/**
* Finish a failed authentication.
*
* This function can be overloaded by a child authentication
* class that wish to perform some operations on failure
*
* @param array &$state Information about the current authentication.
*/
public function authFailed(&$state)
{
$config = SimpleSAML_Configuration::getInstance();
$t = new SimpleSAML_XHTML_Template($config, 'authX509:X509error.php');
$t->data['errorcode'] = $state['authX509.error'];
$t->show();
exit;
}
function show()
{
$t = new SimpleSAML_XHTML_Template($this->config, 'widget.php', 'foodle_foodle');
$t->data['bread'] = array(array('href' => '/' . $this->config->getValue('baseurlpath'), 'title' => 'bc_frontpage'), array('title' => 'Support'));
$t->data['gmapsAPI'] = $this->config->getValue('gmapsAPI');
$t->data['optimize'] = $this->config->getValue('optimize', false);
$t->show();
}
private function showException($e)
{
$globalConfig = SimpleSAML_Configuration::getInstance();
$t = new SimpleSAML_XHTML_Template($globalConfig, 'attributefromrestapi:exception.tpl.php');
$t->data['e'] = $e->getMessage();
$t->show();
exit;
}
/**
* Show the error to the user.
*
* This function does not return.
*/
public function show()
{
header('HTTP/1.0 500 Internal Server Error');
$this->logError();
$globalConfig = SimpleSAML_Configuration::getInstance();
$t = new SimpleSAML_XHTML_Template($globalConfig, 'core:no_metadata.tpl.php');
$t->data['entityId'] = $this->entityId;
$t->show();
exit;
}
/**
* Send an authenticationResponse using HTTP-POST.
*
* @param string $response The response which should be sent.
* @param array $idpmd The metadata of the IdP which is sending the response.
* @param array $spmd The metadata of the SP which is receiving the response.
* @param string|NULL $relayState The relaystate for the SP.
* @param string $shire The shire which should receive the response.
*/
public function sendResponse($response, $idpmd, $spmd, $relayState, $shire)
{
SimpleSAML_Utilities::validateXMLDocument($response, 'saml11');
$privatekey = SimpleSAML_Utilities::loadPrivateKey($idpmd, TRUE);
$publickey = SimpleSAML_Utilities::loadPublicKey($idpmd, TRUE);
$responsedom = new DOMDocument();
$responsedom->loadXML(str_replace("\r", "", $response));
$responseroot = $responsedom->getElementsByTagName('Response')->item(0);
$firstassertionroot = $responsedom->getElementsByTagName('Assertion')->item(0);
/* Determine what we should sign - either the Response element or the Assertion. The default
* is to sign the Assertion, but that can be overridden by the 'signresponse' option in the
* SP metadata or 'saml20.signresponse' in the global configuration.
*/
$signResponse = FALSE;
if (array_key_exists('signresponse', $spmd) && $spmd['signresponse'] !== NULL) {
$signResponse = $spmd['signresponse'];
if (!is_bool($signResponse)) {
throw new Exception('Expected the \'signresponse\' option in the metadata of the' . ' SP \'' . $spmd['entityid'] . '\' to be a boolean value.');
}
} else {
$signResponse = $this->configuration->getBoolean('shib13.signresponse', TRUE);
}
/* Check if we have an assertion to sign. Force to sign the response if not. */
if ($firstassertionroot === NULL) {
$signResponse = TRUE;
}
$signer = new SimpleSAML_XML_Signer(array('privatekey_array' => $privatekey, 'publickey_array' => $publickey, 'id' => $signResponse ? 'ResponseID' : 'AssertionID'));
if (array_key_exists('certificatechain', $idpmd)) {
