This function parses the configuration for a consent storage method. An exception will be thrown if
configuration parsing fails.
| public static parseStoreConfig ( mixed $config ) : sspmod_consent_Store | ||
| $config | mixed | The configuration. |
| return | sspmod_consent_Store | An object which implements the sspmod_consent_Store class. |
/**
*
* @param array &$hookinfo hookinfo
*/
function consentSimpleAdmin_hook_sanitycheck(&$hookinfo)
{
assert('is_array($hookinfo)');
assert('array_key_exists("errors", $hookinfo)');
assert('array_key_exists("info", $hookinfo)');
try {
$consentconfig = SimpleSAML_Configuration::getConfig('module_consentSimpleAdmin.php');
// Parse consent config
$consent_storage = sspmod_consent_Store::parseStoreConfig($consentconfig->getValue('store'));
// Get all consents for user
$stats = $consent_storage->getStatistics();
$hookinfo['info'][] = '[consentSimpleAdmin] Consent Storage connection OK.';
} catch (Exception $e) {
$hookinfo['errors'][] = '[consentSimpleAdmin] Error connecting to storage: ' . $e->getMessage();
}
}
/**
*
* @param array &$hookinfo hookinfo
*/
function consentSimpleAdmin_hook_sanitycheck(&$hookinfo)
{
assert('is_array($hookinfo)');
assert('array_key_exists("errors", $hookinfo)');
assert('array_key_exists("info", $hookinfo)');
try {
$consentconfig = SimpleSAML_Configuration::getConfig('module_consentSimpleAdmin.php');
// Parse consent config
$consent_storage = sspmod_consent_Store::parseStoreConfig($consentconfig->getValue('store'));
if (!is_callable(array($consent_storage, 'selftest'))) {
/* Doesn't support a selftest. */
return;
}
$testres = $consent_storage->selftest();
if ($testres) {
$hookinfo['info'][] = '[consentSimpleAdmin] Consent Storage selftest OK.';
} else {
$hookinfo['errors'][] = '[consentSimpleAdmin] Consent Storage selftest failed.';
}
} catch (Exception $e) {
$hookinfo['errors'][] = '[consentSimpleAdmin] Error connecting to storage: ' . $e->getMessage();
}
}
/**
* Initialize consent filter
*
* Validates and parses the configuration
*
* @param array $config Configuration information
* @param mixed $reserved For future use
*/
public function __construct($config, $reserved)
{
assert('is_array($config)');
parent::__construct($config, $reserved);
if (array_key_exists('includeValues', $config)) {
if (!is_bool($config['includeValues'])) {
throw new SimpleSAML_Error_Exception('Consent: includeValues must be boolean. ' . var_export($config['includeValues']) . ' given.');
}
$this->_includeValues = $config['includeValues'];
}
if (array_key_exists('checked', $config)) {
if (!is_bool($config['checked'])) {
throw new SimpleSAML_Error_Exception('Consent: checked must be boolean. ' . var_export($config['checked']) . ' given.');
}
$this->_checked = $config['checked'];
}
if (array_key_exists('focus', $config)) {
if (!in_array($config['focus'], array('yes', 'no'), true)) {
throw new SimpleSAML_Error_Exception('Consent: focus must be a string with values `yes` or `no`. ' . var_export($config['focus']) . ' given.');
}
$this->_focus = $config['focus'];
}
if (array_key_exists('hiddenAttributes', $config)) {
if (!is_array($config['hiddenAttributes'])) {
throw new SimpleSAML_Error_Exception('Consent: hiddenAttributes must be an array. ' . var_export($config['hiddenAttributes']) . ' given.');
}
$this->_hiddenAttributes = $config['hiddenAttributes'];
}
if (array_key_exists('noconsentattributes', $config)) {
if (!is_array($config['noconsentattributes'])) {
throw new SimpleSAML_Error_Exception('Consent: noconsentattributes must be an array. ' . var_export($config['noconsentattributes']) . ' given.');
}
$this->_noconsentattributes = $config['noconsentattributes'];
}
if (array_key_exists('store', $config)) {
try {
$this->_store = sspmod_consent_Store::parseStoreConfig($config['store']);
} catch (Exception $e) {
SimpleSAML_Logger::error('Consent: Could not create consent storage: ' . $e->getMessage());
}
}
if (array_key_exists('showNoConsentAboutService', $config)) {
if (!is_bool($config['showNoConsentAboutService'])) {
throw new SimpleSAML_Error_Exception('Consent: showNoConsentAboutService must be a boolean.');
}
$this->_showNoConsentAboutService = $config['showNoConsentAboutService'];
}
}
/**
* Initialize consent filter.
