blob: fdac71ee1c44374ff9b342b3b947347291f4b2ea [file] [log] [blame]
<?php
namespace Wsis;
use Wsis\Stubs\UserProfileManager;
use Wsis\Stubs\UserStoreManager;
use Wsis\Stubs\TenantManager;
use Wsis\Stubs\UserInformationRecoveryManager;
use Wsis\Stubs\OAuthManager;
use Illuminate\Support\Facades\Config;
class Wsis {
/**
* @var UserStoreManager
* @access private
*/
private $userStoreManager;
/**
* @var
* @access private
*/
private $tenantManager;
/**
* @var
* @access private
*/
private $userProfileManager;
/**
* @var
* @access private
*/
private $userInfoRecoveryManager;
/**
* @var
* @access private
*/
private $oauthManger;
/**
* @var string
* @access private
*/
private $server;
/**
* @var string
* @access private
*/
private $service_url;
/**
* Constructor
*
* @param string $admin_username
* @param string $admin_password
* @param string $server
* @param string $service_url
* @param string $cafile_path
* @param bool $verify_peer
* @param bool $allow_selfsigned_cer
* @throws Exception
*/
public function __construct($admin_username, $admin_password = null, $server,
$service_url,$cafile_path, $verify_peer, $allow_selfsigned_cert) {
$context = stream_context_create(array(
'ssl' => array(
'verify_peer' => $verify_peer,
"allow_self_signed"=> $allow_selfsigned_cert,
'cafile' => $cafile_path,
// 'CN_match' => $server,
)
));
$parameters = array(
'login' => $admin_username,
'password' => $admin_password,
'stream_context' => $context,
'trace' => 1,
'features' => SOAP_WAIT_ONE_WAY_CALLS,
'cache_wsdl' => WSDL_CACHE_BOTH
);
$this->server = $server;
$this->service_url = $service_url;
try {
$this->userStoreManager = new UserStoreManager($service_url, $parameters);
$this->tenantManager = new TenantManager($service_url, $parameters);
$this->userProfileManager = new UserProfileManager($service_url, $parameters);
$this->userInfoRecoveryManager = new UserInformationRecoveryManager($service_url, $parameters);
$this->oauthManger = new OAuthManager(Config::get('pga_config.wsis')['service-url'], $verify_peer, $cafile_path);
} catch (Exception $ex) {
throw new Exception("Unable to instantiate WSO2 IS client", 0, $ex);
}
}
/**
* Function to add new user
*
* @param string $userName
* @param string $password
* @return void
* @throws Exception
*/
public function addUser($userName, $password) {
try {
$this->userStoreManager->addUser($userName, $password);
} catch (Exception $ex) {
throw new Exception("Unable to add new user", 0, $ex);
}
}
/**
* Function to create a new user account. This user account is not active unless activates by the user via
* his/her email
*
* @param $userName
* @param $password
* @param $email
* @param $firstName
* @param $lastName
* @param $tenantDomain
* @throws Exception
*/
public function registerAccount($userName, $password, $email, $firstName, $lastName, $tenantDomain){
try {
$this->userInfoRecoveryManager->registerAccount($userName, $password, $email, $firstName, $lastName, $tenantDomain);
} catch (Exception $ex) {
throw new Exception("Unable to create a new user account", 0, $ex);
}
}
/**
* Function to delete existing user
*
* @param string $username
* @return void
* @throws Exception
*/
public function deleteUser($username) {
try {
$this->userStoreManager->deleteUser($username);
} catch (Exception $ex) {
throw new Exception("Unable to delete user", 0, $ex);
}
}
/**
* Function to authenticate user
*
* @param string $username
* @param string $password
* @return boolean
* @throws Exception
*/
public function authenticate($username, $password){
try {
// return $this->userStoreManager->authenticate($username, $password);
return $this->oauthManger->getAccessTokenFromPasswordGrantType(Config::get('pga_config.wsis')['oauth-client-key'],
Config::get('pga_config.wsis')['oauth-client-secret'], $username, $password);
} catch (Exception $ex) {
throw new Exception("Unable to authenticate user", 0, $ex);
}
}
/**
* Function to get OAuth request code url
* @return mixed
*/
public function getOAuthRequestCodeUrl(){
$url = $this->oauthManger->requestAccessCode(Config::get('pga_config.wsis')['oauth-client-key'],
Config::get('pga_config.wsis')['oauth-callback-url']);
return $url;
}
/**
* Function to get OAuth Access token
* @return string
*/
public function getOAuthToken($code){
$response = $this->oauthManger->getAccessToken(Config::get('pga_config.wsis')['oauth-client-key'],
Config::get('pga_config.wsis')['oauth-client-secret'], $code,
Config::get('pga_config.wsis')['oauth-callback-url']);
