ChoiceAuth
extends AbstractBase
in package
ChoiceAuth Authentication plugin
This module enables a user to choose between two authentication methods. choices are presented side-by-side and one is manually selected.
See config.ini for more details
Tags
Table of Contents
- $config : Config
- Configuration settings
- $configValidated : bool
- Has the configuration been validated?
- $dbServiceManager : PluginManager
- Database service plugin manager
- $manager : PluginManager
- Plugin manager for obtaining other authentication objects
- $session : Container
- Session container
- $strategies : array<string|int, mixed>
- Authentication strategies to present
- $strategy : string
- Auth strategy selected by user
- $translator : TranslatorInterface
- Translator
- $userSetterMap : mixed
- Map of database column name to setter method for UserEntityInterface objects.
- __construct() : mixed
- Constructor
- authenticate() : UserEntityInterface
- Attempt to authenticate the current user. Throws exception if login fails.
- create() : UserEntityInterface
- Create a new user account from the request.
- getConfig() : Config
- Get configuration (load automatically if not previously set). Throw an exception if the configuration is invalid.
- getDbService() : T
- Get a database service object.
- getDbServiceManager() : PluginManager
- Get the service plugin manager. Throw an exception if it is missing.
- getDelegateAuthMethod() : string|bool
- Returns any authentication method this request should be delegated to.
- getPasswordPolicy() : array<string|int, mixed>
- Password policy for a new password (e.g. minLength, maxLength)
- getPluginManager() : PluginManager
- Get the manager for loading other authentication plugins.
- getPolicyConfig() : array<string|int, mixed>
- Get a policy configuration
- getSelectableAuthOptions() : array<string|int, mixed>
- Return an array of authentication options allowed by this class.
- getSelectedAuthOption() : bool|string
- If an authentication strategy has been selected, return the active option.
- getSessionInitiator() : bool|string
- Get the URL to establish a session (needed when the internal VuFind login form is inadequate). Returns false when no session initiator is needed.
- getTranslator() : TranslatorInterface
- Get translator object.
- getTranslatorLocale() : string
- Get the locale from the translator.
- getUsernamePolicy() : array<string|int, mixed>
- Username policy for a new account (e.g. minLength, maxLength)
- getUserService() : UserServiceInterface
- Get access to the user table.
- isExpired() : bool
- Has the user's login expired?
- logout() : string
- Perform cleanup at logout time.
- needsCsrfCheck() : bool
- Whether this authentication method needs CSRF checking for the request.
- preLoginCheck() : void
- Inspect the user's request prior to processing a login request; this is essentially an event hook which most auth modules can ignore. See ChoiceAuth for a use case example.
- resetState() : void
- Reset any internal status; this is essentially an event hook which most auth modules can ignore. See ChoiceAuth for a use case example.
- setConfig() : void
- Set configuration; throw an exception if it is invalid.
- setDbServiceManager() : void
- Set the service plugin manager.
- setPluginManager() : void
- Set the manager for loading other authentication plugins.
- setStrategy() : void
- Set the active strategy
- setTranslator() : TranslatorAwareInterface
- Set a translator
- supportsConnectingLibraryCard() : bool
- Does this authentication method support connecting library card of currently authenticated user?
- supportsCreation() : bool
- Does this authentication method support account creation?
- supportsPasswordChange() : bool
- Does this authentication method support password changing
- supportsPasswordRecovery() : bool
- Does this authentication method support password recovery
- translate() : string
- Translate a string (or string-castable object)
- translateWithPrefix() : string
- Translate a string (or string-castable object) using a prefix, or without the prefix if a prefixed translation is not found.
- updatePassword() : UserEntityInterface
- Update a user's password from the request.
- validateCredentials() : bool
- Validate the credentials in the provided request, but do not change the state of the current logged-in user. Return true for valid credentials, false otherwise.
- debug() : void
- Log a debug message.
- extractTextDomain() : array<string|int, mixed>
- Given a translation string with or without a text domain, return an array with the raw string and the text domain separated.
- getCannedPolicyHint() : string|null
- Return a canned username or password policy hint when available
- getDebugTranslation() : string
- Build a debug-mode translation
- getOrCreateUserByUsername() : UserEntityInterface
- Look up a user by username; create a new entity if no match is found.
