API Documentation
\

\Horde_Core_Auth_Application

The Horde_Core_Auth_Application class provides application-specific authentication built on top of the horde/Auth API.

Summary

Methods
Properties
Constants
__construct()
authenticate()
validateAuth()
addUser()
lockUser()
unlockUser()
isLocked()
updateUser()
removeUser()
listUsers()
listNames()
exists()
transparent()
resetPassword()
hasCapability()
getParam()
getCredential()
setCredential()
setError()
getError()
getLoginParams()
requireAuth()
runHook()
No public properties found
REASON_BROWSER
REASON_SESSIONIP
REASON_SESSIONMAXTIME
_authenticate()
_setAuth()
_setView()
$_app
$_appCapabilities
$_base
$_view
$_capabilities
N/A
No private methods found
No private properties found
N/A

Constants

REASON_BROWSER

REASON_BROWSER

Authentication failure reasons (additions to Horde_Auth:: reasons): - REASON_BROWSER: A browser change was detected - REASON_SESSIONIP: Logout due to change of IP address during session - REASON_SESSIONMAXTIME: Logout due to the session exceeding the maximum allowed length.

REASON_SESSIONIP

REASON_SESSIONIP

REASON_SESSIONMAXTIME

REASON_SESSIONMAXTIME

Properties

$_app

$_app : string

Application for authentication.

Type

string

$_appCapabilities

$_appCapabilities : array

The list of application capabilities.

Type

array

$_base

$_base : \Horde_Auth_Base

The base auth driver, used for Horde authentication.

Type

\Horde_Auth_Base

$_view

$_view : string

The view mode.

Type

string

$_capabilities

$_capabilities : array

Available capabilities.

Type

array

Methods

__construct()

__construct(array  $params = array())

Constructor.

Parameters

array $params

Required parameters:

  • app: (string) The application which is providing authentication.
  • base: (Horde_Auth_Base) The base Horde_Auth driver. Only needed if 'app' is 'horde'.

Throws

\InvalidArgumentException

authenticate()

authenticate(string  $userId, array  $credentials, boolean  $login = true) : boolean

Finds out if a set of login credentials are valid, and if requested, mark the user as logged in in the current session.

Parameters

string $userId

The user ID to check.
array $credentials

The credentials to check.
boolean $login

Whether to log the user in. If false, we'll only test the credentials and won't modify the current session. Defaults to true.

Returns

boolean —

Whether or not the credentials are valid.

validateAuth()

validateAuth() : boolean

Checks for triggers that may invalidate the current auth.

These triggers are independent of the credentials.

Returns

boolean —

True if the results of authenticate() are still valid.

addUser()

addUser(string  $userId, array  $credentials)

Add a set of authentication credentials.

Parameters

string $userId

The user ID to add.
array $credentials

The credentials to use.

Throws

\Horde_Auth_Exception

lockUser()

lockUser(string  $userId, integer  $time)

Locks a user indefinitely or for a specified time

Parameters

string $userId

The userId to lock.
integer $time

The duration in seconds, 0 = permanent

Throws

\Horde_Auth_Exception

unlockUser()

unlockUser(string  $userId, boolean  $resetBadLogins = false)

Unlocks a user and optionally resets bad login count

Parameters

string $userId

The userId to unlock.
boolean $resetBadLogins

Reset bad login counter, default no.

Throws

\Horde_Auth_Exception

isLocked()

isLocked(string  $userId, boolean  $show_details = false)

Checks if $userId is currently locked.

Parameters

string $userId

The userId to check.
boolean $show_details

Toggle array format with timeout.

Throws

\Horde_Auth_Exception

updateUser()

updateUser(string  $oldID, string  $newID, array  $credentials)

Update a set of authentication credentials.

Parameters

string $oldID

The old user ID.
string $newID

The new user ID.
array $credentials

The new credentials

Throws

\Horde_Auth_Exception

removeUser()

removeUser(string  $userId)

Delete a set of authentication credentials.

Parameters

string $userId

The user ID to delete.

Throws

\Horde_Auth_Exception

listUsers()

listUsers(  $sort = false) : array

List all users in the system.

Parameters

$sort

Throws

\Horde_Auth_Exception

Returns

array —

The array of user IDs.

listNames()

listNames() : array

List all users in the system with their real names.

