Ejemplo n.º 1
0
 /**
  * Get URL to follow to get logged out
  * @return string
  */
 public function getLogoutUrl()
 {
     if (empty($GLOBALS['sugar_config']['SAML_SLO'])) {
         return;
     }
     $auth = new OneLogin_Saml2_Auth(SAMLAuthenticate::loadSettings());
     $req = new OneLogin_Saml2_LogoutRequest($auth->getSettings());
     return $GLOBALS['sugar_config']['SAML_SLO'] . "?SAMLRequest=" . urlencode($req->getRequest());
 }
Ejemplo n.º 2
0
Archivo: index.php Proyecto: DbyD/cruk
<?php

/**
 *  SAML Handler
 */
session_start();
require_once dirname(dirname(__FILE__)) . '/_toolkit_loader.php';
require_once 'settings_example.php';
/*
echo "Settings info ";
var_dump($settingsInfo);
*/
$auth = new OneLogin_Saml2_Auth($settingsInfo);
if (isset($_GET['sso'])) {
    $auth->login();
    # If AuthNRequest ID need to be saved in order to later validate it, do instead
    # $ssoBuiltUrl = $auth->login(null, array(), false, false, true);
    # $_SESSION['AuthNRequestID'] = $auth->getLastRequestID();
    # header('Pragma: no-cache');
    # header('Cache-Control: no-cache, must-revalidate');
    # header('Location: ' . $ssoBuiltUrl);
    # exit();
} else {
    if (isset($_GET['sso2'])) {
        $returnTo = $spBaseUrl . '/demo1/attrs.php';
        $auth->login($returnTo);
    } else {
        if (isset($_GET['slo'])) {
            $returnTo = null;
            $paramters = array();
            $nameId = null;
Ejemplo n.º 3
0
define("TOOLKIT_PATH", dirname(__FILE__) . '/../../functions/php-saml/');
require_once TOOLKIT_PATH . '_toolkit_loader.php';
// We load the SAML2 lib
// get SAML2 settings from db
$dbobj = $Tools->fetch_object("usersAuthMethod", "type", "SAML2");
if (!$dbobj) {
    $Result->show("danger", "SAML settings not found in database", true);
}
//decode authentication module params
$params = json_decode($dbobj->params);
//if using advanced settings, instantiate without db settings
if ($params->advanced == "1") {
    $auth = new OneLogin_Saml2_Auth();
} else {
    $settings = array('sp' => array('entityId' => $Tools->createURL(), 'assertionConsumerService' => array('url' => create_link('saml2')), 'singleLogoutService' => array('url' => $Tools->createURL()), 'NameIDFormat' => 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified'), 'idp' => array('entityId' => $params->idpissuer, 'singleSignOnService' => array('url' => $params->idplogin), 'singleLogoutService' => array('url' => $params->idplogout), 'certFingerprint' => $params->idpcertfingerprint, 'certFingerprintAlgorithm' => $params->idpcertalgorithm));
    $auth = new OneLogin_Saml2_Auth($settings);
}
//if SAMLResponse is not in the request, create an authnrequest and send it to the idp
if (!isset($_POST["SAMLResponse"])) {
    $ssoBuiltUrl = $auth->login(null, array(), false, false, true);
    $_SESSION['AuthNRequestID'] = $auth->getLastRequestID();
    header('Pragma: no-cache');
    header('Cache-Control: no-cache, must-revalidate');
    header('Location: ' . $ssoBuiltUrl);
    exit;
} else {
    //process the authentication response
    if (isset($_SESSION) && isset($_SESSION['AuthNRequestID'])) {
        $requestID = $_SESSION['AuthNRequestID'];
    } else {
        $requestID = null;
Ejemplo n.º 4
0
<?php

