<?php namespace Wsis; use Wsis\Stubs\UserProfileManager; use Wsis\Stubs\UserStoreManager; use Wsis\Stubs\TenantManager; use Wsis\Stubs\UserInformationRecoveryManager; use Wsis\Stubs\OAuthManager; use Illuminate\Support\Facades\Config; class Wsis { /** * @var UserStoreManager * @access private */ private $userStoreManager; /** * @var * @access private */ private $tenantManager; /** * @var * @access private */ private $userProfileManager; /** * @var * @access private */ private $userInfoRecoveryManager; /** * @var * @access private */ private $oauthManger; /** * @var string * @access private */ private $server; /** * @var string * @access private */ private $service_url; /** * Constructor * * @param string $admin_username * @param string $admin_password * @param string $server * @param string $service_url * @param string $cafile_path * @param bool $verify_peer * @param bool $allow_selfsigned_cer * @throws Exception */ public function __construct($admin_username, $admin_password = null, $server, $service_url,$cafile_path, $verify_peer, $allow_selfsigned_cert) { $context = stream_context_create(array( 'ssl' => array( 'verify_peer' => $verify_peer, "allow_self_signed"=> $allow_selfsigned_cert, 'cafile' => $cafile_path, // 'CN_match' => $server, ) )); $parameters = array( 'login' => $admin_username, 'password' => $admin_password, 'stream_context' => $context, 'trace' => 1, 'features' => SOAP_WAIT_ONE_WAY_CALLS, 'cache_wsdl' => WSDL_CACHE_BOTH ); $this->server = $server; $this->service_url = $service_url; try { $this->userStoreManager = new UserStoreManager($service_url, $parameters); $this->tenantManager = new TenantManager($service_url, $parameters); $this->userProfileManager = new UserProfileManager($service_url, $parameters); $this->userInfoRecoveryManager = new UserInformationRecoveryManager($service_url, $parameters); $this->oauthManger = new OAuthManager(Config::get('pga_config.wsis')['service-url'], $verify_peer, $cafile_path); } catch (Exception $ex) { throw new Exception("Unable to instantiate WSO2 IS client", 0, $ex); } } /** * Function to add new user * * @param string $userName * @param string $password * @return void * @throws Exception */ public function addUser($userName, $password) { try { $this->userStoreManager->addUser($userName, $password); } catch (Exception $ex) { throw new Exception("Unable to add new user", 0, $ex); } } /** * Function to create a new user account. This user account is not active unless activates by the user via * his/her email * * @param $userName * @param $password * @param $email * @param $firstName * @param $lastName * @param $tenantDomain * @throws Exception */ public function registerAccount($userName, $password, $email, $firstName, $lastName, $tenantDomain){ try { $this->userInfoRecoveryManager->registerAccount($userName, $password, $email, $firstName, $lastName, $tenantDomain); } catch (Exception $ex) { throw new Exception("Unable to create a new user account", 0, $ex); } } /** * Function to delete existing user * * @param string $username * @return void * @throws Exception */ public function deleteUser($username) { try { $this->userStoreManager->deleteUser($username); } catch (Exception $ex) { throw new Exception("Unable to delete user", 0, $ex); } } /** * Function to authenticate user * * @param string $username * @param string $password * @return boolean * @throws Exception */ public function authenticate($username, $password){ try { // return $this->userStoreManager->authenticate($username, $password); return $this->oauthManger->getAccessTokenFromPasswordGrantType(Config::get('pga_config.wsis')['oauth-client-key'], Config::get('pga_config.wsis')['oauth-client-secret'], $username, $password); } catch (Exception $ex) { throw new Exception("Unable to authenticate user", 0, $ex); } } /** * Function to get OAuth request code url * @return mixed */ public function getOAuthRequestCodeUrl(){ $url = $this->oauthManger->requestAccessCode(Config::get('pga_config.wsis')['oauth-client-key'], Config::get('pga_config.wsis')['oauth-callback-url']); return $url; } /** * Function to get OAuth Access token * @return string */ public function getOAuthToken($code){ $response = $this->oauthManger->getAccessToken(Config::get('pga_config.wsis')['oauth-client-key'], Config::get('pga_config.wsis')['oauth-client-secret'], $code, Config::get('pga_config.wsis')['oauth-callback-url']); return $response; } /** * Method to get refreshed