- hasLegalStrategy() : bool
- Is the configured strategy on the list of legal options?
- log() : void
- Send a message to the logger.
- logError() : void
- Log an error message.
- logWarning() : void
- Log a warning message.
- proxyAuthMethod() : mixed
- Proxy auth method; a helper function to be called like: return $this->proxyAuthMethod(METHOD, func_get_args());
- proxyUserLoad() : mixed
- Proxy auth method that checks the request for an active method and then loads a UserEntityInterface object from the database (e.g. authenticate or create).
- sanitizeTranslationKey() : string
- Make sure there are not any illegal characters in the translation key that might prevent successful lookup in language files.
- saveUserAndCredentials() : void
- Save user and any ILS credentials.
- setStrategyFromRequest() : void
- Set the active strategy based on the auth_method value in the request, if found.
- setUserValueByField() : void
- Set a value in a UserEntityObject using a field name.
- translateString() : string
- Get translation for a string
- validateConfig() : void
- Validate configuration parameters. This is a support method for getConfig(), so the configuration MUST be accessed using $this->config; do not call $this->getConfig() from within this method!
- validatePasswordAgainstPolicy() : void
- Verify that a password fulfills the password policy. Throws exception if the password is invalid.
- validateStringAgainstPolicy() : void
- Verify that a username or password fulfills the given policy. Throws exception if the string is invalid.
- validateUsernameAgainstPolicy() : void
- Verify that a username fulfills the username policy. Throws exception if the username is invalid.
Properties
$config
Configuration settings
protected
Config
$config
= null
$configValidated
Has the configuration been validated?
protected
bool
$configValidated
= false
$dbServiceManager
Database service plugin manager
protected
PluginManager
$dbServiceManager
$manager
Plugin manager for obtaining other authentication objects
protected
PluginManager
$manager
$session
Session container
protected
Container
$session
$strategies
Authentication strategies to present
protected
array<string|int, mixed>
$strategies
= []
$strategy
Auth strategy selected by user
protected
string
$strategy
$translator
Translator
protected
TranslatorInterface
$translator
= null
$userSetterMap
Map of database column name to setter method for UserEntityInterface objects.
protected
mixed
$userSetterMap
= ['cat_username' => 'setCatUsername', 'college' => 'setCollege', 'email' => 'setEmail', 'firstname' => 'setFirstname', 'lastname' => 'setLastname', 'home_library' => 'setHomeLibrary', 'major' => 'setMajor']
Methods
__construct()
Constructor
public
__construct(Container $container) : mixed
Parameters
- $container : Container
-
Session container for retaining user choices.
Return values
mixed —authenticate()
Attempt to authenticate the current user. Throws exception if login fails.
public
authenticate(Request $request) : UserEntityInterface
Parameters
- $request : Request
-
Request object containing account credentials.
Tags
Return values
UserEntityInterface —Object representing logged-in user.
create()
Create a new user account from the request.
public
create(Request $request) : UserEntityInterface
Parameters
- $request : Request
-
Request object containing new account details.
Tags
Return values
UserEntityInterface —New user entity.
getConfig()
Get configuration (load automatically if not previously set). Throw an exception if the configuration is invalid.
public
getConfig() : Config
Tags
Return values
Config —getDbService()
Get a database service object.
public
getDbService(class-string<\VuFind\Db\Service\T> $name) : T
Parameters
- $name : class-string<\VuFind\Db\Service\T>
-
Name of service to retrieve
Tags
Return values
T —getDbServiceManager()
Get the service plugin manager. Throw an exception if it is missing.
public
getDbServiceManager() : PluginManager
Tags
Return values
PluginManager —getDelegateAuthMethod()
Returns any authentication method this request should be delegated to.
public
getDelegateAuthMethod(Request $request) : string|bool
Parameters
- $request : Request
-
Request object.