*
* This is the constructor for the consent filter. It validates and parses the configuration.
*
* @param array $config Configuration information about this filter.
* @param mixed $reserved For future use.
*/
public function __construct($config, $reserved)
{
parent::__construct($config, $reserved);
assert('is_array($config)');
$this->includeValues = FALSE;
if (array_key_exists('includeValues', $config)) {
$this->includeValues = $config['includeValues'];
}
if (array_key_exists('checked', $config)) {
$this->checked = $config['checked'];
}
if (array_key_exists('focus', $config)) {
$this->focus = $config['focus'];
if (!in_array($this->focus, array('yes', 'no'), TRUE)) {
throw new Exception('Invalid value for \'focus\'-parameter to' . ' consent:Consent authentication filter: ' . var_export($this->focus, TRUE));
}
} else {
$this->focus = NULL;
}
$this->store = NULL;
if (array_key_exists('store', $config)) {
try {
$this->store = sspmod_consent_Store::parseStoreConfig($config['store']);
} catch (Exception $e) {
SimpleSAML_Logger::error('Consent - constructor() : Could not create consent storage: ' . $e->getMessage());
}
}
if (array_key_exists('hiddenAttributes', $config)) {
$this->hiddenAttributes = $config['hiddenAttributes'];
} else {
$this->hiddenAttributes = array();
}
}
$action = $_GET["action"];
}
SimpleSAML_Logger::critical('consentAdmin: sp: ' . $sp_entityid . ' action: ' . $action);
// Remove services, whitch have consent disabled
if (isset($idp_metadata['consent.disable'])) {
foreach ($idp_metadata['consent.disable'] as $disable) {
if (array_key_exists($disable, $all_sp_metadata)) {
unset($all_sp_metadata[$disable]);
}
}
}
SimpleSAML_Logger::info('consentAdmin: ' . $idp_entityid);
// Calc correct source
$source = $idp_metadata['metadata-set'] . '|' . $idp_entityid;
// Parse consent config
$consent_storage = sspmod_consent_Store::parseStoreConfig($cA_config->getValue('consentadmin'));
// Calc correct user ID hash
$hashed_user_id = sspmod_consent_Auth_Process_Consent::getHashedUserID($userid, $source);
// If a checkbox have been clicked
if ($action != null && $sp_entityid != null) {
// Get SP metadata
$sp_metadata = $metadata->getMetaData($sp_entityid, 'saml20-sp-remote');
// Run AuthProc filters
list($targeted_id, $attribute_hash, $attributes_new) = driveProcessingChain($idp_metadata, $source, $sp_metadata, $sp_entityid, $attributes, $userid, $hashAttributes);
// Add a consent (or update if attributes have changed and old consent for SP and IdP exists)
if ($action == 'true') {
$isStored = $consent_storage->saveConsent($hashed_user_id, $targeted_id, $attribute_hash);
if ($isStored) {
$res = "added";
} else {
$res = "updated";
<?php
/*
* consentSimpleAdmin - Simple Consent administration module
*
* shows statistics.
*
* @author Andreas Åkre Solberg <*****@*****.**>
* @package simpleSAMLphp
*/
// Get config object
$config = SimpleSAML_Configuration::getInstance();
$consentconfig = SimpleSAML_Configuration::getConfig('module_consentSimpleAdmin.php');
// Parse consent config
$consent_storage = sspmod_consent_Store::parseStoreConfig($consentconfig->getValue('store'));
// Get all consents for user
$stats = $consent_storage->getStatistics();
// Init template
$t = new SimpleSAML_XHTML_Template($config, 'consentSimpleAdmin:consentstats.php');
$t->data['stats'] = $stats;
$t->show();