Throws

\Horde_Auth_Exception

Returns

array —

The array of user IDs as keys and names as values.

exists()

exists(string  $userId) : boolean

Checks if a user ID exists in the system.

Parameters

string $userId

User ID to check.

Returns

boolean —

Whether or not the user ID already exists.

transparent()

transparent() : boolean

Automatic authentication.

Throws

\Horde_Auth_Exception

Returns

boolean —

Whether or not the client is allowed.

resetPassword()

resetPassword(string  $userId) : string

Reset a user's password. Used for example when the user does not remember the existing password.

Parameters

string $userId

The user ID for which to reset the password.

Throws

\Horde_Auth_Exception

Returns

string —

The new password on success.

hasCapability()

hasCapability(string  $capability) : boolean

Queries the current driver to find out if it supports the given capability.

Parameters

string $capability

The capability to test for.

Returns

boolean —

Whether or not the capability is supported.

getParam()

getParam(string  $param) : string

Returns the named parameter for the current auth driver.

Parameters

string $param

The parameter to fetch.

Returns

string —

The parameter's value, or null if it doesn't exist.

getCredential()

getCredential(mixed  $name = null) : mixed

Retrieve internal credential value(s).

Parameters

mixed $name

The credential value to get. If null, will return the entire credential list. Valid names:

  • change: (boolean) Do credentials need to be changed?
  • credentials: (array) The credentials needed to authenticate.
  • expire: (integer) UNIX timestamp of the credential expiration date.
  • userId: (string) The user ID.

Returns

mixed —

Return the credential information, or null if the credential doesn't exist.

setCredential()

setCredential(string  $name, mixed  $value)

Set internal credential value.

Parameters

string $name

The credential name to set.
mixed $value

The credential value to set. See getCredential() for the list of valid credentials/types.

setError()

setError(string  $type, string  $msg = null)

Sets the error message for an invalid authentication.

Parameters

string $type

The type of error (HordeAuth::REASON* constant).
string $msg

The error message/reason for invalid authentication.

getError()

getError(boolean  $msg = false) : mixed

Returns the error type or message for an invalid authentication.

Parameters

boolean $msg

If true, returns the message string (if set).

Returns

mixed —

Error type, error message (if $msg is true) or false if entry doesn't exist.

getLoginParams()

getLoginParams() : array

Returns information on what login parameters to display on the login screen.

Throws

\Horde_Exception

Returns

array —

An array with the following keys:

'js_code' - (array) A list of javascript statements to be included.
'js_files' - (array) A list of javascript files to be included.
'params' - (array) A list of parameters to display on the login screen.
           Each entry is an array with the following entries:
           'label' - (string) The label of the entry.
           'type' - (string) 'select', 'text', or 'password'.
           'value' - (mixed) If type is 'text' or 'password', the
                     text to insert into the field by default. If type
                     is 'select', an array with they keys as the
                     option values and an array with the following keys:
                     'hidden' - (boolean) If true, the option will be
                                hidden.
                     'name' - (string) The option label.
                     'selected' - (boolean) If true, will be selected
                                  by default.

requireAuth()

requireAuth() : boolean

Indicate whether the application requires authentication.

Returns

boolean —

True if application requires authentication.

runHook()

runHook(string  $userId, array  $credentials, string  $type, string  $method = null) : array

Runs the pre/post-authenticate hook and parses the result.

Parameters

string $userId

The userId who has been authorized.
array $credentials

The credentials of the user.
string $type

Either 'preauthenticate' or 'postauthenticate'.
string $method

The triggering method (preauthenticate only). Either 'authenticate' or 'transparent'.

Throws

\Horde_Auth_Exception

Returns

array —

Two element array, $userId and $credentials.

_authenticate()

_authenticate(string  $userId, array  $credentials)

Find out if a set of login credentials are valid.

Parameters

string $userId

The user ID to check.
array $credentials

The credentials to use. This object will always be available in the 'auth_ob' key.

Throws

\Horde_Auth_Exception

_setAuth()

_setAuth() : boolean

Set authentication credentials in the Horde session.

Returns

boolean —

True on success, false on failure.

_setView()

_setView()

Sets the default global view mode in the horde session. This can be checked by applications, and overridden if desired. Also sets a cookie to remember the last view selection if applicable.