Documentation

UserSAML extends UserDB
in package
uses FileConfiguration

Represents the application user Handles session management, authentication, and authorization

Table of Contents

Constants

CONFIG_FILE  = "user.saml"
DEFAULT_USERNAME_MAPPING  = "netid"

Properties

$db  : DBInstance
$primaryTable  : string
$profile  : array<string|int, mixed>
$configs  : array<string, array<string|int, mixed>>
$sessionName  : string
$sessionUserId  : mixed
$settings  : array<string|int, mixed>
$usersRepo  : DataRepository

Methods

__construct()  : mixed
Instantiates a new UserSAML by negotiating the login process with a configured SAML Server
getAppConfiguration()  : array<string|int, mixed>
Provides a single instance of the global app configuration to all extenders of CoreObject
getLogger()  : Logger
Provides a single instance of a configured Logger to all extenders of CoreObject
getProfile()  : array<string|int, mixed>
Returns the User's profile
getProfileValue()  : mixed
Retrieves a particular profile value from the User's profile
hashPassword()  : string|false
Hash a plaintext password
initiatelogIn()  : void
Triggers the SAML login request
isAdmin()  : bool
Checks if the User is an administrator
isLoggedIn()  : bool
Checks if the user has a session
logIn()  : bool
Overrides the inherited UserDB login mechanism to guarantee no action/success
logOut()  : bool
Terminates the local session and Initiates the SAML logout process
processLogIn()  : bool
Processes the SAML response and uses it to login a user
buildIn()  : string
Returns a parametrized IN clause for use in a prepared statement
buildInsertStatement()  : string|false
Builds and executes an insert statement
buildMultiRowInsertStatement()  : bool
Builds and executes a single insert statement that inserts multiple new records
buildProfile()  : void
Builds the User's profile data which is exposed to the application
buildUpdateStatement()  : bool
Builds and executes an update statement
checkSettings()  : bool
Verifies that all required settings have some value
configurationFileExists()  : bool
Checks for the existence of a file with the given filename
dbFormatDate()  : string
Returns an appropriate date format function for the SQL language
dbNow()  : string
Returns an appropriate CURRENT TIME function for the SQL language
dbTextMatch()  : string
Returns an appropriate text search function for the SQL language
executeQuery()  : array<string, array<string, string>>|false
Execute a query and return the results as an array
executeUpdate()  : bool
Execute an update query
getConfigurationFromFileName()  : array<string|int, mixed>
Retrieves a config array by its corresponding filename
getLastInsertId()  : string|false
Returns the id of the most recent insert query
getPrimaryTable()  : mixed
Provides the name of the primary table associated with the instance
getSessionName()  : string
Get the name of the session, which is used as a key within the $_SESSION array
getSessionUserId()  : mixed
Get the unique identifier for the User as stored in $_SESSION
loadSettings()  : void
Loads the settings from Pipit configuration and merges them with the defaults from onelogin
logStatementError()  : void
Logs SQL errors to the logger
processUser()  : mixed
Uses the provided username to find/create a matching local user and initiate the session
queryWithIndex()  : array<string|int, mixed>|false
Query the DB and return the rows as a 1 or 2 dimensional indexed array
quote()  : string
quoteArray()  : array<string|int, string>
setSessionName()  : void
Set the name of the session, which is used as a key within the $_SESSION array
setSessionUserId()  : void
Set the unique identifier for the User as stored in $_SESSION
loadConfigurationFile()  : void
Loads and parses a php ini file into an array keyed by ini sections

Constants

CONFIG_FILE

private mixed CONFIG_FILE = "user.saml"

DEFAULT_USERNAME_MAPPING

private mixed DEFAULT_USERNAME_MAPPING = "netid"

Properties

$db

protected DBInstance $db

An instance of the db class, providing the connection to the DB

$primaryTable

protected string $primaryTable

The name of the main db table associated with an instance of DBObject

$profile

protected array<string|int, mixed> $profile

An associative array of the User's profile data

$configs

private array<string, array<string|int, mixed>> $configs = []

An array of configuration arrays

$sessionName

private string $sessionName

A string scoping the user's session variables within their larger PHP $_SESSION array

$sessionUserId

private mixed $sessionUserId

A unique identifier for the User to be stored within their session data

$settings

private array<string|int, mixed> $settings

An array of settings for onelogin configuration

$usersRepo

private DataRepository $usersRepo

A DataRepository representing the app's Users (assumes existence of 'username' and 'issaml' fields)

