/** * Emulate the 'authorization' via Shibalike */ public function emulateIdp() { $data = []; if (Input::get('username') != null) { $username = Input::get('username') === Input::get('password') ? Input::get('username') : ''; $userAttrs = $this->idp->fetchAttrs($username); if ($userAttrs) { $this->idp->markAsAuthenticated($username); $this->idp->redirect(); } $data['error'] = 'Incorrect username and/or password'; } return view('IdpLogin', $data); }
if (in_array($_POST['username'], array('jadmin', 'juser'))) { if ($_POST['username'] === $_POST['password']) { $username = $_POST['username']; } } else { if ($_POST['password'] == 'password1') { $username = $_POST['username']; } } $authenticatedSuccessfully = !empty($username); // try authentication somehow (e.g. using Zend_Auth) if ($authenticatedSuccessfully) { $userAttrs = $idp->fetchAttrs($username); if ($userAttrs) { $idp->markAsAuthenticated($username); $idp->redirect(); } else { // user is not in attr store! header('Content-Type: text/html;charset=utf-8'); echo "Sorry. You're not in the attribute store. <a href='idp.php'>Try again</a>"; die; } } else { // user failed authenticate! header('Content-Type: text/html;charset=utf-8'); echo "Sorry. You failed to authenticate. <a href='idp.php'>Try again</a>"; die; } } else { // show form header('Content-Type: text/html;charset=utf-8');
/** * Emulate the 'authorization' via Shibalike */ public function emulateIdp() { if (Input::get('username') != null) { $username = ''; if (Input::get('username') === Input::get('password')) { $username = Input::get('username'); } $userAttrs = $this->idp->fetchAttrs($username); if ($userAttrs) { $this->idp->markAsAuthenticated($username); $this->idp->redirect(); } else { $error = 'Sorry. You failed to authenticate. <a href="idp" alt="Try Again">Try again</a>'; } } ?> <html> <head> <title>Emulated IdP Login</title> <style type="text/css"> body { font-family: sans-serif; } .title { text-align: center; font-weight: 200; color: grey; } input[type="submit"] { padding: 10px; border: 1px solid #cdcdcd; border-radius: 5px; background-color: #fff; min-width: 100%; } input[type="submit"]:hover { background-color: #cdcdcd; cursor: pointer; } </style> </head> <body> <div style="margin: 10px auto; width: 100%; border: 1px solid grey; border-radius: 5px; padding: 10px; max-width: 400px; min-width: 300px;"> <h2 class="title">Login to Continue</h2> <form action="" method="post" style="color: grey;"> <input type="hidden" name="_token" value="<?php echo csrf_token(); ?> "> <?php echo isset($error) ? '<p><em>' . $error . '</em></p>' : ''; ?> <p> <label for="username">Username</label> <input type="text" name="username" id="username" style="width: 100%; padding: 5px; border-radius: 5px; border: 1px solid #cdcdcd;" /> </p> <p> <label for="password">Password</label> <input type="password" name="password" id="password" style="width: 100%; padding: 5px; border-radius: 5px; border: 1px solid #cdcdcd;" /> </p> <p><input type="submit" value="Login"></p> </form> </div> </div> </html> <?php }
<?php // for the demo let's pretend Shibboleth is protecting this directory... $_SERVER = array_merge($_SERVER, array('UFADGroupsDN' => 'FakeGroup', 'businessName' => 'User,Johnny B', 'cn' => 'User, Johnny', 'eduperson_affiliations' => '', 'eppn' => '*****@*****.**', 'givenName' => 'Johnny', 'glid' => 'juser', 'loa' => '2', 'mail' => '*****@*****.**', 'middleName' => 'B', 'postalAddress' => '$$123 Fake St$GAINESVILLE$FL$326110001', 'primary-affiliation' => 'T', 'sn' => 'User', 'uf_affiliations' => '', 'ufid' => '32445260')); // the "IdP" require dirname(__DIR__) . '/_inc.php'; $idp = new Shibalike\IdP(getStateManager(), getAttrStore(), getConfig()); if (isset($_GET['logout'])) { $idp->logout(); $idp->redirect('../goodbye.php'); } // since shibboleth is protecting this directory, we know at this point, // attributes will be present in $_SERVER. $username = $_SERVER['glid']; $userAttrs = $idp->fetchAttrs($username); $idp->markAsAuthenticated($username); $idp->redirect();