// S'il y a eu une erreur et que l'on revient, afficher
// l'erreur. Cela annule la redirection de header(), mais
// l'utilisateur pourra quand même cliquer manuellement sur un
// lien.
$error = lassospkit_error();
if (!empty($error)) {
echo "SSO error:<br /><pre>{$error}</pre><br />";
}
// Pas encore authentifié - on se connecte:
$return_url = get_request_uri();
lassospkit_redirect_federate($return_url);
exit;
}
// A ce stade, l'utilisateur est authentifié par Lasso
$password = '';
$login = lassospkit_userid();
// vide si pas encore fédéré
if (empty($login)) {
// Construit un identifiant unique
$sql = "SELECT login FROM " . TABLE_PREFIX . "_utilisateurs WHERE login LIKE 'lasso_%'";
$res = grr_sql_query($sql);
$existing_users = array();
for ($i = 0; $row = grr_sql_row($res, $i); $i++) {
$existing_users[] = $row[0];
}
$max = 0;
foreach ($existing_users as $user) {
if (preg_match('/lasso_(\\d+)/', $user, $matches)) {
if ($matches[1] > $max) {
$max = $matches[1];
}
function handleSlo($ret)
{
//error_log("handleSlo");
$r = $this->relayState;
if ($this->currentHttpMethod == LASSO_HTTP_METHOD_GET && $this->currentHttpMethod == LASSO_HTTP_METHOD_POST) {
$this->headerHtml("SLO endpoint", $r);
if ($ret) {
echo "Demande de slo échoué: " . strError($ret) . "({$ret})";
} else {
echo "Demande de slo réussie";
}
echo "Go to <a href='{$r}'>{$r}</a>";
$this->footerHtml();
lassospkit_clean();
grr_closeSession($_GET['auto']);
} else {
# Specialized
$id = lassospkit_userid();
if (isset($id)) {
//error_log("Trying to destroy session $id");
chdir("..");
global $dbsys;
require_once "./include/config.inc.php";
include "./include/connect.inc.php";
require_once "./include/{$dbsys}.inc.php";
require_once "./include/functions.inc.php";
require_once "./include/session.inc.php";
// See admin_view_connexions.php:67
$sql = "SELECT session_id FROM " . TABLE_PREFIX . "_log\n WHERE login = '******'\n AND end > NOW()";
$res = grr_sql_query($sql);
if ($res) {
for ($i = 0; $row = grr_sql_row($res, $i); $i++) {
$php_session_id = $row[0];
//error_log("Erasing GRR session $php_session_id");
session_id($php_session_id);
// delete spkitlasso session if necessary
@session_start();
lassospkit_set_nameid(@$_SESSION['lasso_nameid']);
lassospkit_clean();
// delete GRR session
$auto = 0;
grr_closeSession($auto);
// Done by grr_closeSession:
//session_start();
//session_destroy();
}
}
}
}
if ($ret) {
error_log("Demande de slo échoué: {$ret}");
} else {
//error_log("Demande de slo réussie: $ret");
}
return $ret;
}
echo begin_page(getSettingValue("company").get_vocab("deux_points").get_vocab("mrbs"),"no_session");
if (lassospkit_userid() == NULL)
{
if (getUserName()!='')
{
lassospkit_set_userid(getUserName());
echo get_vocab('lasso_federated');
}
else
{
echo get_vocab('lasso_please_connect');
}
echo "<br />";
echo "<a href='{$_SERVER['HTTP_REFERER']}'>".get_vocab('back').'</a>';
}
else
{
echo get_vocab('lasso_already_federated');
echo "<ul>";
echo "<li>" . get_vocab('lasso_local_user') . ": <code>" . lassospkit_userid() . "</code></li>";
$idps = lassospkit_nameid();
foreach($idps as $idp => $nameid)
{
echo "<li>";
echo get_vocab('lasso_nameid_for_idp') . " <code>$idp</code> : <code>$nameid</code>";
echo "</li>";
}
echo "</ul>";
}
// lien.
$error = lassospkit_error();
if (!empty($error))
{
echo "SSO error:<br /><pre>$error</pre><br />";
}
// Pas encore authentifié - on se connecte:
$return_url = get_request_uri();
lassospkit_redirect_federate($return_url);
exit();
}
// A ce stade, l'utilisateur est authentifié par Lasso
$password = '';
$login = lassospkit_userid(); // vide si pas encore fédéré
if (empty($login))
{
// Construit un identifiant unique
$sql = "SELECT login FROM ".TABLE_PREFIX."_utilisateurs
WHERE login LIKE 'lasso_%'";
$res = grr_sql_query($sql);
$existing_users = array();
for ($i = 0; ($row = grr_sql_row($res, $i)); $i++)
$existing_users[] = $row[0];
$max = 0;
foreach ($existing_users as $user)
{
if (preg_match('/lasso_(\d+)/', $user, $matches))
if ($matches[1] > $max)
