Documentation

Horde_Core_Auth_Application extends Horde_Auth_Base
in package

The Horde_Core_Auth_Application class provides application-specific authentication built on top of the horde/Auth API.

Tags
author

Chuck Hagenbuch chuck@horde.org

author

Michael Slusarz slusarz@horde.org

category

Horde

license

http://opensource.org/licenses/lgpl-2.1.php LGPL

Table of Contents

Constants

REASON_BROWSER  = 100
Authentication failure reasons (additions to Horde_Auth:: reasons): - REASON_BROWSER: A browser change was detected - REASON_SESSIONIP: Logout due to change of IP address during session - REASON_SESSIONMAXTIME: Logout due to the session exceeding the maximum allowed length.
REASON_SESSIONIP  = 101
REASON_SESSIONMAXTIME  = 102

Properties

$_app  : string
Application for authentication.
$_appCapabilities  : array<string|int, mixed>
The list of application capabilities.
$_base  : Horde_Auth_Base
The base auth driver, used for Horde authentication.
$_capabilities  : array<string|int, mixed>
Available capabilities.
$_view  : string
The view mode.

Methods

__construct()  : mixed
Constructor.
addUser()  : mixed
Add a set of authentication credentials.
authenticate()  : bool
Finds out if a set of login credentials are valid, and if requested, mark the user as logged in in the current session.
exists()  : bool
Checks if a user ID exists in the system.
getCredential()  : mixed
Retrieve internal credential value(s).
getError()  : mixed
Returns the error type or message for an invalid authentication.
getLoginParams()  : array<string|int, mixed>
Returns information on what login parameters to display on the login screen.
getParam()  : string
Returns the named parameter for the current auth driver.
hasCapability()  : bool
Queries the current driver to find out if it supports the given capability.
isLocked()  : mixed
Checks if $userId is currently locked.
listNames()  : array<string|int, mixed>
List all users in the system with their real names.
listUsers()  : array<string|int, mixed>
List all users in the system.
lockUser()  : mixed
Locks a user indefinitely or for a specified time
removeUser()  : mixed
Delete a set of authentication credentials.
requireAuth()  : bool
Indicate whether the application requires authentication.
resetPassword()  : string
Reset a user's password. Used for example when the user does not remember the existing password.
runHook()  : array<string|int, mixed>
Runs the pre/post-authenticate hook and parses the result.
setCredential()  : mixed
Set internal credential value.
setError()  : mixed
Sets the error message for an invalid authentication.
transparent()  : bool
Automatic authentication.
unlockUser()  : mixed
Unlocks a user and optionally resets bad login count
updateUser()  : mixed
Update a set of authentication credentials.
validateAuth()  : bool
Checks for triggers that may invalidate the current auth.
_authenticate()  : mixed
Find out if a set of login credentials are valid.
_setAuth()  : bool
Set authentication credentials in the Horde session.
_setView()  : mixed
Sets the default global view mode in the horde session. This can be checked by applications, and overridden if desired. Also sets a cookie to remember the last view selection if applicable.

Constants

REASON_BROWSER

Authentication failure reasons (additions to Horde_Auth:: reasons): - REASON_BROWSER: A browser change was detected - REASON_SESSIONIP: Logout due to change of IP address during session - REASON_SESSIONMAXTIME: Logout due to the session exceeding the maximum allowed length.

public mixed REASON_BROWSER = 100

REASON_SESSIONIP

public mixed REASON_SESSIONIP = 101

REASON_SESSIONMAXTIME

public mixed REASON_SESSIONMAXTIME = 102

Properties

$_app

Application for authentication.

protected string $_app = 'horde'

$_appCapabilities

The list of application capabilities.

protected array<string|int, mixed> $_appCapabilities

$_base

The base auth driver, used for Horde authentication.

protected Horde_Auth_Base $_base

$_capabilities

Available capabilities.

