/**
* Hook to inject HTML content into all pages...
*
* @param array &$hookinfo hookinfo
*/
function portal_hook_htmlinject(&$hookinfo)
{
assert('is_array($hookinfo)');
assert('array_key_exists("pre", $hookinfo)');
assert('array_key_exists("post", $hookinfo)');
assert('array_key_exists("page", $hookinfo)');
$links = array('links' => array());
SimpleSAML_Module::callHooks('frontpage', $links);
$portalConfig = SimpleSAML_Configuration::getOptionalConfig('module_portal.php');
$allLinks = array();
foreach ($links as $ls) {
$allLinks = array_merge($allLinks, $ls);
}
$pagesets = $portalConfig->getValue('pagesets', array(array('frontpage_welcome', 'frontpage_config', 'frontpage_auth', 'frontpage_federation')));
SimpleSAML_Module::callHooks('portalextras', $pagesets);
$portal = new sspmod_portal_Portal($allLinks, $pagesets);
if (!$portal->isPortalized($hookinfo['page'])) {
return;
}
// Include jquery UI CSS files in header.
$hookinfo['jquery']['css'] = TRUE;
$hookinfo['jquery']['version'] = '1.6';
// Header
$hookinfo['pre'][] = '<div id="portalmenu" class="ui-tabs ui-widget ui-widget-content ui-corner-all">' . $portal->getMenu($hookinfo['page']) . '<div id="portalcontent" class="ui-tabs-panel ui-widget-content ui-corner-bottom">';
// Footer
$hookinfo['post'][] = '</div></div>';
}
/**
* Hook to run a cron job.
*
* @param array &$croninfo Output
*/
function sanitycheck_hook_cron(&$croninfo)
{
assert('is_array($croninfo)');
assert('array_key_exists("summary", $croninfo)');
assert('array_key_exists("tag", $croninfo)');
SimpleSAML_Logger::info('cron [sanitycheck]: Running cron in cron tag [' . $croninfo['tag'] . '] ');
try {
$sconfig = SimpleSAML_Configuration::getOptionalConfig('config-sanitycheck.php');
$cronTag = $sconfig->getString('cron_tag', NULL);
if ($cronTag === NULL || $cronTag !== $croninfo['tag']) {
return;
}
$info = array();
$errors = array();
$hookinfo = array('info' => &$info, 'errors' => &$errors);
SimpleSAML_Module::callHooks('sanitycheck', $hookinfo);
if (count($errors) > 0) {
foreach ($errors as $err) {
$croninfo['summary'][] = 'Sanitycheck error: ' . $err;
}
}
} catch (Exception $e) {
$croninfo['summary'][] = 'Error executing sanity check: ' . $e->getMessage();
}
}
/**
* Hook to do sanitycheck
*
* @param array &$hookinfo hookinfo
*/
function core_hook_sanitycheck(&$hookinfo)
{
assert('is_array($hookinfo)');
assert('array_key_exists("errors", $hookinfo)');
assert('array_key_exists("info", $hookinfo)');
$config = SimpleSAML_Configuration::getInstance();
if ($config->getString('auth.adminpassword', '123') === '123') {
$hookinfo['errors'][] = '[core] Password in config.php is not set properly';
} else {
$hookinfo['info'][] = '[core] Password in config.php is set properly';
}
if ($config->getString('technicalcontact_email', '*****@*****.**') === '*****@*****.**') {
$hookinfo['errors'][] = '[core] In config.php technicalcontact_email is not set properly';
} else {
$hookinfo['info'][] = '[core] In config.php technicalcontact_email is set properly';
}
if (version_compare(phpversion(), '5.3', '>=')) {
$hookinfo['info'][] = '[core] You are running PHP version ' . phpversion() . '. Great.';
} else {
$hookinfo['errors'][] = '[core] You are running PHP version ' . phpversion() . '. SimpleSAMLphp requires version >= 5.3. Please upgrade!';
}
$info = array();
$mihookinfo = array('info' => &$info);
$availmodules = SimpleSAML_Module::getModules();
SimpleSAML_Module::callHooks('moduleinfo', $mihookinfo);
foreach ($info as $mi => $i) {
if (isset($i['dependencies']) && is_array($i['dependencies'])) {
foreach ($i['dependencies'] as $dep) {
if (!in_array($dep, $availmodules)) {
$hookinfo['errors'][] = '[core] Module dependency not met: ' . $mi . ' requires ' . $dep;
}
}
}
}
}
<?php
/**
* Support the htmlinject hook, which allows modules to change header, pre and post body on all pages.
