/** * Start the logout operation. * * @param array &$state The logout state. * @param string|null $assocId The SP we are logging out from. */ public function startLogout(array &$state, $assocId) { assert('is_string($assocId) || is_null($assocId)'); $associations = $this->idp->getAssociations(); if (count($associations) === 0) { $this->idp->finishLogout($state); } foreach ($associations as $id => &$association) { $idp = \SimpleSAML_IdP::getByState($association); $association['core:Logout-IFrame:Name'] = $idp->getSPName($id); $association['core:Logout-IFrame:State'] = 'onhold'; } $state['core:Logout-IFrame:Associations'] = $associations; if (!is_null($assocId)) { $spName = $this->idp->getSPName($assocId); if ($spName === null) { $spName = array('en' => $assocId); } $state['core:Logout-IFrame:From'] = $spName; } else { $state['core:Logout-IFrame:From'] = null; } $params = array('id' => \SimpleSAML_Auth_State::saveState($state, 'core:Logout-IFrame')); if (isset($state['core:Logout-IFrame:InitType'])) { $params['type'] = $state['core:Logout-IFrame:InitType']; } $url = Module::getModuleURL('core/idp/logout-iframe.php', $params); HTTP::redirectTrustedURL($url); }
/** * Hook to add the simple consenet admin module to the frontpage. * * @param array &$links The links on the frontpage, split into sections. */ function consentSimpleAdmin_hook_frontpage(&$links) { assert('is_array($links)'); assert('array_key_exists("links", $links)'); $links['config'][] = array('href' => \SimpleSAML\Module::getModuleURL('consentSimpleAdmin/consentAdmin.php'), 'text' => '{consentSimpleAdmin:consentsimpleadmin:header}'); $links['config'][] = array('href' => \SimpleSAML\Module::getModuleURL('consentSimpleAdmin/consentStats.php'), 'text' => '{consentSimpleAdmin:consentsimpleadmin:headerstats}'); }
/** * Retrieve a admin login URL. * * @param string|NULL $returnTo The URL the user should arrive on after admin authentication. Defaults to null. * * @return string A URL which can be used for admin authentication. * @throws \InvalidArgumentException If $returnTo is neither a string nor null. */ public static function getAdminLoginURL($returnTo = null) { if (!(is_string($returnTo) || is_null($returnTo))) { throw new \InvalidArgumentException('Invalid input parameters.'); } if ($returnTo === null) { $returnTo = HTTP::getSelfURL(); } return Module::getModuleURL('core/login-admin.php', array('ReturnTo' => $returnTo)); }
/** * Initialize processing of the redirect test. * * @param array &$state The state we should update. */ public function process(&$state) { assert('is_array($state)'); assert('array_key_exists("Attributes", $state)'); // To check whether the state is saved correctly $state['Attributes']['RedirectTest1'] = array('OK'); // Save state and redirect $id = SimpleSAML_Auth_State::saveState($state, 'authVHO:redirectfilter-test'); $url = Module::getModuleURL('authVHO/redirecttest.php'); HTTP::redirectTrustedURL($url, array('StateId' => $id)); }
/** * @inheritDoc */ public function __construct($name) { parent::__construct($name); $this->onValidate[] = [$this, 'validateRedirectUri']; $this->setMethod('POST'); $this->addProtection('Security token has expired, please submit the form again'); $this->addText('name', 'Name of client:')->setMaxLength(255)->setRequired('Set a name'); $this->addTextArea('description', 'Description of client:', null, 5); $this->addTextArea('redirect_uri', 'Static/enforcing callback-url (one per line)', null, 5)->setRequired('Write one redirect URI at least'); $this->addSubmit('submit', 'Submit'); $this->addButton('return', 'Return')->setAttribute('onClick', 'parent.location = \'' . Module::getModuleURL('oauth2/registry.php') . '\''); }
/** * Hook to add the aggregator list to the frontpage. * * @param array &$links The links on the frontpage, split into sections. */ function aggregator_hook_frontpage(&$links) { assert('is_array($links)'); assert('array_key_exists("links", $links)'); $links['federation'][] = array('href' => \SimpleSAML\Module::getModuleURL('aggregator/'), 'text' => '{aggregator:aggregator:frontpage_link}'); }
/** * Test for SimpleSAML\Module::getModuleURL(). */ public function testGetModuleURL() { \SimpleSAML_Configuration::loadFromArray(array('baseurlpath' => 'https://example.com/simplesaml/'), '', 'simplesaml'); $this->assertEquals('https://example.com/simplesaml/module.php/module/script.php', Module::getModuleURL('module/script.php')); $this->assertEquals('https://example.com/simplesaml/module.php/module/script.php?param1=value1¶m2=value2', Module::getModuleURL('module/script.php', array('param1' => 'value1', 'param2' => 'value2'))); }
/** * Create a link which will POST data. * * @param string $destination The destination URL. * @param array $data The name-value pairs which will be posted to the destination. * * @return string A URL which can be accessed to post the data. * @throws \InvalidArgumentException If $destination is not a string or $data is not an array. * * @author Andjelko Horvat * @author Jaime Perez, UNINETT AS <*****@*****.**> */ public static function getPOSTRedirectURL($destination, $data) { if (!is_string($destination) || !is_array($data)) { throw new \InvalidArgumentException('Invalid input parameters.'); } $config = \SimpleSAML_Configuration::getInstance(); $allowed = $config->getBoolean('enable.http_post', false); if ($allowed && preg_match("#^http:#", $destination) && self::isHTTPS()) { // we need to post the data to HTTP $url = self::getSecurePOSTRedirectURL($destination, $data); } else { // post the data directly $session = \SimpleSAML_Session::getSessionFromRequest(); $id = self::savePOSTData($session, $destination, $data); $url = Module::getModuleURL('core/postredirect.php', array('RedirId' => $id)); } return $url; }
