 $udf_fields[$field] = $field;
134 $profile_and_udf_fields = $profile_fields + $udf_fields;
135 foreach ($profile_and_udf_fields as $field => $lng_key) {
136 $connect_name = $this->
settings->getProfileMappingFieldValue($field);
137 if (!$connect_name) {
138 $this->
logger->debug(
'Ignoring unconfigured field: ' . $field);
142 $this->
logger->debug(
'Ignoring ' . $field .
' for update.');
146 $value = $this->
valueFrom($connect_name);
148 $this->
logger->debug(
'Cannot find user data in ' . $connect_name);
154 switch (strtolower($value)) {
157 $this->writer->xmlElement(
'Gender', [],
'm');
162 $this->writer->xmlElement(
'Gender', [],
'f');
167 $this->writer->xmlElement(
'Gender', [],
'n');
173 $this->writer->xmlElement(
'Firstname', [], $value);
177 $this->writer->xmlElement(
'Lastname', [], $value);
181 $this->writer->xmlElement(
'Hobby', [], $value);
185 $this->writer->xmlElement(
'Title', [], $value);
189 $this->writer->xmlElement(
'Institution', [], $value);
193 $this->writer->xmlElement(
'Department', [], $value);
197 $this->writer->xmlElement(
'Street', [], $value);
201 $this->writer->xmlElement(
'City', [], $value);
205 $this->writer->xmlElement(
'PostalCode', [], $value);
209 $this->writer->xmlElement(
'Country', [], $value);
213 $this->writer->xmlElement(
'PhoneOffice', [], $value);
217 $this->writer->xmlElement(
'PhoneHome', [], $value);
221 $this->writer->xmlElement(
'PhoneMobile', [], $value);
225 $this->writer->xmlElement(
'Fax', [], $value);
229 $this->writer->xmlElement(
'Email', [], $value);
233 $this->writer->xmlElement(
'SecondEmail', [], $value);
236 case 'matriculation':
237 $this->writer->xmlElement(
'Matriculation', [], $value);
241 if (!str_starts_with($field,
'udf_')) {
245 $id_data = explode(
'_', $field);
246 if (!isset($id_data[1])) {
250 $definition = $this->udf->getDefinition((
int) $id_data[1]);
251 if (empty($definition)) {
254 'Invalid/Orphaned UD field mapping detected: %s',
261 $this->writer->xmlElement(
264 'Id' => $definition[
'il_id'],
265 'Name' => $definition[
'field_name']
272 $this->writer->xmlEndTag(
'User');
273 $this->writer->xmlEndTag(
'Users');
275 $this->
logger->debug($this->writer->xmlDumpMem());
283 $this->
logger->debug(
'Parsing role assignments');
291 foreach ($this->
settings->getRoleMappings() as $role_id => $role_info) {
295 if ($role_info[
'value'] ===
'') {
296 $this->
logger->debug(
'No role mapping for role: ' . $role_id);
300 [$role_attribute, $role_value] =
array_map(trim(...), explode(
'::', $role_info[
'value']));
302 if (!$role_attribute || !$role_value) {
303 $this->
logger->debug(
'No valid role mapping configuration for: ' . $role_id);
307 if (!isset($this->user_info->{$role_attribute})) {
308 $this->
logger->debug(
'No user info passed');
313 $this->
logger->debug(
'No user role update for role: ' . $role_id);
317 if (is_array($this->user_info->{$role_attribute})) {
318 $roles_claim =
array_map(trim(...), $this->user_info->{$role_attribute});
319 if (!in_array($role_value, $roles_claim,
true)) {
320 $this->
logger->debug(
'User account has no ' . $role_value);
323 } elseif (strcmp(trim((
string) $this->user_info->{$role_attribute}), $role_value) !== 0) {
324 $this->
logger->debug(
'User account has no ' . $role_value);
328 $this->
logger->debug(
'Matching role mapping for role_id: ' . $role_id);
331 $roles_assignable[(
int) $role_id] = (
int) $role_id;
332 $long_role_id = (
'il_' .
IL_INST_ID .
'_role_' . $role_id);
334 $this->writer->xmlElement(
337 'Id' => $long_role_id,
348 $this->writer->xmlElement(
351 'Id' => $long_role_id,
359 return $roles_assignable;
362 private function valueFrom(
string $connect_name): string
364 if (!$connect_name) {
368 if (!property_exists($this->user_info, $connect_name)) {
369 $this->
logger->debug(
'Cannot find property ' . $connect_name .
' in user info ');
373 return (
string) $this->user_info->{$connect_name};
static _generateLogin(string $a_login)
generate free login by starting with a default string and adding postfix numbers
Additional user data fields definition.
readonly ilXmlWriter $writer
static _lookupId($a_user_str)
static _checkExternalAuthAccount(string $a_auth, string $a_account, bool $tryFallback=true)
check whether external account and authentication method matches with a user
__construct(private readonly ilOpenIdConnectSettings $settings, private readonly stdClass $user_info)
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
setExternalAccount(string $ext_account)
setInternalAccount(string $int_account)
valueFrom(string $connect_name)
readonly ilLogger $logger
1.8.13 (using Doxyfile)
