| 1 |
efrain |
1 |
<?php declare(strict_types=1);
|
|
|
2 |
|
|
|
3 |
namespace EduSharingApiClient;
|
|
|
4 |
|
|
|
5 |
use Exception;
|
|
|
6 |
|
|
|
7 |
/**
|
|
|
8 |
* Class EduSharingAuthHelper
|
|
|
9 |
*
|
|
|
10 |
* @author Torsten Simon <simon@edu-sharing.net>
|
|
|
11 |
*/
|
|
|
12 |
class EduSharingAuthHelper extends EduSharingHelperAbstract
|
|
|
13 |
{
|
|
|
14 |
/**
|
|
|
15 |
* Function getTicketAuthenticationInfo
|
|
|
16 |
*
|
|
|
17 |
* Gets detailed information about a ticket
|
|
|
18 |
* Will throw an exception if the given ticket is not valid anymore
|
|
|
19 |
* @param string $ticket
|
|
|
20 |
* The ticket, obtained by @getTicketForUser
|
|
|
21 |
* @return array
|
|
|
22 |
* Detailed information about the current session
|
|
|
23 |
* @throws Exception
|
|
|
24 |
* Thrown if the ticket is not valid anymore
|
|
|
25 |
*/
|
|
|
26 |
public function getTicketAuthenticationInfo(string $ticket): array {
|
|
|
27 |
$curl = $this->base->handleCurlRequest($this->base->baseUrl . '/rest/authentication/v1/validateSession', [
|
|
|
28 |
CURLOPT_HTTPHEADER => [
|
|
|
29 |
$this->getRESTAuthenticationHeader($ticket),
|
|
|
30 |
'Accept: application/json',
|
|
|
31 |
'Content-Type: application/json',
|
|
|
32 |
],
|
|
|
33 |
CURLOPT_RETURNTRANSFER => 1,
|
|
|
34 |
CURLOPT_CONNECTTIMEOUT => 5,
|
|
|
35 |
CURLOPT_TIMEOUT => 5
|
|
|
36 |
]);
|
|
|
37 |
if ($curl->content === '') {
|
|
|
38 |
throw new Exception('No answer from repository. Possibly a timeout while trying to connect to ' . $this->base->baseUrl);
|
|
|
39 |
}
|
|
|
40 |
$data = json_decode($curl->content, true, 512, JSON_THROW_ON_ERROR);
|
|
|
41 |
if ($data['statusCode'] !== 'OK') {
|
|
|
42 |
throw new Exception('The given ticket is not valid anymore');
|
|
|
43 |
}
|
|
|
44 |
return $data;
|
|
|
45 |
}
|
|
|
46 |
|
|
|
47 |
/**
|
|
|
48 |
* Function getTicketForUser
|
|
|
49 |
*
|
|
|
50 |
* Fetches the edu-sharing ticket for a given username
|
|
|
51 |
* @param string $username
|
|
|
52 |
* The username you want to generate a ticket for
|
|
|
53 |
* @param array|null $additionalFields
|
|
|
54 |
* additional post fields to submit
|
|
|
55 |
* @return string
|
|
|
56 |
* The ticket, which you can use as an authentication header, see @getRESTAuthenticationHeader
|
|
|
57 |
* @throws AppAuthException
|
|
|
58 |
* @throws Exception
|
|
|
59 |
*/
|
|
|
60 |
public function getTicketForUser(string $username, ?array $additionalFields = null): string {
|
|
|
61 |
$curlOptions = [
|
|
|
62 |
CURLOPT_POST => 1,
|
|
|
63 |
CURLOPT_FAILONERROR => false,
|
|
|
64 |
CURLOPT_RETURNTRANSFER => 1,
|
|
|
65 |
CURLOPT_HTTPHEADER => $this->getSignatureHeaders($username),
|
|
|
66 |
CURLOPT_CONNECTTIMEOUT => 5,
|
|
|
67 |
CURLOPT_TIMEOUT => 5
|
|
|
68 |
];
|
|
|
69 |
if ($additionalFields !== null) {
|
|
|
70 |
$curlOptions[CURLOPT_POSTFIELDS] = json_encode($additionalFields, 512, JSON_THROW_ON_ERROR);
|
|
|
71 |
}
|
|
|
72 |
$curl = $this->base->handleCurlRequest($this->base->baseUrl . '/rest/authentication/v1/appauth/' . rawurlencode($username), $curlOptions);
|
|
|
73 |
if ($curl->content === '') {
|
|
|
74 |
throw new Exception('edu-sharing ticket could not be retrieved: HTTP-Code ' . $curl->info['http_code'] . ': ' . 'No answer from repository. Possibly a timeout while trying to connect to "' . $this->base->baseUrl . '"');
|
|
|
75 |
}
|
|
|
76 |
$data = json_decode($curl->content, true, 512, JSON_THROW_ON_ERROR);
|
|
|
77 |
$gotError = !empty($data['error']);
|
|
|
78 |
$responseOk = $curl->error === 0 && !$gotError && (int)$curl->info['http_code'] ?? 0 === 200;
|
|
|
79 |
if ($responseOk && ($data['userId'] ?? '' === $username || substr($data['userId'], 0, strlen($username) + 1) === $username . '@')) {
|
|
|
80 |
return $data['ticket'];
|
|
|
81 |
}
|
|
|
82 |
throw new AppAuthException($data['message'] ?? '');
|
|
|
83 |
}
|
|
|
84 |
}
|