Example #1
0
 public function pre_process($person)
 {
     parent::pre_process($person);
     $auth = AuthHandler::getAuthManager($this->person);
     $this->discoPath = $auth->getDiscoPath();
     /*
      * Handle country AuthN redirect. Both can redirect, if they don't, show
      * the map.
      */
     $nren = NREN_Handler::getNREN($_SERVER['SERVER_NAME']);
     if (!empty($nren)) {
         $this->redirectToWAYF($nren);
         $this->forwardToDisco($nren);
     }
     /* if not redirected, continue  */
     if (array_key_exists('country', $_GET)) {
         $this->selected_country = htmlentities($_GET['country']);
         $nren = NREN_Handler::getNREN($url, 1);
         echo "redirecting to idp-part for " . $this->selected_country . ", stopping rendering of this page now\n";
         exit(0);
     }
     /* textual view? */
     if (array_key_exists('textual_view', $_GET)) {
         if ($_GET['textual_view'] === "yes") {
             $this->mapMode = false;
         }
     } else {
         /* ok, show map */
         $this->tpl->assign('extraScripts', array('js/jquery-1.6.1.min.js', 'js/jquery-jvectormap-1.1.1.min.js', 'js/jquery-jvectormap-europe-mill-en.js'));
     }
 }
Example #2
0
 public function pre_process($person)
 {
     parent::pre_process($person);
     if (!is_null($person)) {
         AuthHandler::getAuthManager($this->person)->deAuthenticate(basename($_SERVER['SCRIPT_NAME']));
     }
 }
Example #3
0
 public function process()
 {
     if (!$this->person->isNRENAdmin()) {
         $errorTag = PW::create();
         Logger::logEvent(LOG_NOTICE, "NRENAdmin", "process()", "User " . stripslashes($this->person->getX509ValidCN()) . " tried to access the NREN-area", __LINE__, $errorTag);
         $this->tpl->assign('reason', "[{$errorTag}] You are not an NREN-admin");
         $this->tpl->assign('content', $this->tpl->fetch('restricted_access.tpl'));
         return;
     }
     $this->tpl->assign('nrenName', $this->person->getNREN());
     $this->tpl->assign('org_states', ConfusaConstants::$ORG_STATES);
     /* Export the NREN UID key */
     $map = $this->person->getNREN()->getMap();
     $this->tpl->assign('nren_eppn_key', $map['eppn']);
     if (isset($_GET['target'])) {
         switch (Input::sanitize($_GET['target'])) {
             case 'list':
                 /* get all info from database and publish to template */
                 $this->tpl->assign('subscriber_list', $this->getSubscribers());
                 $this->tpl->assign('self_subscriber', $this->person->getSubscriber()->getIdPName());
                 $this->tpl->assign('list_subscribers', true);
                 break;
             case 'add':
                 $am = AuthHandler::getAuthManager($this->person);
                 $attributes = $am->getAttributes();
                 $nren = $this->person->getNREN();
                 if (isset($attributes[$map['epodn']])) {
                     $this->tpl->assign('foundUniqueName', $attributes[$map['epodn']][0]);
                     $this->tpl->assign('nrenOrgAttr', $map['epodn']);
                 }
                 if (isset($attributes[$map['eppn']])) {
                     $this->form_data['eppnAttr'] = $map['eppn'];
                 }
                 $this->tpl->assign('form_data', $this->form_data);
                 $this->tpl->assign('add_subscriber', true);
                 break;
             default:
                 break;
         }
     } else {
         /* get all info from database and publish to template */
         $this->tpl->assign('subscriber_list', $this->getSubscribers());
         $subscriber = $this->person->getSubscriber();
         if (isset($subscriber)) {
             $this->tpl->assign('self_subscriber', $subscriber);
         } else {
             $this->tpl->assign('self_subscriber', '');
             Framework::error_output($this->translateTag('l10n_error_illegalattributemap', 'nrenadmin') . '<a href="attributes.php">' . $this->translateTag('item_attributes', 'menu') . '</a>.');
         }
         $this->tpl->assign('list_subscribers', true);
     }
     /* render page */
     $this->tpl->assign('content', $this->tpl->fetch('nren_admin.tpl'));
 }
Example #4
0
 /**
  * Return the value for the key to an IdP attribute (if defined)
  *