Tags
Return values
string|bool —getPasswordPolicy()
Password policy for a new password (e.g. minLength, maxLength)
public
getPasswordPolicy() : array<string|int, mixed>
Return values
array<string|int, mixed> —getPluginManager()
Get the manager for loading other authentication plugins.
public
getPluginManager() : PluginManager
Tags
Return values
PluginManager —getPolicyConfig()
Get a policy configuration
public
getPolicyConfig(string $type) : array<string|int, mixed>
Parameters
- $type : string
-
Policy type (password or username)
Return values
array<string|int, mixed> —getSelectableAuthOptions()
Return an array of authentication options allowed by this class.
public
getSelectableAuthOptions() : array<string|int, mixed>
Return values
array<string|int, mixed> —getSelectedAuthOption()
If an authentication strategy has been selected, return the active option.
public
getSelectedAuthOption() : bool|string
If not, return false.
Return values
bool|string —getSessionInitiator()
Get the URL to establish a session (needed when the internal VuFind login form is inadequate). Returns false when no session initiator is needed.
public
getSessionInitiator(string $target) : bool|string
Parameters
- $target : string
-
Full URL where external authentication strategy should send user after login (some drivers may override this).
Return values
bool|string —getTranslator()
Get translator object.
public
getTranslator() : TranslatorInterface
Return values
TranslatorInterface —getTranslatorLocale()
Get the locale from the translator.
public
getTranslatorLocale([string $default = 'en' ]) : string
Parameters
- $default : string = 'en'
-
Default to use if translator absent.
Return values
string —getUsernamePolicy()
Username policy for a new account (e.g. minLength, maxLength)
public
getUsernamePolicy() : array<string|int, mixed>
Return values
array<string|int, mixed> —getUserService()
Get access to the user table.
public
getUserService() : UserServiceInterface
Return values
UserServiceInterface —isExpired()
Has the user's login expired?
public
isExpired() : bool
Return values
bool —logout()
Perform cleanup at logout time.
public
logout(string $url) : string
Parameters
- $url : string
-
URL to redirect user to after logging out.
Tags
Return values
string —Redirect URL (usually same as $url, but modified in some authentication modules).
needsCsrfCheck()
Whether this authentication method needs CSRF checking for the request.
public
needsCsrfCheck(Request $request) : bool
Parameters
- $request : Request
-
Request object.
Tags
Return values
bool —preLoginCheck()
Inspect the user's request prior to processing a login request; this is essentially an event hook which most auth modules can ignore. See ChoiceAuth for a use case example.
public
preLoginCheck(Request $request) : void
Parameters
- $request : Request
-
Request object.
Tags
Return values
void —resetState()
Reset any internal status; this is essentially an event hook which most auth modules can ignore. See ChoiceAuth for a use case example.
public
resetState() : void
Return values
void —setConfig()
Set configuration; throw an exception if it is invalid.
public
setConfig(Config $config) : void
Parameters
- $config : Config
-
Configuration to set
Tags
Return values
void —setDbServiceManager()
Set the service plugin manager.
public
setDbServiceManager(PluginManager $manager) : void
Parameters
- $manager : PluginManager
-
Plugin manager
Return values
void —setPluginManager()
Set the manager for loading other authentication plugins.
public
setPluginManager(PluginManager $manager) : void
Parameters
- $manager : PluginManager
-
Plugin manager
Return values
void —setStrategy()
Set the active strategy
public
setStrategy(string $strategy) : void
Parameters
- $strategy : string
-
New strategy
Return values
void —setTranslator()
Set a translator
public
setTranslator(TranslatorInterface $translator) : TranslatorAwareInterface
Parameters
- $translator : TranslatorInterface
-
Translator
Return values
TranslatorAwareInterface —supportsConnectingLibraryCard()
Does this authentication method support connecting library card of currently authenticated user?
public
supportsConnectingLibraryCard() : bool
Return values
bool —supportsCreation()
Does this authentication method support account creation?
public
supportsCreation() : bool
Return values
bool —supportsPasswordChange()
Does this authentication method support password changing
public
supportsPasswordChange() : bool
Return values
bool —supportsPasswordRecovery()
Does this authentication method support password recovery
public
supportsPasswordRecovery() : bool
Return values
bool —translate()
Translate a string (or string-castable object)
public
translate(string|object|array<string|int, mixed> $target[, array<string|int, mixed> $tokens = [] ][, string $default = null ][, bool $useIcuFormatter = false ][, array<string|int, string> $fallbackDomains = [] ]) : string
Parameters
- $target : string|object|array<string|int, mixed>
-
String to translate or an array of text domain and string to translate
- $tokens : array<string|int, mixed> = []
-
Tokens to inject into the translated string
- $default : string = null
-
Default value to use if no translation is found (null for no default).
