/**
* Ajax compatible redirect method
*
* @param string $url
* @param array $params
* @param bool $isAjax
*/
function redirectTrustedUrl($url, array $params = array(), $isAjax = false)
{
if ($isAjax) {
$redirectUrl = str_replace(TAB_AJAX_CONTENT_PREFIX, '', $url) . '?' . http_build_query($params);
die('<script type="text/javascript">window.location =\'' . $redirectUrl . '\';</script>');
} else {
SimpleSAML_Utilities::redirectTrustedUrl($url, $params);
}
}
$session = SimpleSAML_Session::getSessionFromRequest();
$config = SimpleSAML_Configuration::getInstance();
$janus_config = sspmod_janus_DiContainer::getInstance()->getConfig();
$authsource = $janus_config->getValue('auth', 'login-admin');
$useridattr = $janus_config->getValue('useridattr', 'eduPersonPrincipalName');
$as = new SimpleSAML_Auth_Simple($authsource);
if ($as->isAuthenticated()) {
$attributes = $as->getAttributes();
// Check if userid exists
if (!isset($attributes[$useridattr])) {
throw new Exception('User ID is missing');
}
$userid = $attributes[$useridattr][0];
} else {
$session->setData('string', 'refURL', SimpleSAML_Utilities::selfURL());
SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/index.php'));
}
if (isset($_GET['eid'])) {
$eid = $_GET['eid'];
} else {
throw new SimpleSAML_Error_Exception('Eid must be set');
}
if (isset($_GET['revisionid'])) {
$revisionid = $_GET['revisionid'];
} else {
throw new SimpleSAML_Error_Exception('Revisionid must be set');
}
$md_options = $janus_config->getValue('mdexport.default_options');
$metaxml = sspmod_janus_MetaExport::getReadableXMLMetadata($eid, $revisionid, array('maxCache' => $md_options['maxCache'], 'maxDuration' => $md_options['maxDuration']));
$metaflat = sspmod_janus_MetaExport::getFlatMetadata($eid, $revisionid);
$metaarray = sspmod_janus_MetaExport::getPHPArrayMetadata($eid, $revisionid);
throw new SimpleSAML_Error_BadRequest('Missing valid csrf token!');
}
// Update entity if updated
if ($update) {
$entityController->saveEntity();
$entityController->loadEntity();
$entity = $entityController->getEntity();
// Notify users who have asked to be updated when
$pm = new sspmod_janus_Postman();
$addresses[] = 'ENTITYUPDATE-' . $entity->getEid();
$editLink = SimpleSAML_Module::getModuleURL('janus/editentity.php', array('eid' => $entity->getEid(), 'revisionid' => $entity->getRevisionid()));
$pm->post('Entity updated - ' . $entity->getEntityid(), 'Permalink: <a href="' . htmlspecialchars($editLink) . '">' . htmlspecialchars($editLink) . '</a><br /><br />' . htmlspecialchars($entity->getRevisionnote()) . '<br /><br />' . htmlspecialchars($note), $addresses, $user->getUid());
}
$session->deleteData('string', 'meta_xml');
$session->deleteData('string', 'meta_json');
SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/editentity.php'), array('eid' => $entity->getEid(), 'revisionid' => $entity->getRevisionid()));
exit;
}
$et->data['update'] = $update;
$newMetadata = $entityController->getMetaArray();
unset($newMetadata['attributes']);
$newMetadata = $converter->execute($newMetadata);
$et->data['new'] = $newMetadata;
$et->data['newArp'] = $entityController->getArpAttributes();
$et->data['newAcl'] = array('AllowedAll' => $entityController->getAllowedAll(), 'Allowed' => array_map(function ($allowedEntity) use($janusConfig) {
// @todo this is very inefficient for large sets
$controller = sspmod_janus_DiContainer::getInstance()->getEntityController();
$controller->setEntity($allowedEntity['remoteeid']);
return $controller->getEntity()->getPrettyname();
}, $entityController->getAllowedEntities()), 'Blocked' => array_map(function ($blockedEntity) use($janusConfig) {
// @todo this is very inefficient for large sets
// Check if userid exists
if (!isset($attributes[$useridattr])) {
throw new Exception('User ID is missing');
}
$userid = $attributes[$useridattr][0];
} else {
$returnURL = $session->getData('string', 'refURL');