  * @param attr_key string The key of the attribute
  * @return string The value for the supplied attribute key
  */
 private function handleAttrValueAJAX($attr_key)
 {
     if (empty($attr_key)) {
         exit(0);
     }
     $auth = AuthHandler::getAuthManager($this->person);
     $attr_value = @implode(", ", $auth->getAttributeValue($attr_key));
     echo htmlentities("attribute={$attr_value}", ENT_COMPAT, "UTF-8");
     exit(0);
 }
Example #5
0
 /**
  * @throws CGE_CriticalAttributeException If an attribute needed for the operation of Confusa is not found
  * @throws MapNotFoundException If the NREN-map for the attributes is not found
  */
 public function authenticate()
 {
     /* if login, trigger SAML-redirect first */
     $auth = AuthHandler::getAuthManager($this->person);
     $authRequired = $this->contentPage->is_protected() || isset($_GET['start_login']) && $_GET['start_login'] === 'yes';
     $auth->authenticate($authRequired);
     /* show a warning if the person does not have Confusa
      * entitlement and ConfusaAdmin entitlement */
     if ($this->person->isAuth()) {
         if ($this->person->testEntitlementAttribute(Config::get_config('entitlement_user')) == false) {
             if ($this->person->testEntitlementAttribute(Config::get_config('entitlement_admin')) == false) {
                 $entitlement = Config::get_config('entitlement_namespace') . ":";
                 $entitlement .= Config::get_config('entitlement_user');
                 $msg = $this->contentPage->translateMessageTag('fw_error_entitlement_unset_1');
                 $msg .= "<br /><i>{$entitlement}</i><br /><br />";
                 $msg .= $this->contentPage->translateMessageTag('fw_error_entitlement_unset_2');
                 if (!is_null($this->person->getSubscriber())) {
                     $url = $this->person->getSubscriber()->getHelpURL();
                     $email = $this->person->getSubscriber()->getHelpEmail();
                     $msg .= "<br />\n";
                     $msg .= $this->contentPage->translateMessageTag('fw_error_entitlement_unset_3');
                     $msg .= '<br /><ul><li style="margin: 1em 0 0 2em">';
                     $msg .= $this->contentPage->translateMessageTag('fw_error_entitlement_unset_4');
                     $msg .= "<a href=\"mailto:{$email}\">{$email}</a></li>";
                     $msg .= '<li style="margin: 1em 0 0 2em">';
                     $msg .= $this->contentPage->translateMessageTag('fw_error_entitlement_unset_5');
                     $msg .= "<a href=\"{$url}\">{$url}</a></li>\n</ul><br />\n";
                 }
                 Framework::error_output($msg);
             } else {
                 $entitlement = Config::get_config('entitlement_namespace') . ":";
                 $entitlement = Config::get_config('entitlement_user');
                 $msg = $this->contentPage->translateMessageTag('fw_error_entitlement_unset_1');
                 $msg .= "<br /><i>{$entitlement}</i><br /><br />";
                 $msg .= $this->contentPage->translateMessageTag('fw_error_entitlement_unset_6');
                 Framework::warning_output($msg);
             }
         }
     } else {
         /* maybe we can guess the NREN from the URL */
         $this->person->setNREN(NREN_Handler::getNREN($_SERVER['SERVER_NAME']), 1);
     }
     /*
      * Force reauthentication based on the settings if the session is too
      * old */
     if (Framework::$sensitive_action) {
         $auth->reAuthenticate();
     }
 }
Example #6
0
<?php

require_once '../confusa_include.php';
require_once 'AuthHandler.php';
require_once 'Person.php';
/* if nothing is sent via REST, close */
if (is_null($_SERVER['PATH_INFO'])) {
    if (Config::get_config('debug')) {
        echo "No path set!<br />\n";
    }
    exit(0);
}
/* valid session? */
$person = new Person();
$auth = AuthHandler::getAuthManager($person);
$auth->authenticate(true);
if (!$person->isAuth()) {
    if (Config::get_config('debug')) {
        echo "Client is not authenticated!<br />\n";
    }
    exit(0);
}
/* get path, explode and parse content. */
$path = $_SERVER['PATH_INFO'];
$res = explode("/", trim($path, "/"));
if (count($res) != 2) {
    if (Config::get_config('debug')) {
        echo "error with params!<br />\n";
        exit(0);
    }
}