- $useIcuFormatter : bool = false
-
Should we use an ICU message formatter instead of the default behavior?
- $fallbackDomains : array<string|int, string> = []
-
Text domains to check if no match is found in the domain specified in $target
Return values
string —translateWithPrefix()
Translate a string (or string-castable object) using a prefix, or without the prefix if a prefixed translation is not found.
public
translateWithPrefix(string $prefix, string|object|array<string|int, mixed> $target[, array<string|int, mixed> $tokens = [] ][, string $default = null ][, bool $useIcuFormatter = false ][, array<string|int, string> $fallbackDomains = [] ]) : string
Parameters
- $prefix : string
-
Translation key prefix
- $target : string|object|array<string|int, mixed>
-
String to translate or an array of text domain and string to translate
- $tokens : array<string|int, mixed> = []
-
Tokens to inject into the translated string
- $default : string = null
-
Default value to use if no translation is found (null for no default).
- $useIcuFormatter : bool = false
-
Should we use an ICU message formatter instead of the default behavior?
- $fallbackDomains : array<string|int, string> = []
-
Text domains to check if no match is found in the domain specified in $target
Return values
string —updatePassword()
Update a user's password from the request.
public
updatePassword(Request $request) : UserEntityInterface
Parameters
- $request : Request
-
Request object containing password change details.
Tags
Return values
UserEntityInterface —Updated user entity.
validateCredentials()
Validate the credentials in the provided request, but do not change the state of the current logged-in user. Return true for valid credentials, false otherwise.
public
validateCredentials(Request $request) : bool
Parameters
- $request : Request
-
Request object containing account credentials.
Tags
Return values
bool —debug()
Log a debug message.
protected
debug(string $msg[, array<string|int, mixed> $context = [] ][, bool $prependClass = true ]) : void
Parameters
- $msg : string
-
Log message
- $context : array<string|int, mixed> = []
-
Log context
- $prependClass : bool = true
-
Prepend class name to message?
Return values
void —extractTextDomain()
Given a translation string with or without a text domain, return an array with the raw string and the text domain separated.
protected
extractTextDomain(string|object|array<string|int, mixed> $target) : array<string|int, mixed>
Parameters
- $target : string|object|array<string|int, mixed>
-
String to translate or an array of text domain and string to translate
Return values
array<string|int, mixed> —getCannedPolicyHint()
Return a canned username or password policy hint when available
protected
getCannedPolicyHint(string $type, string|null $pattern) : string|null
Parameters
- $type : string
-
Policy type (password or username)
- $pattern : string|null
-
Current policy pattern
Return values
string|null —getDebugTranslation()
Build a debug-mode translation
protected
getDebugTranslation(string $domain, string $str, array<string|int, mixed> $tokens) : string
Parameters
- $domain : string
-
Text domain
- $str : string
-
String to translate
- $tokens : array<string|int, mixed>
-
Tokens to inject into the translated string
Return values
string —getOrCreateUserByUsername()
Look up a user by username; create a new entity if no match is found.
protected
getOrCreateUserByUsername(string $username) : UserEntityInterface
Parameters
- $username : string
-
Username
Tags
Return values
UserEntityInterface —hasLegalStrategy()
Is the configured strategy on the list of legal options?
protected
hasLegalStrategy() : bool
Return values
bool —log()
Send a message to the logger.
protected
log(string $level, string $message[, array<string|int, mixed> $context = [] ][, bool $prependClass = false ]) : void
Parameters
- $level : string
-
Log level
- $message : string
-
Log message
- $context : array<string|int, mixed> = []
-
Log context
- $prependClass : bool = false
-
Prepend class name to message?
Return values
void —logError()
Log an error message.
protected
logError(string $msg[, array<string|int, mixed> $context = [] ][, bool $prependClass = true ]) : void
Parameters
- $msg : string
-
Log message
- $context : array<string|int, mixed> = []
-
Log context
- $prependClass : bool = true
-
Prepend class name to message?