return $response;
}
/**
* Method to get refreshed access token
* @param $refreshToken
* @return mixed
*/
public function getRefreshedOAutheToken($refreshToken){
$response = $this->oauthManger->getRefreshedAccessToken(Config::get('pga_config.wsis')['oauth-client-key'],
Config::get('pga_config.wsis')['oauth-client-secret'], $refreshToken);
return $response;
}
/**
* Function to get user profile from OAuth token
* @param $token
*/
public function getUserProfileFromOAuthToken($token){
$userProfile = $this->oauthManger->getUserProfile($token);
//FIXME hacky fix for the CILogon -> OpenID issue in WSO2 IS
$sub = $userProfile->sub;
if(0 === strpos($sub, 'http:/')){
$mod_sub = substr ($sub ,6);
}else{
$mod_sub = $sub;
}
$userProfile = $this->getUserProfile($mod_sub);
$lastname = $userProfile['lastname'];
$firstname = $userProfile['firstname'];
$email = $userProfile['email'];
$roles = $this->getUserRoles($mod_sub);
if(!is_array($roles))
$roles = explode(",", $roles);
return array('username'=>$sub, 'firstname'=>$firstname, 'lastname'=>$lastname, 'email'=>$email, 'roles'=>$roles);
}
/**
* Function to get the OAuth logout url
*/
public function getOAuthLogoutUrl(){
return $this->oauthManger->getOAuthLogoutUrl(Config::get('pga_config.wsis')['oauth-callback-url'],
Config::get('pga_config.wsis')['oauth-service-provider-id']);
}
/**
* Function to check whether username exists
*
* @param string $username
* @return boolean
* @throws Exception
*/
public function usernameExists($username){
try {
return $this->userStoreManager->isExistingUser($username);
} catch (Exception $ex) {
throw new Exception("Unable to verify username exists", 0, $ex);
}
}
/**
* Function to check whether a role is existing
*
* @param string $roleName
* @return IsExistingRoleResponse
*/
public function isExistingRole( $roleName){
try {
return $this->userStoreManager->isExistingRole( $roleName);
} catch (Exception $ex) {
throw new Exception("Unable to check if the role exists", 0, $ex);
}
}
/**
* Function to add new role by providing the role name.
*
* @param string $roleName
*/
public function addRole($roleName){
try {
return $this->userStoreManager->addRole( $roleName);
} catch (Exception $ex) {
throw new Exception("Unable to add this role", 0, $ex);
}
}
/**
* Function to delete existing role
*
* @param string $roleName
* @return void
* @throws Exception
*/
public function deleteRole($roleName) {
try {
$this->userStoreManager->deleteRole($roleName);
} catch (Exception $ex) {
throw new Exception("Unable to delete role", 0, $ex);
}
}
/**
* Function to get the list of all existing roles
*
* @return roles list
*/
public function getAllRoles(){
try {
$roles = $this->userStoreManager->getRoleNames();
return $roles;
// return array_filter($roles, "Wsis::nonInternalRoles");
// var_dump($roles);exit;
} catch (Exception $ex) {
throw new Exception("Unable to get all roles", 0, $ex);
}
}
public function nonInternalRoles($var){
return 0 !== strpos($var, 'Internal/');
}
/**
* Function to get role of a user
*
* @return user role
*/
public function getUserRoles( $username){
try {
$roles = $this->userStoreManager->getRoleListOfUser( $username);
return $roles;
// return array_filter($roles, "Wsis::nonInternalRoles");
} catch (Exception $ex) {
throw new Exception("Unable to get User roles.", 0, $ex);
}
}
/**
* Function to get the user list of role
*
* @param GetUserListOfRole $parameters
* @return GetUserListOfRoleResponse
*/
public function getUserListOfRole( $role){
try {
return $this->userStoreManager->getUserListOfRole( $role);
} catch (Exception $ex) {
var_dump( $ex); exit;
throw new Exception("Unable to get user list of roles.", 0, $ex);
}
}
/**
* Function to update role list of user
*
* @param UpdateRoleListOfUser $parameters
* @return void
*/
public function updateUserRoles( $username, $roles){
try {
return $this->userStoreManager->updateRoleListOfUser( $username, $roles);
} catch (Exception $ex) {
throw new Exception("Unable to update role of the user.", 0, $ex);
}
}
/**
* Function to list users
*
* @param void
* @return void
*/
public function listUsers(){
try {
return $this->userStoreManager->listUsers();
} catch (Exception $ex) {
var_dump( $ex->debug_message);
throw new Exception("Unable to list users.", 0, $ex);
}
}
/**
* Function to search users
* @param $phrase
* @return string
* @throws Exception
*/
public function searchUsers($phrase){
try {
return $this->userStoreManager->searchUsers($phrase);
} catch (Exception $ex) {