Methods

__construct()

Instantiates a new UserSAML by negotiating the login process with a configured SAML Server

public __construct(array<string|int, mixed> $inputData, DataRepository $usersRepo) : mixed
Parameters
$inputData : array<string|int, mixed>

The input data from the request

$usersRepo : DataRepository

A DataRepository representing the app's Users (assumes existence of 'username' and 'issaml' fields)

getAppConfiguration()

Provides a single instance of the global app configuration to all extenders of CoreObject

public getAppConfiguration() : array<string|int, mixed>
Return values
array<string|int, mixed>

getLogger()

Provides a single instance of a configured Logger to all extenders of CoreObject

public getLogger() : Logger
Return values
Logger

getProfile()

Returns the User's profile

public getProfile() : array<string|int, mixed>
Return values
array<string|int, mixed>

getProfileValue()

Retrieves a particular profile value from the User's profile

public getProfileValue(string $field) : mixed
Parameters
$field : string

The name of the profile value to retrieve

Return values
mixed

The value of the profile $field, null if the $field is not present on the profile

hashPassword()

Hash a plaintext password

public static hashPassword(string $plaintext) : string|false
Parameters
$plaintext : string

The plaintext password

Return values
string|false

The password hash

initiatelogIn()

Triggers the SAML login request

public initiatelogIn() : void

isAdmin()

Checks if the User is an administrator

public isAdmin() : bool
Return values
bool

isLoggedIn()

Checks if the user has a session

public isLoggedIn() : bool
Return values
bool

True if logged in, false if not

logIn()

Overrides the inherited UserDB login mechanism to guarantee no action/success

public logIn(mixed $username, mixed $password) : bool
Parameters
$username : mixed

The User's username

$password : mixed

The User's password

Return values
bool

True on successful login, false on anything else

logOut()

Terminates the local session and Initiates the SAML logout process

public logOut() : bool
Return values
bool

True on success, false on failure

processLogIn()

Processes the SAML response and uses it to login a user

public processLogIn() : bool
Return values
bool

Returns true on successful login, false on everything else

buildIn()

Returns a parametrized IN clause for use in a prepared statement

protected buildIn(array<string|int, mixed> $ar, array<string|int, mixed> &$bindparams[, string $varprefix = 'v' ]) : string
Parameters
$ar : array<string|int, mixed>

An array of values representing the contents of the IN clause

$bindparams : array<string|int, mixed>

A reference to the caller's array of binded parameters

$varprefix : string = 'v'

Can be used to avoid bind parameter naming collisions when calling multiple times within 1 statement

Return values
string

The resulting IN clause

buildInsertStatement()

Builds and executes an insert statement

protected buildInsertStatement(array<string|int, mixed> $data[, string $table = null ]) : string|false
Parameters
$data : array<string|int, mixed>

An associative array (ColumnName->Value) of data representing the new DB record

$table : string = null

Optional - The table to insert the new record into. Defaults to $primaryTable

Return values
string|false

Returns the ID of the new record on success, false on failure

buildMultiRowInsertStatement()

Builds and executes a single insert statement that inserts multiple new records

protected buildMultiRowInsertStatement(array<string|int, array<string, string>> $rows[, string $table = null ]) : bool
Parameters
$rows : array<string|int, array<string, string>>

An array of associative arrays (ColumnName->Value) of data representing the new DB records

$table : string = null

Optional - The table to insert the new records into. Defaults to $primaryTable

Return values
bool

True on success, false on failure

buildProfile()

Builds the User's profile data which is exposed to the application

protected buildProfile() : void

buildUpdateStatement()

Builds and executes an update statement

protected buildUpdateStatement(string $id, array<string|int, mixed> $data[, string $table = null ]) : bool
Parameters
$id : string

The id of the record to be updated

$data : array<string|int, mixed>

An associative array (ColumnName->Value) of data representing the updated data

$table : string = null

Optional - The table to insert the new record into. Defaults to $primaryTable

Return values
bool

True on success, false on failure

checkSettings()

Verifies that all required settings have some value

protected checkSettings() : bool
Return values
bool

configurationFileExists()

Checks for the existence of a file with the given filename

protected configurationFileExists(string $configurationFileName) : bool
Parameters
$configurationFileName : string

The name of the file without extension or path

Return values
bool

dbFormatDate()

Returns an appropriate date format function for the SQL language

protected dbFormatDate(string $field) : string
Parameters
$field : string

The name of the field to format

Return values
string

dbNow()

Returns an appropriate CURRENT TIME function for the SQL language

protected dbNow() : string
Return values
string

dbTextMatch()

Returns an appropriate text search function for the SQL language

protected dbTextMatch(string $fields, string $value) : string
Parameters
$fields : string

The fields to use for the search (field1,field2,..)