if (is_null($returnURL)) {
$returnURL = SimpleSAML_Utilities::selfURL();
} else {
$session->deleteData('string', 'refURL');
}
SimpleSAML_Auth_Default::initLogin($authsource, $returnURL, NULL, $_GET);
}
$user = new sspmod_janus_User();
$user->setUserid($userid);
if (!$user->load(sspmod_janus_User::USERID_LOAD)) {
$autocreatenewuser = $janus_config->getValue('user.autocreate', false);
if ($autocreatenewuser) {
SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/newUser.php'), array('userid' => $userid));
} else {
SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/noNewUser.php'), array('userid' => $userid));
}
} else {
if ($user->getActive() === 'yes') {
SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/dashboard.php/entities'));
} else {
$session->doLogout();
SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/index.php?error=error_index_user_inactive'));
}
}
<?php
require __DIR__ . '/_includes.php';
$session = SimpleSAML_Session::getInstance();
$janusConfig = sspmod_janus_DiContainer::getInstance()->getConfig();
$authSource = $janusConfig->getValue('auth', 'login-admin');
// Validate user
if (!$session->isValid($authSource)) {
SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/index.php', array('selectedtab' => "'federation'")));
}
$entities = array();
$util = new sspmod_janus_AdminUtil();
$userController = sspmod_janus_DiContainer::getInstance()->getUserController();
$entities = array_merge($userController->searchEntitiesByType('saml20-idp'), $userController->searchEntitiesByType('saml20-sp'));
foreach ($entities as $entity) {
/**
* @var sspmod_janus_Entity $entity
*/
$entityId = $entity->getEid();
$entityController = sspmod_janus_DiContainer::getInstance()->getEntityController();
$entityController->setEntity($entityId);
$entityController->loadEntity();
$controllerEntity = $entityController->getEntity();
$entityType = $controllerEntity->getType();
if (!isset($entities[$entityType])) {
$entities[$entityType] = array();
}
$entities_info[$entityType][] = array('Id' => $controllerEntity->getEntityid(), 'Name' => $controllerEntity->getPrettyname(), 'WorkflowStatus' => $controllerEntity->getWorkflow(), 'MetadataUrl' => $controllerEntity->getMetadataURL(), 'Eid' => $controllerEntity->getEid());
}
ksort($entities_info);
$template = new SimpleSAML_XHTML_Template(SimpleSAML_Configuration::getInstance(), 'janus:show-entities-validation.php', 'janus:show-entities-validation');
$entity->setRevisionnote($_POST['revisionnote']);
}
// Update entity if updated
if ($update) {
$entityController->saveEntity();
$entityController->loadEntity();
$pm = new sspmod_janus_Postman();
$addresses[] = 'ENTITYUPDATE-' . $eid;
$directlink = SimpleSAML_Module::getModuleURL('janus/editentity.php', array('eid' => $entity->getEid(), 'revisionid' => $entity->getRevisionid()));
$pm->post('Entity updated - ' . $entity->getEntityid(), 'Permalink: <a href="' . htmlspecialchars($directlink) . '">' . htmlspecialchars($directlink) . '</a><br /><br />' . htmlspecialchars($entity->getRevisionnote()) . '<br /><br />' . htmlspecialchars($note), $addresses, $user->getUid());
}
if ($redirectToImport) {
$entity = $entityController->getEntity();
SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/importentity.php'), array('eid' => $entity->getEid()));
} else {
SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Utilities::selfURLNoQuery(), array('eid' => $eid, 'msg' => $msg, 'selectedtab' => isset($_POST['selectedtab']) ? (int) $_POST['selectedtab'] : 0));
}
}
// Get remote entities
if ($entity->getType() == 'saml20-sp') {
$remoteTypes = array('saml20-idp', 'shib13-idp');
} else {
if ($entity->getType() == 'saml20-idp') {
$remoteTypes = array('saml20-sp', 'shib13-sp');
} else {
if ($entity->getType() == 'shib13-sp') {
$remoteTypes = array('saml20-idp', 'shib13-idp');
} else {
if ($entity->getType() == 'shib13-idp') {
$remoteTypes = array('saml20-sp', 'shib13-sp');
} else {
