function init_saml2_auth() { global $sessionmanager_url; $sm = new SessionManager($sessionmanager_url); $ret = $sm->query('auth_params'); $dom = new DomDocument('1.0', 'utf-8'); $buf = @$dom->loadXML($ret); if (!$buf) { send_error("Unable to retrieve the SAML parameters"); } if (!$dom->hasChildNodes()) { send_error("Unable to retrieve the SAML parameters"); } $saml2 = $dom->getElementsByTagname('SAML2')->item(0); $url = $saml2->getElementsByTagname('idp_url')->item(0)->textContent; $fingerprint = $saml2->getElementsByTagname('idp_fingerprint')->item(0)->textContent; $cert = $saml2->getElementsByTagname('idp_cert')->item(0)->textContent; $settings = build_saml_settings($url, $fingerprint, $cert); return new OneLogin_Saml2_Auth($settings); }
} if (!defined('OPTION_SHOW_USE_LOCAL_CREDENTIALS')) { define('OPTION_SHOW_USE_LOCAL_CREDENTIALS', false); } $force_sso = false; $wi_remote_user_login = ''; if (defined('OPTION_FORCE_SSO') && OPTION_FORCE_SSO === true) { if (array_key_exists('REMOTE_USER', $_SERVER)) { $wi_remote_user_login = $_SERVER['REMOTE_USER']; $force_sso = true; $wi_use_local_credentials = 0; } } if (array_key_exists('SAML2', $_SESSION) && $_SESSION['SAML2'] === true && array_key_exists('ovd-sso', $_COOKIE)) { require_once dirname(__FILE__) . "/auth/saml2/common.inc.php"; $response = new OneLogin_Saml2_Response(new OneLogin_Saml2_Settings(build_saml_settings('https://www.ulteo.com', NULL, NULL)), $_SESSION['SAML2_ticket']); $sessionExpiration = $response->getSessionNotOnOrAfter(); if (!empty($sessionExpiration) && $sessionExpiration <= time() || !$response->validateTimestamps()) { setcookie('ovd-sso', '', time() - 42000, '/ovd/'); require dirname(__FILE__) . "/auth/saml2/sp.php"; } $wi_remote_user_login = $_SESSION['SAML2_login']; $force_sso = true; $wi_use_local_credentials = 0; setcookie('ovd-sso', 'true', 0, '/ovd/'); } elseif (defined('OPTION_FORCE_SAML2') && OPTION_FORCE_SAML2 === true) { // Redirect the user to the SAML2 Identity Provider setcookie('ovd-sso', '', time() - 42000, '/ovd/'); require dirname(__FILE__) . "/auth/saml2/sp.php"; } else { setcookie('ovd-sso', '', time() - 42000, '/ovd/');