*/
$this->data['htmlinject'] = array('htmlContentPre' => array(), 'htmlContentPost' => array(), 'htmlContentHead' => array());
$jquery = array();
if (array_key_exists('jquery', $this->data)) {
$jquery = $this->data['jquery'];
}
if (array_key_exists('pageid', $this->data)) {
$hookinfo = array('pre' => &$this->data['htmlinject']['htmlContentPre'], 'post' => &$this->data['htmlinject']['htmlContentPost'], 'head' => &$this->data['htmlinject']['htmlContentHead'], 'jquery' => &$jquery, 'page' => $this->data['pageid']);
SimpleSAML_Module::callHooks('htmlinject', $hookinfo);
}
// - o - o - o - o - o - o - o - o - o - o - o - o -
/**
* Do not allow to frame simpleSAMLphp pages from another location.
* This prevents clickjacking attacks in modern browsers.
*
* If you don't want any framing at all you can even change this to
* 'DENY', or comment it out if you actually want to allow foreign
* sites to put simpleSAMLphp in a frame. The latter is however
* probably not a good security practice.
*/
header('X-Frame-Options: SAMEORIGIN');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="viewport" content="width=device-width, height=device-height, initial-scale=1.0" />
<?php
$config = SimpleSAML_Configuration::getInstance();
$sconfig = SimpleSAML_Configuration::getConfig('config-sanitycheck.php');
$info = array();
$errors = array();
$hookinfo = array('info' => &$info, 'errors' => &$errors);
SimpleSAML_Module::callHooks('sanitycheck', $hookinfo);
if (isset($_REQUEST['output']) && $_REQUEST['output'] == 'text') {
if (count($errors) === 0) {
echo 'OK';
} else {
echo 'FAIL';
}
exit;
}
$t = new SimpleSAML_XHTML_Template($config, 'sanitycheck:check-tpl.php');
$t->data['pageid'] = 'sanitycheck';
$t->data['errors'] = $errors;
$t->data['info'] = $info;
$t->show();
}
}
SimpleSAML_Auth_ProcessingChain::resumeProcessing($state);
}
// Prepare attributes for presentation
$attributes = $state['Attributes'];
$noconsentattributes = $state['consent:noconsentattributes'];
// Remove attributes that do not require consent
foreach ($attributes as $attrkey => $attrval) {
if (in_array($attrkey, $noconsentattributes)) {
unset($attributes[$attrkey]);
}
}
$para = array('attributes' => &$attributes);
// Reorder attributes according to attributepresentation hooks
SimpleSAML_Module::callHooks('attributepresentation', $para);
// Make, populate and layout consent form
$t = new SimpleSAML_XHTML_Template($globalConfig, 'consent:consentform.php');
$t->data['srcMetadata'] = $state['Source'];
$t->data['dstMetadata'] = $state['Destination'];
$t->data['yesTarget'] = SimpleSAML_Module::getModuleURL('consent/getconsent.php');
$t->data['yesData'] = array('StateId' => $id);
$t->data['noTarget'] = SimpleSAML_Module::getModuleURL('consent/noconsent.php');
$t->data['noData'] = array('StateId' => $id);
$t->data['attributes'] = $attributes;
$t->data['checked'] = $state['consent:checked'];
// Fetch privacypolicy
if (array_key_exists('privacypolicy', $state['Destination'])) {
$privacypolicy = $state['Destination']['privacypolicy'];
} elseif (array_key_exists('privacypolicy', $state['Source'])) {
$privacypolicy = $state['Source']['privacypolicy'];
}
if (extension_loaded('suhosin')) {
$suhosinLength = ini_get('suhosin.get.max_value_length');
if (empty($suhosinLength) || (int) $suhosinLength < 2048) {
$warnings[] = '{core:frontpage:warnings_suhosin_url_length}';
}
}
$links = array();
$links_welcome = array();
$links_config = array();
$links_auth = array();
$links_federation = array();