$value : string

The search criteria

Return values
string

executeQuery()

Execute a query and return the results as an array

protected executeQuery(mixed $sql[, array<string|int, mixed> $bindparams = NULL ]) : array<string, array<string, string>>|false 
@param string $sql the SQL query
Parameters
$sql : mixed
$bindparams : array<string|int, mixed> = NULL

: an array of values to be binded by PDO to any query parameters

Return values
array<string, array<string, string>>|false

A two dimensional array representing the resulting rows: array(array("id"=>1,"field"=>"value1"),array("id"=>2","field"=>"value2")), false on failure

executeUpdate()

Execute an update query

protected executeUpdate(mixed $sql[, array<string|int, mixed> $bindparams = NULL ]) : bool 
@param string $sql The SQL query
Parameters
$sql : mixed
$bindparams : array<string|int, mixed> = NULL

An array of values to be binded by PDO to any query parameters

Return values
bool

True on success, false on anything else

getConfigurationFromFileName()

Retrieves a config array by its corresponding filename

protected getConfigurationFromFileName(string $configurationFileName) : array<string|int, mixed>
Parameters
$configurationFileName : string

The name of the file without extension or path

Return values
array<string|int, mixed>

getLastInsertId()

Returns the id of the most recent insert query

protected getLastInsertId() : string|false
Return values
string|false

The id of the last inserted record

getPrimaryTable()

Provides the name of the primary table associated with the instance

protected getPrimaryTable() : mixed

@return string

getSessionName()

Get the name of the session, which is used as a key within the $_SESSION array

protected getSessionName() : string
Return values
string

The name of the session

getSessionUserId()

Get the unique identifier for the User as stored in $_SESSION

protected getSessionUserId() : mixed
Return values
mixed

$userId The User's ID

loadSettings()

Loads the settings from Pipit configuration and merges them with the defaults from onelogin

protected loadSettings() : void

logStatementError()

Logs SQL errors to the logger

protected logStatementError(array<string|int, string> $error[, string $sql = null ]) : void
Parameters
$error : array<string|int, string>

A PDO::errorInfo() error or similar structure

$sql : string = null

The SQL query that triggered the error

processUser()

Uses the provided username to find/create a matching local user and initiate the session

protected processUser(string $userName) : mixed
Parameters
$userName : string

@return boolean Returns true on success, false for anything else

queryWithIndex()

Query the DB and return the rows as a 1 or 2 dimensional indexed array

protected queryWithIndex(string $sql, mixed $index[, string $findex = NULL ][, mixed $bindparams = NULL ]) : array<string|int, mixed>|false
Parameters
$sql : string

The query string @param string $index The table's primary key

$index : mixed
$findex : string = NULL

An optional foreign key from the table (when used, returns a 2 dimensional array, indexed first by $index, second by $findex) @param mixed[] $bindparams An array of values to be binded by PDO to any query parameters

$bindparams : mixed = NULL
Return values
array<string|int, mixed>|false

$results A two (or three) dimensional array representing the resulting rows: array(array("id"=>1,"field"=>"value1"),array("id"=>2","field"=>"value2")), false on failure

quote()

protected quote(string $value) : string
Parameters
$value : string

The value to escape

Tags
Deprecated

Use bind parameters option provided by sql execution methods instead Escape a @value to prep for use in a DB query

Return values
string

The escaped $value

quoteArray()

protected quoteArray(array<string|int, string> $ar) : array<string|int, string>
Parameters
$ar : array<string|int, string>

An array of string values to escape

Tags
Deprecated

Use bind parameters option provided by sql execution methods instead Escapes the contents of an array and returns the result

Return values
array<string|int, string>

The escaped array

setSessionName()

Set the name of the session, which is used as a key within the $_SESSION array

protected setSessionName(string $sessionName) : void
Parameters
$sessionName : string

The name of the session

setSessionUserId()

Set the unique identifier for the User as stored in $_SESSION

protected setSessionUserId([mixed $sessionUserId = null ]) : void
Parameters
$sessionUserId : mixed = null

The User's ID

loadConfigurationFile()

Loads and parses a php ini file into an array keyed by ini sections

private loadConfigurationFile(string $configurationFileName) : void
Parameters
$configurationFileName : string

The name of the file without extension or path


        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results