protected array<string|int, mixed> $_capabilities = array('add' => \true, 'authenticate' => \true, 'exists' => \true, 'list' => \true, 'remove' => \true, 'resetpassword' => \true, 'transparent' => \true, 'update' => \true, 'validate' => \true)

$_view

The view mode.

protected string $_view = 'auto'

Methods

__construct()

Constructor.

public __construct([array<string|int, mixed> $params = array() ]) : mixed
Parameters
$params : array<string|int, mixed> = array()

Required parameters:

  • app: (string) The application which is providing authentication.
  • base: (Horde_Auth_Base) The base Horde_Auth driver. Only needed if 'app' is 'horde'.
Tags
throws
InvalidArgumentException

addUser()

Add a set of authentication credentials.

public addUser(string $userId, array<string|int, mixed> $credentials) : mixed
Parameters
$userId : string

The user ID to add.

$credentials : array<string|int, mixed>

The credentials to use.

Tags
throws
Horde_Auth_Exception

authenticate()

Finds out if a set of login credentials are valid, and if requested, mark the user as logged in in the current session.

public authenticate(string $userId, array<string|int, mixed> $credentials[, bool $login = true ]) : bool
Parameters
$userId : string

The user ID to check.

$credentials : array<string|int, mixed>

The credentials to check.

$login : bool = true

Whether to log the user in. If false, we'll only test the credentials and won't modify the current session. Defaults to true.

Return values
bool

Whether or not the credentials are valid.

exists()

Checks if a user ID exists in the system.

public exists(string $userId) : bool
Parameters
$userId : string

User ID to check.

Return values
bool

Whether or not the user ID already exists.

getCredential()

Retrieve internal credential value(s).

public getCredential([mixed $name = null ]) : mixed
Parameters
$name : mixed = null

The credential value to get. If null, will return the entire credential list. Valid names:

  • change: (boolean) Do credentials need to be changed?
  • credentials: (array) The credentials needed to authenticate.
  • expire: (integer) UNIX timestamp of the credential expiration date.
  • userId: (string) The user ID.
Return values
mixed

Return the credential information, or null if the credential doesn't exist.

getError()

Returns the error type or message for an invalid authentication.

public getError([bool $msg = false ]) : mixed
Parameters
$msg : bool = false

If true, returns the message string (if set).

Return values
mixed

Error type, error message (if $msg is true) or false if entry doesn't exist.

getLoginParams()

Returns information on what login parameters to display on the login screen.

public getLoginParams() : array<string|int, mixed>
Tags
throws
Horde_Exception
Return values
array<string|int, mixed>

An array with the following keys:

'js_code' - (array) A list of javascript statements to be included.
'js_files' - (array) A list of javascript files to be included.
'params' - (array) A list of parameters to display on the login screen.
           Each entry is an array with the following entries:
           'label' - (string) The label of the entry.
           'type' - (string) 'select', 'text', or 'password'.
           'value' - (mixed) If type is 'text' or 'password', the
                     text to insert into the field by default. If type
                     is 'select', an array with they keys as the
                     option values and an array with the following keys:
                     'hidden' - (boolean) If true, the option will be
                                hidden.
                     'name' - (string) The option label.
                     'selected' - (boolean) If true, will be selected
                                  by default.

getParam()

Returns the named parameter for the current auth driver.

public getParam(string $param) : string
Parameters
$param : string

The parameter to fetch.

Return values
string

The parameter's value, or null if it doesn't exist.

hasCapability()

Queries the current driver to find out if it supports the given capability.

public hasCapability(string $capability) : bool
Parameters
$capability : string

The capability to test for.

Return values
bool

Whether or not the capability is supported.

isLocked()

Checks if $userId is currently locked.

public isLocked(string $userId[, bool $show_details = false ]) : mixed
Parameters
$userId : string

The userId to check.

$show_details : bool = false

Toggle array format with timeout.