$signer->addCertificate($idpmd['certificatechain']);
}
if ($signResponse) {
/* Sign the response - this must be done after encrypting the assertion. */
/* We insert the signature before the saml2p:Status element. */
$statusElements = SimpleSAML_Utilities::getDOMChildren($responseroot, 'Status', '@saml1p');
assert('count($statusElements) === 1');
$signer->sign($responseroot, $responseroot, $statusElements[0]);
} else {
/* Sign the assertion */
$signer->sign($firstassertionroot, $firstassertionroot);
}
$response = $responsedom->saveXML();
if ($this->configuration->getBoolean('debug', FALSE)) {
$p = new SimpleSAML_XHTML_Template($this->configuration, 'post-debug.php');
$p->data['header'] = 'SAML (Shibboleth 1.3) Response Debug-mode';
$p->data['RelayStateName'] = 'TARGET';
$p->data['RelayState'] = $relayState;
$p->data['destination'] = $shire;
$p->data['response'] = str_replace("\n", "", base64_encode($response));
$p->data['responseHTML'] = htmlspecialchars(SimpleSAML_Utilities::formatXMLString($response));
$p->show();
} else {
SimpleSAML_Utilities::postRedirect($shire, array('TARGET' => $relayState, 'SAMLResponse' => base64_encode($response)));
}
}
public static function show($path = '/simplesaml/module.php/discojuice/discojuice/') {
$djconfig = SimpleSAML_Configuration::getOptionalConfig('discojuicecentral.php');
$config = SimpleSAML_Configuration::getInstance();
$feed = new sspmod_discojuice_Feed();
$metadata = json_decode($feed->read(), TRUE);
$t = new SimpleSAML_XHTML_Template($config, 'discojuice:central.tpl.php');
$t->data['metadata'] = $metadata;
$t->data['discojuice.options'] = $djconfig->getValue('discojuice.options');
$t->data['discojuice.options']['discoPath'] = $path;
$t->data['acl'] = $djconfig->getValue('acl');
$t->show();
}
function show()
{
if (isset($_REQUEST['save'])) {
$this->saveChanges();
}
$t = new SimpleSAML_XHTML_Template($this->config, 'foodlecreate.php', 'foodle_foodle');
$t->data['optimize'] = $this->config->getValue('optimize', false);
$t->data['user'] = $this->user;
$t->data['userToken'] = $this->user->getToken();
$t->data['loginurl'] = $this->auth->getLoginURL();
$t->data['logouturl'] = $this->auth->getLogoutURL('/');
$t->data['authenticated'] = $this->auth->isAuth();
$t->data['foodleid'] = $this->foodle->identifier;
$t->data['gmapsAPI'] = $this->config->getValue('gmapsAPI');
$t->data['bread'] = array(array('href' => '/', 'title' => 'bc_frontpage'), array('href' => '/foodle/' . $this->foodle->identifier, 'title' => $this->foodle->name), array('title' => 'bc_edit'));
$t->show();
}
function show()
{
$stats = $this->fdb->getStats();
$t = new SimpleSAML_XHTML_Template($this->config, 'foodlefront.php', 'foodle_foodle');
$t->data['optimize'] = $this->config->getValue('optimize', false);
$t->data['gmapsAPI'] = $this->config->getValue('gmapsAPI');
$t->data['bread'] = array(array('title' => 'bc_frontpage'));
$t->data['user'] = $this->user;
$t->data['authenticated'] = $this->auth->isAuth();
if ($this->auth->isAuth()) {
$t->data['userToken'] = $this->user->getToken();
}
$t->data['loginurl'] = $this->auth->getLoginURL();
$t->data['logouturl'] = $this->auth->getLogoutURL();
$t->data['enableFacebookAuth'] = $this->config->getValue('enableFacebookAuth', TRUE);
$t->data['stats'] = $stats;
$t->show();
}
function show()
{
$t = new SimpleSAML_XHTML_Template($this->config, 'support.php', 'foodle_foodle');
