IsCesnetEligible.php

<?php

declare(strict_types=1);

namespace SimpleSAML\Module\cesnet\Auth\Process;

use SimpleSAML\Auth\ProcessingFilter;
use SimpleSAML\Configuration;
use SimpleSAML\Error\Exception;
use SimpleSAML\Logger;
use SimpleSAML\Module;
use SimpleSAML\Module\perun\Adapter;
use SimpleSAML\Module\perun\AdapterLdap;
use SimpleSAML\Module\perun\AdapterRpc;
use SimpleSAML\Module\perun\ChallengeManager;
use SimpleSAML\Module\perun\LdapConnector;
use SimpleSAML\Module\perun\model\User;

/**
 * Class IsCesnetEligible.
 *
 * This class put the timestamp of last login into list of Attributes, when at least one value of attribute
 * 'eduPersonScopedAffiliation' is marked as isCesnetEligible in CESNET LDAP
 */
class IsCesnetEligible extends ProcessingFilter
{
    public const CONFIG_FILE_NAME = 'module_cesnet_IsCesnetEligible.php';

    public const ORGANIZATION_LDAP_BASE = 'ou=Organizations,o=eduID.cz,o=apps,dc=cesnet,dc=cz';

    public const INTERFACE_PROPNAME = 'interface';

    public const ATTR_NAME = 'attrName';

    public const RPC_ATTRIBUTE_NAME = 'RPC.attributeName';

    public const LDAP_ATTRIBUTE_NAME = 'LDAP.attributeName';

    public const DEFAULT_ATTR_NAME = 'isCesnetEligibleLastSeen';

    public const LDAP = 'LDAP';

    public const RPC = 'RPC';

    public const SCRIPT_NAME = 'updateIsCesnetEligible';

    public const PERUN_USER_AFFILIATIONS_ATTR_NAME = 'perunUserAffiliationsAttrName';

    public const PERUN_USER_SPONSORING_ORGANIZATIONS_ATTR_NAME = 'perunUserSponsoringOrganizationsAttrName';

    private $cesnetEligibleLastSeenValue;

    private $interface = self::RPC;

    private $rpcAttrName;

    private $ldapAttrName;

    private $returnAttrName = self::DEFAULT_ATTR_NAME;

    private $userAffiliationsAttrName;

    private $userSponsoringOrganizationsAttrName;

    private $idpEntityId;

    private $eduPersonScopedAffiliation = [];

    /**
     * @var LdapConnector