/**
 *  SP Single Logout Service Endpoint
 */
session_start();
require_once dirname(dirname(__FILE__)) . '/_toolkit_loader.php';
$auth = new OneLogin_Saml2_Auth();
$auth->processSLO();
$errors = $auth->getErrors();
if (empty($errors)) {
    print_r('Sucessfully logged out');
} else {
    print_r(implode(', ', $errors));
}
Ejemplo n.º 5
0
 public function __construct($settings = null)
 {
     $auth = new OneLogin_Saml2_Auth($settings);
     $this->_settings = $auth->getSettings();
 }
Ejemplo n.º 6
0
 /**
  * Tests the setStrict method of the OneLogin_Saml2_Auth
  *
  * @covers OneLogin_Saml2_Auth::setStrict
  */
 public function testSetStrict()
 {
     $settingsDir = TEST_ROOT . '/settings/';
     include $settingsDir . 'settings1.php';
     $settingsInfo['strict'] = false;
     $auth = new OneLogin_Saml2_Auth($settingsInfo);
     $settings = $auth->getSettings();
     $this->assertFalse($settings->isStrict());
     $auth->setStrict(true);
     $settings = $auth->getSettings();
     $this->assertTrue($settings->isStrict());
     $auth->setStrict(false);
     $settings = $auth->getSettings();
     $this->assertFalse($settings->isStrict());
     try {
         $auth->setStrict('a');
         $this->assertTrue(false);
     } catch (Exception $e) {
         $this->assertContains('Assertion "is_bool($value)" failed', $e->getMessage());
     }
 }
Ejemplo n.º 7
0
<?php

date_default_timezone_set("Asia/Taipei");
/**
 *  SAML Handler
 */
session_start();
require_once './vendor/autoload.php';
require_once 'settings.php';
$auth = new OneLogin_Saml2_Auth($settingsInfo);
if (isset($_GET['sso'])) {
    $auth->login('http://localhost/hw4/php/forum.php');
} else {
    if (isset($_GET['sso2'])) {
        $returnTo = $spBaseUrl . '/php/attrs.php';
        $auth->login($returnTo);
    } else {
        if (isset($_GET['slo'])) {
            $returnTo = null;
            $paramters = array();
            $nameId = null;
            $sessionIndex = null;
            if (isset($_SESSION['samlNameId'])) {
                $nameId = $_SESSION['samlNameId'];
            }
            if (isset($_SESSION['samlSessionIndex'])) {
                $sessionIndex = $_SESSION['samlSessionIndex'];
            }
            $auth->logout($returnTo, $paramters, $nameId, $sessionIndex);
        } else {
            if (isset($_GET['acs'])) {
Ejemplo n.º 8
0
<?php

/**
 *  SP Assertion Consumer Service Endpoint
 */
session_start();
require_once dirname(dirname(__FILE__)) . '/_toolkit_loader.php';
$auth = new OneLogin_Saml2_Auth();
$auth->processResponse();
$errors = $auth->getErrors();
if (!empty($errors)) {
    print_r('<p>' . implode(', ', $errors) . '</p>');
    exit;
}
if (!$auth->isAuthenticated()) {
    echo "<p>Not authenticated</p>";
    exit;
}
$_SESSION['samlUserdata'] = $auth->getAttributes();
$_SESSION['IdPSessionIndex'] = $auth->getSessionIndex();
if (isset($_POST['RelayState']) && OneLogin_Saml2_Utils::getSelfURL() != $_POST['RelayState']) {
    $auth->redirectTo($_POST['RelayState']);
}
$attributes = $_SESSION['samlUserdata'];
if (!empty($attributes)) {
    echo '<h1>' . _('User attributes:') . '</h1>';
    echo '<table><thead><th>' . _('Name') . '</th><th>' . _('Values') . '</th></thead><tbody>';
    foreach ($attributes as $attributeName => $attributeValues) {
        echo '<tr><td>' . htmlentities($attributeName) . '</td><td><ul>';
        foreach ($attributeValues as $attributeValue) {
            echo '<li>' . htmlentities($attributeValue) . '</li>';
Ejemplo n.º 9
0
 /**
  * Constructor that process the SAML Response,
  * Internally initializes an SP SAML instance
  * and an OneLogin_Saml2_Response.
  *
  * @param OneLogin_Saml_Settings $oldSettings Settings
  * @param string                 $$assertion  SAML Response
  */
 public function __construct($oldSettings, $assertion)
 {
     $auth = new OneLogin_Saml2_Auth($oldSettings);
     $settings = $auth->getSettings();
     parent::__construct($settings, $assertion);
 }
Ejemplo n.º 10
0
<?php