$t->data['bread'] = array(array('href' => '/' . $this->config->getValue('baseurlpath'), 'title' => 'bc_frontpage'), array('title' => 'Support'));
$t->data['gmapsAPI'] = $this->config->getValue('gmapsAPI');
$t->data['optimize'] = $this->config->getValue('optimize', false);
// $t->data['user'] = $this->user;
// $t->data['userid'] = $this->user->userid;
// $t->data['displayname'] = $this->user->username;
$t->data['authenticated'] = $this->auth->isAuth();
// FastPass::$domain = "tjenester.ecampus.no";
// $t->data['getsatisfactionscript'] = FastPass::script(
// $this->config->getValue('getsatisfaction.key'), $this->config->getValue('getsatisfaction.secret'),
// $this->user->email, $this->user->username, $this->user->userid);
// $t->data['loginurl'] = $this->auth->getLoginURL();
// $t->data['url'] = $this->auth->getURL();
$t->data['loginurl'] = $this->auth->getLoginURL();
$t->data['logouturl'] = $this->auth->getLogoutURL();
$t->show();
}
function show()
{
$entries = $this->fdb->getYourEntries($this->user);
$statstotal = $this->fdb->getStatsRealm();
$statsweek = $this->fdb->getStatsRealm(60 * 60 * 24 * 7);
$statsday = $this->fdb->getStatsRealm(60 * 60 * 24);
$totals = array('total' => 0, 'week' => 0, 'day' => 0);
$stats = array();
foreach ($statstotal as $s) {
$stats[$s['realm']] = array('total' => $s);
$totals['total'] += $s['c'];
}
foreach ($statsweek as $s) {
$stats[$s['realm']]['week'] = $s;
$totals['week'] += $s['c'];
}
foreach ($statsday as $s) {
$stats[$s['realm']]['day'] = $s;
$totals['day'] += $s['c'];
}
$realm = NULL;
if (!empty($_REQUEST['realm']) && array_key_exists($_REQUEST['realm'], $stats)) {
$realm = $_REQUEST['realm'];
}
$users = $this->fdb->getRecentUsers($realm);
// ---- o ----- o ---- o ----- o ---- o ----- o
$t = new SimpleSAML_XHTML_Template($this->config, 'stats.php', 'foodle_foodle');
$t->data['optimize'] = $this->config->getValue('optimize', false);
$t->data['showsupport'] = TRUE;
$t->data['gmapsAPI'] = $this->config->getValue('gmapsAPI');
$t->data['loginurl'] = $this->auth->getLoginURL();
$t->data['logouturl'] = $this->auth->getLogoutURL();
$t->data['bread'] = array(array('href' => '/' . $this->config->getValue('baseurlpath'), 'title' => 'bc_frontpage'), array('href' => '/stats', 'title' => 'Statistics'));
$t->data['user'] = $this->user;
$t->data['users'] = $users;
$t->data['statsrealm'] = $stats;
$t->data['totalsrealm'] = $totals;
$t->show();
}
function show()
{
if (isset($_REQUEST['save'])) {
$this->saveChanges();
}
if (isset($_REQUEST['col'])) {
$this->foodle->fixDate($_REQUEST['col']);
}
$t = new SimpleSAML_XHTML_Template($this->config, 'fixdate.php', 'foodle_foodle');
$t->data['authenticated'] = $this->auth->isAuth();
$t->data['user'] = $this->user;
$t->data['timezone'] = $this->timezone;
$t->data['ftimezone'] = $this->foodle->timezone;
$t->data['name'] = $this->foodle->name;
$t->data['identifier'] = $this->foodle->identifier;
$t->data['descr'] = $this->foodle->descr;
$t->data['foodle'] = $this->foodle;
$t->data['today'] = date('Y-m-d');
$t->data['tomorrow'] = date('Y-m-d', time() + 60 * 60 * 24);
$t->data['bread'] = array(array('href' => '/', 'title' => 'bc_frontpage'), array('href' => '/foodle/' . $this->foodle->identifier . '#responses', 'title' => $this->foodle->name), array('title' => 'Fix timeslot'));
$t->show();
}
/**
* Show the error to the user.
*
* This function does not return.