Tags
throws
Horde_Auth_Exception

listNames()

List all users in the system with their real names.

public listNames() : array<string|int, mixed>
Tags
since

Horde_Core 2.23.0

throws
Horde_Auth_Exception
Return values
array<string|int, mixed>

The array of user IDs as keys and names as values.

listUsers()

List all users in the system.

public listUsers([mixed $sort = false ]) : array<string|int, mixed>
Parameters
$sort : mixed = false
Tags
throws
Horde_Auth_Exception
Return values
array<string|int, mixed>

The array of user IDs.

lockUser()

Locks a user indefinitely or for a specified time

public lockUser(string $userId[, int $time = 0 ]) : mixed
Parameters
$userId : string

The userId to lock.

$time : int = 0

The duration in seconds, 0 = permanent

Tags
throws
Horde_Auth_Exception

removeUser()

Delete a set of authentication credentials.

public removeUser(string $userId) : mixed
Parameters
$userId : string

The user ID to delete.

Tags
throws
Horde_Auth_Exception

requireAuth()

Indicate whether the application requires authentication.

public requireAuth() : bool
Return values
bool

True if application requires authentication.

resetPassword()

Reset a user's password. Used for example when the user does not remember the existing password.

public resetPassword(string $userId) : string
Parameters
$userId : string

The user ID for which to reset the password.

Tags
throws
Horde_Auth_Exception
Return values
string

The new password on success.

runHook()

Runs the pre/post-authenticate hook and parses the result.

public runHook(string $userId, array<string|int, mixed> $credentials, string $type[, string $method = null ]) : array<string|int, mixed>
Parameters
$userId : string

The userId who has been authorized.

$credentials : array<string|int, mixed>

The credentials of the user.

$type : string

Either 'preauthenticate' or 'postauthenticate'.

$method : string = null

The triggering method (preauthenticate only). Either 'authenticate' or 'transparent'.

Tags
throws
Horde_Auth_Exception
Return values
array<string|int, mixed>

Two element array, $userId and $credentials.

setCredential()

Set internal credential value.

public setCredential(string $name, mixed $value) : mixed
Parameters
$name : string

The credential name to set.

$value : mixed

The credential value to set. See getCredential() for the list of valid credentials/types.

setError()

Sets the error message for an invalid authentication.

public setError(string $type[, string $msg = null ]) : mixed
Parameters
$type : string

The type of error (Horde_Auth::REASON_* constant).

$msg : string = null

The error message/reason for invalid authentication.

transparent()

Automatic authentication.

public transparent() : bool
Tags
throws
Horde_Auth_Exception
Return values
bool

Whether or not the client is allowed.

unlockUser()

Unlocks a user and optionally resets bad login count

public unlockUser(string $userId[, bool $resetBadLogins = false ]) : mixed
Parameters
$userId : string

The userId to unlock.

$resetBadLogins : bool = false

Reset bad login counter, default no.

Tags
throws
Horde_Auth_Exception

updateUser()

Update a set of authentication credentials.

public updateUser(string $oldID, string $newID, array<string|int, mixed> $credentials) : mixed
Parameters
$oldID : string

The old user ID.

$newID : string

The new user ID.

$credentials : array<string|int, mixed>

The new credentials

Tags
throws
Horde_Auth_Exception

validateAuth()

Checks for triggers that may invalidate the current auth.

public validateAuth() : bool

These triggers are independent of the credentials.

Return values
bool

True if the results of authenticate() are still valid.

_authenticate()

Find out if a set of login credentials are valid.

protected _authenticate(string $userId, array<string|int, mixed> $credentials) : mixed
Parameters
$userId : string

The user ID to check.

$credentials : array<string|int, mixed>

The credentials to use. This object will always be available in the 'auth_ob' key.

Tags
throws
Horde_Auth_Exception

_setAuth()

Set authentication credentials in the Horde session.

protected _setAuth() : bool
Return values
bool

True on success, false on failure.

_setView()

Sets the default global view mode in the horde session. This can be checked by applications, and overridden if desired. Also sets a cookie to remember the last view selection if applicable.

protected _setView() : mixed

        
On this page

Search results