/**
 * SAMPLE Code to demonstrate how to initiate a SAML Authorization request
 *
 * When the user visits this URL, the browser will be redirected to the SSO
 * IdP with an authorization request. If successful, it will then be
 * redirected to the consume URL (specified in settings) with the auth
 * details.
 */
session_start();
require_once '../_toolkit_loader.php';
$auth = new OneLogin_Saml2_Auth();
if (!isset($_SESSION['samlUserdata'])) {
    $auth->login();
} else {
    $indexUrl = str_replace('/sso.php', '/index.php', OneLogin_Saml2_Utils::getSelfURLNoQuery());
    OneLogin_Saml2_Utils::redirect($indexUrl);
}
Ejemplo n.º 11
0
<?php

/**
 *  SP Metadata Endpoint
 */
require_once dirname(dirname(__FILE__)) . '/_toolkit_loader.php';
try {
    $auth = new OneLogin_Saml2_Auth();
    $settings = $auth->getSettings();
    $metadata = $settings->getSPMetadata();
    $errors = $settings->validateMetadata($metadata);
    if (empty($errors)) {
        header('Content-Type: text/xml');
        echo $metadata;
    } else {
        throw new OneLogin_Saml2_Error('Invalid SP metadata: ' . implode(', ', $errors), OneLogin_Saml2_Error::METADATA_SP_INVALID);
    }
} catch (Exception $e) {
    echo $e->getMessage();
}
Ejemplo n.º 12
0
<?php

/**
 *  SAML Handler
 */
session_start();
require_once dirname(dirname(__FILE__)) . '/_toolkit_loader.php';
require_once 'settings.php';
$auth = new OneLogin_Saml2_Auth($settingsInfo);
if (isset($_GET['sso'])) {
    $auth->login();
} else {
    if (isset($_GET['sso2'])) {
        $returnTo = $spBaseUrl . '/demo1/attrs.php';
        $auth->login($returnTo);
    } else {
        if (isset($_GET['slo'])) {
            $auth->logout();
        } else {
            if (isset($_GET['acs'])) {
                $auth->processResponse();
                $errors = $auth->getErrors();
                if (!empty($errors)) {
                    print_r('<p>' . implode(', ', $errors) . '</p>');
                }
                if (!$auth->isAuthenticated()) {
                    echo "<p>Not authenticated</p>";
                    exit;
                }
                $_SESSION['samlUserdata'] = $auth->getAttributes();
                if (isset($_POST['RelayState']) && OneLogin_Saml2_Utils::getSelfURL() != $_POST['RelayState']) {
 private function procesar_logout(OneLogin_Saml2_Auth $auth)
 {
     if (!is_null(toba::memoria()->get_parametro('sls'))) {
         $auth->processSLO();
     } elseif (isset($_GET['slo'])) {
         $auth->logout();
     }
     $this->verificar_errores_onelogin($auth);
 }
Ejemplo n.º 14
0
 /**
  * Call the getErrors method on OneLogin_Saml2_Auth.
  */
 public function getErrors()
 {
     return $this->instance->getErrors();
 }
Ejemplo n.º 15
0
 public function logout($returnTo = null, $parameters = array(), $nameId = null, $sessionIndex = null)
 {
     parent::logout($returnTo, $parameters, $nameId, $sessionIndex);
 }