Ejemplo n.º 1
0
// Load functions...
require_once "example-lib.php";
// Checking configuration...
if ($LIGHTBULB_CONFIG['spi-namemapping'] != "database") {
    echo "This example requires that you are using the <tt>namemapping/database</tt> plugin. Now your configuration points at the <tt>namemapping/" . $LIGHTBULB_CONFIG['spi-namemapping'] . "</tt>.";
    exit;
}
// URL to return user to after authentication. Will be this page :D
$return_url = selfURL();
// URL initiating SSO with lighbulb, contains some configuration parameters.
$ssoinit_url = $LIGHTBULB_CONFIG['baseurl'] . "spSSOInit.php?" . "metaAlias=/sp&" . "RelayState=" . urlencode($return_url);
// Logout URL. Also a openssophp service with some parameters and a return url.
$logout_url = $LIGHTBULB_CONFIG['baseurl'] . "spSLOInit.php?" . "metaAlias=/sp&" . "RelayState=" . urlencode($return_url);
$prompt_url = "prompt.php?goto=" . urlencode($return_url);
$localID = spi_sessionhandling_getUserID();
if (!isset($localID) && !is_null(spi_sessionhandling_getNameID())) {
    // The user is successfully authenticated, but not mapped to a local user account, so will will ask the user to
    // perform a local login.
    header("Location: " . $prompt_url);
    exit;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
	<title>Pat's Example</title>
</head>
<body>
<h1>Welcome to Pat's Example to OpenSSO PHP Extension</h1>
Ejemplo n.º 2
0
// Loading SAML library
require_once '../openssophp/config/config.php';
require_once '../openssophp/lib/saml-lib.php';
// Needs a function to get the token from the php session
require_once '../openssophp/spi/sessionhandling/' . $LIGHTBULB_CONFIG['spi-sessionhandling'] . '.php';
// Needs a function to get the token from the php session
require_once '../openssophp/spi/namemapping/' . $LIGHTBULB_CONFIG['spi-namemapping'] . '.php';
// Load functions...
require_once "example-lib.php";
// URL to return user to after authentication. Will be this page :D
$return_url = selfURL();
// URL initiating SSO with lighbulb, contains some configuration parameters.
$ssoinit_url = $LIGHTBULB_CONFIG['baseurl'] . "spSSOInit.php?" . "metaAlias=/sp&" . "RelayState=" . urlencode($return_url);
// Logout URL. Also a openssophp service with some parameters and a return url.
$logout_url = $LIGHTBULB_CONFIG['baseurl'] . "spSLOInit.php?" . "metaAlias=/sp&" . "RelayState=" . urlencode($return_url);
$userid = $_POST["username"];
$password = $_POST["password"];
$username = authenticateLocalUser($userid, $password);
if (is_null($username)) {
    echo "Error login, probably bad credentials. Sorry.";
    exit;
} else {
    if (!is_null(spi_sessionhandling_getNameID())) {
        // The user is already authenticated to an IdP so we federate the accounts..
        $nameId = getNameID(spi_sessionhandling_getResponse());
        spi_namemapping_mapNameIdToLocalId($nameId["NameQualifier"], $nameId["SPNameQualifier"], spi_sessionhandling_getNameID(), $userid);
    }
    spi_sessionhandling_setUserId($userid);
    header("Location: " . urldecode($_POST["goto"]));
    exit;
}
Ejemplo n.º 3
0
if (!is_null(spi_sessionhandling_getNameID())) {
    ?>
<p>You are already authenticated to an IdP but your identity does not map to a local identity. Please login using a local account below, and your account will be federated with that from the IdP. The next time you login with your IdP account, you will not need to perform a local login.</p><?php 
}
?>
	
	<form action="login.php" method="post">
		<fieldset style="border: 1px solid #999; background: #ffa"><legend>Local authentication</legend>
		<p>Username: <input name="username"></p>
		<p>Password: <input type="password" name="password"></p>
		<input type="hidden" name="goto" value="<?php 
echo urlencode($_GET["goto"]);
?>
">
		<p><input type="submit" Value="Login"></p>
		</fieldset>
	</form>
	
	<?php 
if (is_null(spi_sessionhandling_getNameID())) {
    ?>
<p><a href="<?php 
    echo $ssoinit_url;
    ?>
">Login via IDP</a></p><?php 
}
?>

    </body>
</html>