$links_config[] = array('href' => SimpleSAML_Utilities::getBaseURL() . 'example-simple/hostnames.php?dummy=1', 'text' => '{core:frontpage:link_diagnostics}');
$links_config[] = array('href' => SimpleSAML_Utilities::getBaseURL() . 'admin/phpinfo.php', 'text' => '{core:frontpage:link_phpinfo}');
$allLinks = array('links' => &$links, 'welcome' => &$links_welcome, 'config' => &$links_config, 'auth' => &$links_auth, 'federation' => &$links_federation);
SimpleSAML_Module::callHooks('frontpage', $allLinks);
$enablematrix = array('saml20-idp' => $config->getBoolean('enable.saml20-idp', false), 'shib13-idp' => $config->getBoolean('enable.shib13-idp', false));
$functionchecks = array('hash' => array('required', 'Hashing function'), 'gzinflate' => array('required', 'ZLib'), 'openssl_sign' => array('required', 'OpenSSL'), 'simplexml_import_dom' => array('required', 'SimpleXML'), 'dom_import_simplexml' => array('required', 'XML DOM'), 'preg_match' => array('required', 'RegEx support'), 'mcrypt_module_open' => array('required', 'MCrypt'), 'mysql_connect' => array('optional', 'MySQL support'));
if (SimpleSAML_Module::isModuleEnabled('ldap')) {
$functionchecks['ldap_bind'] = array('required_ldap', 'LDAP Extension');
}
if (SimpleSAML_Module::isModuleEnabled('radius')) {
$functionchecks['radius_auth_open'] = array('required_radius', 'Radius Extension');
}
$funcmatrix = array();
$funcmatrix[] = array('required' => 'required', 'descr' => 'PHP Version >= 5.2. You run: ' . phpversion(), 'enabled' => version_compare(phpversion(), '5.2', '>='));
foreach ($functionchecks as $func => $descr) {
$funcmatrix[] = array('descr' => $descr[1], 'required' => $descr[0], 'enabled' => function_exists($func));
}
/* Some basic configuration checks */
if ($config->getString('technicalcontact_email', '*****@*****.**') === '*****@*****.**') {
if ($_REQUEST['key'] !== $cronconfig->getValue('key')) {
SimpleSAML_Logger::error('Cron - Wrong key provided. Cron will not run.');
exit;
}
}
if (!is_null($cronconfig->getValue('allowed_tags'))) {
if (!in_array($_REQUEST['tag'], $cronconfig->getValue('allowed_tags'))) {
SimpleSAML_Logger::error('Cron - Illegal tag [' . $_REQUEST['tag'] . '].');
exit;
}
}
$summary = array();
$croninfo = array('summary' => &$summary, 'tag' => $_REQUEST['tag']);
$url = SimpleSAML_Utilities::selfURL();
$time = date(DATE_RFC822);
SimpleSAML_Module::callHooks('cron', $croninfo);
foreach ($summary as $s) {
SimpleSAML_Logger::debug('Cron - Summary: ' . $s);
}
if ($cronconfig->getValue('sendemail', TRUE) && count($summary) > 0) {
$message = '<h1>Cron report</h1><p>Cron ran at ' . $time . '</p>' . '<p>URL: <tt>' . $url . '</tt></p>' . '<p>Tag: ' . $croninfo['tag'] . "</p>\n\n" . '<ul><li>' . join('</li><li>', $summary) . '</li></ul>';
$toaddress = $config->getString('technicalcontact_email', '*****@*****.**');
if ($toaddress == '*****@*****.**') {
SimpleSAML_Logger::error('Cron - Could not send email. [technicalcontact_email] not set in config.');
} else {
$email = new SimpleSAML_XHTML_EMail($toaddress, 'simpleSAMLphp cron report', '*****@*****.**');
$email->setBody($message);
$email->send();
}
}
if (isset($_REQUEST['output']) && $_REQUEST['output'] == "xhtml") {
function getLoginInfo($t, $thispage)
{
$info = array('info' => '', 'template' => $t, 'thispage' => $thispage);
SimpleSAML_Module::callHooks('portalLoginInfo', $info);
return $info['info'];
}
/**
* This function is called when the user start a logout operation, for example
* by logging out of a SP that supports single logout.