*/
public function show()
{
header('HTTP/1.0 500 Internal Server Error');
$errorData = $this->saveError();
$session = SimpleSAML_Session::getInstance();
$attributes = $session->getAttributes();
if (isset($attributes['mail'][0])) {
$email = $attributes['mail'][0];
} else {
$email = '';
}
$globalConfig = SimpleSAML_Configuration::getInstance();
$t = new SimpleSAML_XHTML_Template($globalConfig, 'core:no_state.tpl.php');
/* Enable error reporting if we have a valid technical contact email. */
if ($globalConfig->getString('technicalcontact_email', '*****@*****.**') !== '*****@*****.**') {
/* Enable error reporting. */
$baseurl = SimpleSAML_Utilities::getBaseURL();
$t->data['errorReportAddress'] = $baseurl . 'errorreport.php';
$t->data['reportId'] = $errorData['reportId'];
$t->data['email'] = $email;
}
$t->show();
exit;
}
/**
* Display this error.
*
* This method displays a standard SimpleSAMLphp error page and exits.
*/
public function show()
{
$this->setHTTPCode();
// log the error message
$this->logError();
$errorData = $this->saveError();
$config = SimpleSAML_Configuration::getInstance();
$data['showerrors'] = $config->getBoolean('showerrors', true);
$data['error'] = $errorData;
$data['errorCode'] = $this->errorCode;
$data['parameters'] = $this->parameters;
$data['module'] = $this->module;
$data['dictTitle'] = $this->dictTitle;
$data['dictDescr'] = $this->dictDescr;
$data['includeTemplate'] = $this->includeTemplate;
$data['clipboard.js'] = true;
// check if there is a valid technical contact email address
if ($config->getBoolean('errorreporting', true) && $config->getString('technicalcontact_email', '*****@*****.**') !== '*****@*****.**') {
// enable error reporting
$baseurl = \SimpleSAML\Utils\HTTP::getBaseURL();
$data['errorReportAddress'] = $baseurl . 'errorreport.php';
}
$data['email'] = '';
$session = SimpleSAML_Session::getSessionFromRequest();
$authorities = $session->getAuthorities();
foreach ($authorities as $authority) {
$attributes = $session->getAuthData($authority, 'Attributes');
if ($attributes !== null && array_key_exists('mail', $attributes) && count($attributes['mail']) > 0) {
$data['email'] = $attributes['mail'][0];
break;
// enough, don't need to get all available mails, if more than one
}
}
$show_function = $config->getArray('errors.show_function', null);
if (isset($show_function)) {
assert('is_callable($show_function)');
call_user_func($show_function, $config, $data);
assert('FALSE');
} else {
$t = new SimpleSAML_XHTML_Template($config, 'error.php', 'errors');
$t->data = array_merge($t->data, $data);
$t->show();
}
exit;
}
/**
* Submit a POST form to a specific destination.
*
* This function never returns.
*
* @param string $destination The destination URL.
* @param array $data An associative array with the data to be posted to $destination.
*
* @throws \InvalidArgumentException If $destination is not a string or $data is not an array.
*
* @author Olav Morken, UNINETT AS <*****@*****.**>
* @author Andjelko Horvat
* @author Jaime Perez, UNINETT AS <*****@*****.**>
*/
public static function submitPOSTData($destination, $data)
{
if (!is_string($destination) || !is_array($data)) {
throw new \InvalidArgumentException('Invalid input parameters.');
}
$config = \SimpleSAML_Configuration::getInstance();
$allowed = $config->getBoolean('enable.http_post', false);
if ($allowed && preg_match("#^http:#", $destination) && self::isHTTPS()) {
// we need to post the data to HTTP
self::redirect(self::getSecurePOSTRedirectURL($destination, $data));
}
$p = new \SimpleSAML_XHTML_Template($config, 'post.php');
$p->data['destination'] = $destination;
$p->data['post'] = $data;
$p->show();
exit(0);
}
/**
* Handles a request to this discovery service.
*
* The IdP disco parameters should be set before calling this function.