access token * @param $refreshToken * @return mixed */ public function getRefreshedOAutheToken($refreshToken){ $response = $this->oauthManger->getRefreshedAccessToken(Config::get('pga_config.wsis')['oauth-client-key'], Config::get('pga_config.wsis')['oauth-client-secret'], $refreshToken); return $response; } /** * Function to get user profile from OAuth token * @param $token */ public function getUserProfileFromOAuthToken($token){ $userProfile = $this->oauthManger->getUserProfile($token); //FIXME hacky fix for the CILogon -> OpenID issue in WSO2 IS $sub = $userProfile->sub; if(0 === strpos($sub, 'http:/')){ $mod_sub = substr ($sub ,6); }else{ $mod_sub = $sub; } $userProfile = $this->getUserProfile($mod_sub); $lastname = $userProfile['lastname']; $firstname = $userProfile['firstname']; $email = $userProfile['email']; $roles = $this->getUserRoles($mod_sub); if(!is_array($roles)) $roles = explode(",", $roles); return array('username'=>$sub, 'firstname'=>$firstname, 'lastname'=>$lastname, 'email'=>$email, 'roles'=>$roles); } /** * Function to get the OAuth logout url */ public function getOAuthLogoutUrl(){ return $this->oauthManger->getOAuthLogoutUrl(Config::get('pga_config.wsis')['oauth-callback-url'], Config::get('pga_config.wsis')['oauth-service-provider-id']); } /** * Function to check whether username exists * * @param string $username * @return boolean * @throws Exception */ public function usernameExists($username){ try { return $this->userStoreManager->isExistingUser($username); } catch (Exception $ex) { throw new Exception("Unable to verify username exists", 0, $ex); } } /** * Function to check whether a role is existing * * @param string $roleName * @return IsExistingRoleResponse */ public function isExistingRole( $roleName){ try { return $this->userStoreManager->isExistingRole( $roleName); } catch (Exception $ex) { throw new Exception("Unable to check if the role exists", 0, $ex); } } /** * Function to add new role by providing the role name. * * @param string $roleName */ public function addRole($roleName){ try { return $this->userStoreManager->addRole( $roleName); } catch (Exception $ex) { throw new Exception("Unable to add this role", 0, $ex); } } /** * Function to delete existing role * * @param string $roleName * @return void * @throws Exception */ public function deleteRole($roleName) { try { $this->userStoreManager->deleteRole($roleName); } catch (Exception $ex) { throw new Exception("Unable to delete role", 0, $ex); } } /** * Function to get the list of all existing roles * * @return roles list */ public function getAllRoles(){ try { $roles = $this->userStoreManager->getRoleNames(); return $roles; // return array_filter($roles, "Wsis::nonInternalRoles"); // var_dump($roles);exit; } catch (Exception $ex) { throw new Exception("Unable to get all roles", 0, $ex); } } public function nonInternalRoles($var){ return 0 !== strpos($var, 'Internal/'); } /** * Function to get role of a user * * @return user role */ public function getUserRoles( $username){ try { $roles = $this->userStoreManager->getRoleListOfUser( $username); return $roles; // return array_filter($roles, "Wsis::nonInternalRoles"); } catch (Exception $ex) { throw new Exception("Unable to get User roles.", 0, $ex); } } /** * Function to get the user list of role * * @param GetUserListOfRole $parameters * @return GetUserListOfRoleResponse */ public function getUserListOfRole( $role){ try { return $this->userStoreManager->getUserListOfRole( $role); } catch (Exception $ex) { var_dump( $ex); exit; throw new Exception("Unable to get user list of roles.", 0, $ex); } } /** * Function to update role list of user * * @param UpdateRoleListOfUser $parameters * @return void */ public function updateUserRoles( $username, $roles){ try { return $this->userStoreManager->updateRoleListOfUser( $username, $roles); } catch (Exception $ex) { throw new Exception("Unable to update role of the user.", 0, $ex); } } /** * Function to list users * * @param void * @return void */ public function listUsers(){ try { return $this->userStoreManager->listUsers(); } catch (Exception $ex) { var_dump( $ex->debug_message); throw new Exception("Unable to list users.", 0, $ex); } } /** * Function to search users * @param $phrase * @return string * @throws Exception */ public function searchUsers($phrase){ try { return $this->userStoreManager->searchUsers($phrase); } catch (Exception $ex) { var_dump( $ex->debug_message); throw