<?php
/**
* This demonstrates the emulation of "lazy" sessions. The $_SERVER attributes will only
* be appended to if the user's shibalike session is valid.
*/
require '_inc.php';
$sp = new Shibalike\SP(getStateManager(), getConfig());
$sp->initLazySession();
// the "application"
// _SERVER vars may not exist!
$name = empty($_SERVER['displayname']) ? 'Anonymous' : $_SERVER['displayname'];
header('Content-Type: text/html;charset=utf-8');
echo "<h1>Hello, " . htmlspecialchars($name, ENT_QUOTES, 'UTF-8') . "!</h1>";
echo "<p>This is a non-protected resource with a \"lazy\" session. Access the <a href='protected.php'>protected resource</a>.</p>";
echo "<p><a href='sp.php?sign-in'>Sign in</a> | <a href='sp.php?sign-out'>Sign out</a></p>";
<?php
/**
* All you need for an IdP is an authentication process and a way to get user
* attributes. Once you trust the identity of the user, you mark them as authenticated,
* which fetches and stores their attributes in the state manager.
*/
require '_inc.php';
$idp = new Shibalike\IdP(getStateManager(), getAttrStore(), getConfig());
// crude authentication
if (!empty($_POST)) {
// perform auth
$username = '';
if (in_array($_POST['username'], array('jadmin', 'juser'))) {
if ($_POST['username'] === $_POST['password']) {
$username = $_POST['username'];
}
} else {
if ($_POST['password'] == 'password1') {
$username = $_POST['username'];
}
}
$authenticatedSuccessfully = !empty($username);
// try authentication somehow (e.g. using Zend_Auth)
if ($authenticatedSuccessfully) {
$userAttrs = $idp->fetchAttrs($username);
if ($userAttrs) {
$idp->markAsAuthenticated($username);
$idp->redirect();
} else {
// user is not in attr store!