var_dump( $ex->debug_message);
throw new Exception("Unable to list users.", 0, $ex);
}
}
/**
* Function to get the tenant id
*
* @param GetTenantId $parameters
* @return GetTenantIdResponse
*/
public function getTenantId(){
try {
return $this->userStoreManager->getTenantId();
} catch (Exception $ex) {
var_dump( $ex->debug_message);
throw new Exception("Unable to get the tenant Id.", 0, $ex);
}
}
/**
* Function create a new Tenant
* @param $active
* @param $adminUsername
* @param $adminPassword
* @param $email
* @param $firstName
* @param $lastName
* @param $tenantDomain
* @throws Exception
*/
public function createTenant($active, $adminUsername, $adminPassword, $email,
$firstName, $lastName, $tenantDomain){
try {
$tm = $this->tenantManager->addTenant($active, $adminUsername, $adminPassword, $email,
$firstName, $lastName, $tenantDomain);
$wsisConfig = Config::get('pga_config.wsis');
$context = stream_context_create(array(
'ssl' => array(
'verify_peer' => $wsisConfig['verify-peer'],
"allow_self_signed"=> $wsisConfig['allow-self-signed-cert'],
'cafile' => $wsisConfig['cafile-path'],
)
));
$parameters = array(
'login' => $adminUsername. '@' . $tenantDomain,
'password' => $adminPassword,
'stream_context' => $context,
'trace' => 1,
'features' => SOAP_WAIT_ONE_WAY_CALLS,
'cache_wsdl' => WSDL_CACHE_BOTH
);
$userProfileManager = new UserProfileManager($wsisConfig['service-url'], $parameters);
$userProfileManager->updateUserProfile($adminUsername, $email, $firstName, $lastName);
return $tm;
} catch (Exception $ex) {
throw new Exception("Unable to create Tenant.", 0, $ex);
}
}
public function getTenants(){
try {
return $this->tenantManager->retrieveTenants();
} catch (Exception $ex) {
throw new Exception("Unable to get Tenants.", 0, $ex);
}
}
/**
* Function to update the user profile
* @param $username
* @param $email
* @param $firstName
* @param $lastName
*/
public function updateUserProfile($username, $email, $firstName, $lastName){
$this->userProfileManager->updateUserProfile($username, $email, $firstName, $lastName);
}
/**
*
* Function to create a user account. This user account has to be activated by the user via his
* email account
* @param $username
* @param $password
* @param $email
* @param $firstName
* @param $lastName
* @param $tenantDomain
*/
public function registerUserAccount($username, $password, $email, $firstName, $lastName, $organization, $address, $country, $telephone, $mobile, $im, $url, $tenantDomain)
{
$this->userInfoRecoveryManager->registerAccount($username, $password, $email, $firstName,
$lastName, $organization, $address, $country, $telephone, $mobile, $im, $url, $tenantDomain);
}
/**
* Function to confirm user registration
* @param $userName
* @param $tenantDomain
*/
public function confirmUserRegistration($userName, $code, $tenantDomain){
return $this->userInfoRecoveryManager->confirmUserRegistration($userName, $code, $tenantDomain);
}
/**
* Function to get the user profile of a user
* @param $username
*/
public function getUserProfile($username){
//FIXME hacky fix for the CILogon -> OpenID issue in WSO2 IS
if(0 === strpos($username, 'http:/')){
$username = substr ($username ,6);
}
$username = str_replace("@".Config::get('pga_config.wsis')['tenant-domain'], "", $username);
return $this->userProfileManager->getUserProfile($username);
}
/**
* Method to validate username
* @param $username
*/
public function validateUser($userAnswer, $imagePath, $secretKey, $username){
return $this->userInfoRecoveryManager->validateUsername($userAnswer, $imagePath, $secretKey, $username);
}
/**
* Method to send password reset notification
* @param $username
*/
public function sendPasswordResetNotification($username, $key){
return $this->userInfoRecoveryManager->sendPasswordResetNotification($username, $key);
}
/**
* Method to validate the password reset email confirmation code
* @param $username
* @param $confirmation
* @return mixed
*/
public function validateConfirmationCode($username, $confirmation){
return $this->userInfoRecoveryManager->validateConfirmationCode($username, $confirmation);
}
/**
* Method to reset user password
* @param $username
* @param $newPassword
* @param $key
* @return mixed
*/
public function resetPassword($username, $newPassword, $key){
return $this->userInfoRecoveryManager->resetPassword($username, $newPassword, $key);
}
/**
* Method to get a capatcha
* @return mixed
*/
public function getCapatcha(){
return $this->userInfoRecoveryManager->getCapatcha();
}
}