new Exception("Unable to list users.", 0, $ex); } } /** * Function to get the tenant id * * @param GetTenantId $parameters * @return GetTenantIdResponse */ public function getTenantId(){ try { return $this->userStoreManager->getTenantId(); } catch (Exception $ex) { var_dump( $ex->debug_message); throw new Exception("Unable to get the tenant Id.", 0, $ex); } } /** * Function create a new Tenant * @param $active * @param $adminUsername * @param $adminPassword * @param $email * @param $firstName * @param $lastName * @param $tenantDomain * @throws Exception */ public function createTenant($active, $adminUsername, $adminPassword, $email, $firstName, $lastName, $tenantDomain){ try { $tm = $this->tenantManager->addTenant($active, $adminUsername, $adminPassword, $email, $firstName, $lastName, $tenantDomain); $wsisConfig = Config::get('pga_config.wsis'); $context = stream_context_create(array( 'ssl' => array( 'verify_peer' => $wsisConfig['verify-peer'], "allow_self_signed"=> $wsisConfig['allow-self-signed-cert'], 'cafile' => $wsisConfig['cafile-path'], ) )); $parameters = array( 'login' => $adminUsername. '@' . $tenantDomain, 'password' => $adminPassword, 'stream_context' => $context, 'trace' => 1, 'features' => SOAP_WAIT_ONE_WAY_CALLS, 'cache_wsdl' => WSDL_CACHE_BOTH ); $userProfileManager = new UserProfileManager($wsisConfig['service-url'], $parameters); $userProfileManager->updateUserProfile($adminUsername, $email, $firstName, $lastName); return $tm; } catch (Exception $ex) { throw new Exception("Unable to create Tenant.", 0, $ex); } } public function getTenants(){ try { return $this->tenantManager->retrieveTenants(); } catch (Exception $ex) { throw new Exception("Unable to get Tenants.", 0, $ex); } } /** * Function to update the user profile * @param $username * @param $email * @param $firstName * @param $lastName */ public function updateUserProfile($username, $email, $firstName, $lastName){ $this->userProfileManager->updateUserProfile($username, $email, $firstName, $lastName); } /** * * Function to create a user account. This user account has to be activated by the user via his * email account * @param $username * @param $password * @param $email * @param $firstName * @param $lastName * @param $tenantDomain */ public function registerUserAccount($username, $password, $email, $firstName, $lastName, $organization, $address, $country, $telephone, $mobile, $im, $url, $tenantDomain) { $this->userInfoRecoveryManager->registerAccount($username, $password, $email, $firstName, $lastName, $organization, $address, $country, $telephone, $mobile, $im, $url, $tenantDomain); } /** * Function to confirm user registration * @param $userName * @param $tenantDomain */ public function confirmUserRegistration($userName, $code, $tenantDomain){ return $this->userInfoRecoveryManager->confirmUserRegistration($userName, $code, $tenantDomain); } /** * Function to get the user profile of a user * @param $username */ public function getUserProfile($username){ //FIXME hacky fix for the CILogon -> OpenID issue in WSO2 IS if(0 === strpos($username, 'http:/')){ $username = substr ($username ,6); } $username = str_replace("@".Config::get('pga_config.wsis')['tenant-domain'], "", $username); return $this->userProfileManager->getUserProfile($username); } /** * Method to validate username * @param $username */ public function validateUser($userAnswer, $imagePath, $secretKey, $username){ return $this->userInfoRecoveryManager->validateUsername($userAnswer, $imagePath, $secretKey, $username); } /** * Method to send password reset notification * @param $username */ public function sendPasswordResetNotification($username, $key){ return $this->userInfoRecoveryManager->sendPasswordResetNotification($username, $key); } /** * Method to validate the password reset email confirmation code * @param $username * @param $confirmation * @return mixed */ public function validateConfirmationCode($username, $confirmation){ return $this->userInfoRecoveryManager->validateConfirmationCode($username, $confirmation); } /** * Method to reset user password * @param $username * @param $newPassword * @param $key * @return mixed */ public function resetPassword($username, $newPassword, $key){ return $this->userInfoRecoveryManager->resetPassword($username, $newPassword, $key); } /** * Method to get a capatcha * @return mixed */ public function getCapatcha(){ return $this->userInfoRecoveryManager->getCapatcha(); } }