/** * Log in using an external authentication helper. * * @param array &$state Information about the current authentication. */ public function authenticate(&$state) { assert('is_array($state)'); $attributes = $this->getUser(); if ($attributes !== null) { /* * The user is already authenticated. * * Add the users attributes to the $state-array, and return control * to the authentication process. */ $state['Attributes'] = $attributes; return; } /* * The user isn't authenticated. We therefore need to * send the user to the login page. */ /* * First we add the identifier of this authentication source * to the state array, so that we know where to resume. */ $state['authVHO:AuthID'] = $this->authId; /* * We need to save the $state-array, so that we can resume the * login process after authentication. * * Note the second parameter to the saveState-function. This is a * unique identifier for where the state was saved, and must be used * again when we retrieve the state. * * The reason for it is to prevent * attacks where the user takes a $state-array saved in one location * and restores it in another location, and thus bypasses steps in * the authentication process. */ $stateId = SimpleSAML_Auth_State::saveState($state, 'authVHO:AuthID'); /* * Now we generate a URL the user should return to after authentication. * We assume that whatever authentication page we send the user to has an * option to return the user to a specific page afterwards. */ $returnTo = Module::getModuleURL('authVHO/resume.php', array('State' => $stateId)); /* * Get the URL of the VHO authentication page. * * This is in the configuration file. */ $authPage = $this->config['vho_login_url']; /* * The redirect to the authentication page. * * Note the 'ReturnTo' parameter. This must most likely be replaced with * the real name of the parameter for the login page. */ HTTP::redirectTrustedURL($authPage, array('ReturnTo' => $returnTo)); /* * The redirect function never returns, so we never get this far. */ assert('FALSE'); }
/** * Hook to add the modinfo module to the frontpage. * * @param array &$links The links on the frontpage, split into sections. */ function metaedit_hook_frontpage(&$links) { assert('is_array($links)'); assert('array_key_exists("links", $links)'); $links['federation']['metaedit'] = array('href' => \SimpleSAML\Module::getModuleURL('metaedit/index.php'), 'text' => array('en' => 'Metadata registry', 'no' => 'Metadata registrering'), 'shorttext' => array('en' => 'Metadata registry', 'no' => 'Metadata registrering')); }
/** * Hook to add the simple consenet admin module to the frontpage. * * @param array &$links The links on the frontpage, split into sections. */ function saml2debug_hook_frontpage(&$links) { assert('is_array($links)'); assert('array_key_exists("links", $links)'); $links['federation'][] = array('href' => \SimpleSAML\Module::getModuleURL('saml2debug/debug.php'), 'text' => array('en' => 'SAML 2.0 Debugger')); }
/** * Hook to add the logpeek module to the frontpage. * * @param array &$links The links on the frontpage, split into sections. */ function logpeek_hook_frontpage(&$links) { assert('is_array($links)'); assert('array_key_exists("links", $links)'); $links['config'][] = array('href' => \SimpleSAML\Module::getModuleURL('logpeek/'), 'text' => array('en' => 'SimpleSAMLphp logs access (Log peek)', 'no' => 'Vis simpleSAMLphp log')); }
/* * This file is part of the simplesamlphp-module-oauth2. * * (c) Sergio Gómez <*****@*****.**> * * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */ use SimpleSAML\Modules\OAuth2\Form\ClientForm; use SimpleSAML\Modules\OAuth2\Repositories\ClientRepository; use SimpleSAML\Utils\Auth; use SimpleSAML\Utils\HTTP; use SimpleSAML\Utils\Random; /* Load simpleSAMLphp, configuration and metadata */ $action = \SimpleSAML\Module::getModuleURL('oauth2/registry.new.php'); $config = SimpleSAML_Configuration::getInstance(); Auth::requireAdmin(); $form = new ClientForm('client'); $form->setAction($action); if ($form->isSubmitted() && $form->isSuccess()) { $client = $form->getValues(); $client['id'] = Random::generateID(); $client['secret'] = Random::generateID(); $clientRepository = new ClientRepository(); $clientRepository->persistNewClient($client['id'], $client['secret'], $client['name'], $client['description'], $client['redirect_uri']); HTTP::redirectTrustedURL('registry.php'); } $template = new SimpleSAML_XHTML_Template($config, 'oauth2:registry_new'); $template->data['form'] = $form; $template->show();
/* * This file is part of the simplesamlphp-module-oauth2. * * (c) Sergio Gómez <*****@*****.**> * * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */ use SimpleSAML\Modules\OAuth2\Form\ClientForm; use SimpleSAML\Modules\OAuth2\Repositories\ClientRepository; use SimpleSAML\Utils\Auth; use SimpleSAML\Utils\HTTP; Auth::requireAdmin(); /* Load simpleSAMLphp, configuration and metadata */ $client_id = $_REQUEST['id']; $action = \SimpleSAML\Module::getModuleURL('oauth2/registry.edit.php', ['id' => $client_id]); $config = SimpleSAML_Configuration::getInstance(); $clientRepository = new ClientRepository(); $client = $clientRepository->find($client_id); if (!$client) { header('Content-type: text/plain; utf-8', TRUE, 500); print 'Client not found'; return; } $form = new ClientForm('client'); $form->setAction($action); $form->setDefaults($client); if ($form->isSubmitted() && $form->isSuccess()) { $client = $form->getValues(); $clientRepository->updateClient($client_id, $client['name'], $client['description'], $client['redirect_uri']); HTTP::redirectTrustedURL('registry.php');