Return values
void —logWarning()
Log a warning message.
protected
logWarning(string $msg[, array<string|int, mixed> $context = [] ][, bool $prependClass = true ]) : void
Parameters
- $msg : string
-
Log message
- $context : array<string|int, mixed> = []
-
Log context
- $prependClass : bool = true
-
Prepend class name to message?
Return values
void —proxyAuthMethod()
Proxy auth method; a helper function to be called like: return $this->proxyAuthMethod(METHOD, func_get_args());
protected
proxyAuthMethod(string $method, array<string|int, mixed> $params) : mixed
Parameters
- $method : string
-
the method to proxy
- $params : array<string|int, mixed>
-
array of params to pass
Tags
Return values
mixed —proxyUserLoad()
Proxy auth method that checks the request for an active method and then loads a UserEntityInterface object from the database (e.g. authenticate or create).
protected
proxyUserLoad(Request $request, string $method, array<string|int, mixed> $params) : mixed
Parameters
- $request : Request
-
Request object to check.
- $method : string
-
the method to proxy
- $params : array<string|int, mixed>
-
array of params to pass
Tags
Return values
mixed —sanitizeTranslationKey()
Make sure there are not any illegal characters in the translation key that might prevent successful lookup in language files.
protected
sanitizeTranslationKey(string $key) : string
Parameters
- $key : string
-
Key to sanitize
Return values
string —Sanitized key
saveUserAndCredentials()
Save user and any ILS credentials.
protected
saveUserAndCredentials(UserEntityInterface $user, string|null $catPassword, ILSAuthenticator $ilsAuthenticator) : void
Also updates user card data if library cards are enabled.
Parameters
- $user : UserEntityInterface
-
User
- $catPassword : string|null
-
ILS catalog password
- $ilsAuthenticator : ILSAuthenticator
-
ILS authenticator
Return values
void —setStrategyFromRequest()
Set the active strategy based on the auth_method value in the request, if found.
protected
setStrategyFromRequest(Request $request) : void
Parameters
- $request : Request
-
Request object to check.
Return values
void —setUserValueByField()
Set a value in a UserEntityObject using a field name.
protected
setUserValueByField(UserEntityInterface $user, string $field, mixed $value) : void
Parameters
- $user : UserEntityInterface
-
User to update
- $field : string
-
Field name being updated
- $value : mixed
-
New value to set
Tags
Return values
void —translateString()
Get translation for a string
protected
translateString(string $rawStr[, array<string|int, mixed> $tokens = [] ][, string $default = null ][, string $domain = 'default' ][, bool $useIcuFormatter = false ]) : string
Parameters
- $rawStr : string
-
String to translate
- $tokens : array<string|int, mixed> = []
-
Tokens to inject into the translated string
- $default : string = null
-
Default value to use if no translation is found (null for no default).
- $domain : string = 'default'
-
Text domain (omit for default)
- $useIcuFormatter : bool = false
-
Should we use an ICU message formatter instead of the default behavior?
Return values
string —validateConfig()
Validate configuration parameters. This is a support method for getConfig(), so the configuration MUST be accessed using $this->config; do not call $this->getConfig() from within this method!
protected
validateConfig() : void
Tags
Return values
void —validatePasswordAgainstPolicy()
Verify that a password fulfills the password policy. Throws exception if the password is invalid.
protected
validatePasswordAgainstPolicy(string $password) : void
Parameters
- $password : string
-
Password to verify
Tags
Return values
void —validateStringAgainstPolicy()
Verify that a username or password fulfills the given policy. Throws exception if the string is invalid.
protected
validateStringAgainstPolicy(string $type, array<string|int, mixed> $policy, string $string) : void
Parameters
- $type : string
-
Policy type (password or username)
- $policy : array<string|int, mixed>
-
Policy configuration
- $string : string
-
String to verify
Tags
Return values
void —validateUsernameAgainstPolicy()
Verify that a username fulfills the username policy. Throws exception if the username is invalid.
protected
validateUsernameAgainstPolicy(string $username) : void
Parameters
- $username : string
-
Password to verify