*
* @param array &$state The logout state array.
*/
public function logout(&$state)
{
assert('is_array($state)');
SimpleSAML_Module::callHooks('openidconnect_logout', $state);
}
}
$loginurl = SimpleSAML\Utils\Auth::getAdminLoginURL();
$isadmin = SimpleSAML\Utils\Auth::isAdmin();
$links = array();
$links_welcome = array();
$links_config = array();
$links_auth = array();
$links_federation = array();
if ($config->getBoolean('idpdisco.enableremember', FALSE)) {
$links_federation[] = array('href' => 'cleardiscochoices.php', 'text' => '{core:frontpage:link_cleardiscochoices}');
}
$links_federation[] = array('href' => \SimpleSAML\Utils\HTTP::getBaseURL() . 'admin/metadata-converter.php', 'text' => '{core:frontpage:link_xmlconvert}');
$allLinks = array('links' => &$links, 'welcome' => &$links_welcome, 'config' => &$links_config, 'auth' => &$links_auth, 'federation' => &$links_federation);
SimpleSAML_Module::callHooks('frontpage', $allLinks);
$metadataHosted = array();
SimpleSAML_Module::callHooks('metadata_hosted', $metadataHosted);
$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
$metaentries = array('hosted' => $metadataHosted, 'remote' => array());
if ($isadmin) {
$metaentries['remote']['saml20-idp-remote'] = $metadata->getList('saml20-idp-remote');
$metaentries['remote']['shib13-idp-remote'] = $metadata->getList('shib13-idp-remote');
}
if ($config->getBoolean('enable.saml20-idp', FALSE) === true) {
try {
$metaentries['hosted']['saml20-idp'] = $metadata->getMetaDataCurrent('saml20-idp-hosted');
$metaentries['hosted']['saml20-idp']['metadata-url'] = '/' . $config->getBaseURL() . 'saml2/idp/metadata.php?output=xhtml';
if ($isadmin) {
$metaentries['remote']['saml20-sp-remote'] = $metadata->getList('saml20-sp-remote');
}
} catch (Exception $e) {
}
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations under
* the License.
*
* ************************************************************************** */
/**
* Punto de entrada de ejecución del módulo.
*
* @package IdPRef\modules\idpinstaller
* @author "PRiSE [Auditoria y Consultoria de privacidad y Seguridad, S.L.]"
* @copyright Copyright (C) 2014 - 2015 by the Spanish Research and Academic
* Network
* @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0
* @version 0.3-Sprint3-R57
*/
include_once __DIR__ . '/../lib/functions.php';
$info = array();
$errors = array();
$errors2 = array();
$warning = array();
$step = 1;
if (isset($_REQUEST['step'])) {
$step = $_REQUEST['step'];
}
$config = SimpleSAML_Configuration::getInstance();
$t = new SimpleSAML_XHTML_Template($config, 'idpinstaller:stepn.php');
$sirinfo = array('info' => &$info, 'errors' => &$errors, 'errors2' => &$errors2, 'warning' => &$warning, 'step' => &$step, 'ssphpobj' => $t);
SimpleSAML_Module::callHooks("step{$step}", $sirinfo);
$t->data['sir'] = $sirinfo;
$t->show();