*/
public function handleRequest()
{
$this->start();
// no choice made. Show discovery service page
$idpList = $this->getIdPList();
$idpList = $this->idplistStructured($this->filterList($idpList));
$preferredIdP = $this->getRecommendedIdP();
$faventry = NULL;
foreach ($idpList as $tab => $slist) {
if (!empty($preferredIdP) && array_key_exists($preferredIdP, $slist)) {
$faventry = $slist[$preferredIdP];
}
}
$t = new SimpleSAML_XHTML_Template($this->config, 'discopower:disco.tpl.php', 'disco');
$discoPowerTabs = array('denmark' => $t->noop('{discopower:tabs:denmark}'), 'edugain' => $t->noop('{discopower:tabs:edugain}'), 'finland' => $t->noop('{discopower:tabs:finland}'), 'greece' => $t->noop('{discopower:tabs:greece}'), 'iceland' => $t->noop('{discopower:tabs:iceland}'), 'incommon' => $t->noop('{discopower:tabs:incommon}'), 'kalmar' => $t->noop('{discopower:tabs:kalmar}'), 'misc' => $t->noop('{discopower:tabs:misc}'), 'norway' => $t->noop('{discopower:tabs:norway}'), 'sweden' => $t->noop('{discopower:tabs:sweden}'), 'switzerland' => $t->noop('{discopower:tabs:switzerland}'), 'ukacessfederation' => $t->noop('{discopower:tabs:ukacessfederation}'));
$t->data['faventry'] = $faventry;
$t->data['tabNames'] = $discoPowerTabs;
$t->data['idplist'] = $idpList;
$t->data['preferredidp'] = $preferredIdP;
$t->data['return'] = $this->returnURL;
$t->data['returnIDParam'] = $this->returnIdParam;
$t->data['entityID'] = $this->spEntityId;
$t->data['urlpattern'] = htmlspecialchars(\SimpleSAML\Utils\HTTP::getSelfURLNoQuery());
$t->data['rememberenabled'] = $this->config->getBoolean('idpdisco.enableremember', false);
$t->data['rememberchecked'] = $this->config->getBoolean('idpdisco.rememberchecked', false);
$t->data['defaulttab'] = $this->discoconfig->getValue('defaulttab', 0);
$t->data['score'] = $this->discoconfig->getValue('score', 'quicksilver');
$t->show();
}
/**
* Handles a request to this discovery service.
*
* The IdP disco parameters should be set before calling this function.
*/
public function handleRequest()
{
$this->start();
// no choice made. Show discovery service page
$idpList = $this->getIdPList();
$idpList = $this->idplistStructured($this->filterList($idpList));
$preferredIdP = $this->getRecommendedIdP();
$t = new SimpleSAML_XHTML_Template($this->config, 'discopower:disco-tpl.php', 'disco');
$t->data['idplist'] = $idpList;
$t->data['preferredidp'] = $preferredIdP;
$t->data['return'] = $this->returnURL;
$t->data['returnIDParam'] = $this->returnIdParam;
$t->data['entityID'] = $this->spEntityId;
$t->data['urlpattern'] = htmlspecialchars(\SimpleSAML\Utils\HTTP::getSelfURLNoQuery());
$t->data['rememberenabled'] = $this->config->getBoolean('idpdisco.enableremember', false);
$t->data['rememberchecked'] = $this->config->getBoolean('idpdisco.rememberchecked', false);
$t->data['defaulttab'] = $this->discoconfig->getValue('defaulttab', 0);
$t->data['score'] = $this->discoconfig->getValue('score', 'quicksilver');
$t->show();
}
public function sendMessage($request, $localentityid, $remoteentityid, $relayState = null, $endpoint = 'SingleSignOnService', $direction = 'SAMLRequest', $mode = 'SP')
{
SimpleSAML_Utilities::validateXMLDocument($request, 'saml20');
$redirectURL = $this->getRedirectURL($request, $localentityid, $remoteentityid, $relayState, $endpoint, $direction, $mode);
if ($this->configuration->getValue('debug')) {
$p = new SimpleSAML_XHTML_Template($this->configuration, 'httpredirect-debug.php');
$p->data['header'] = 'HTTP-REDIRECT Debug';
$p->data['url'] = $redirectURL;
$p->data['message'] = htmlentities($request);
$p->show();
} else {
SimpleSAML_Utilities::redirect($redirectURL);
}
}
/**
* Do a POST redirect to a page.
*
* This function never returns.
*
* @param string $destination The destination URL.
* @param array $post An array of name-value pairs which will be posted.
*/
public static function postRedirect($destination, $post)
{
assert('is_string($destination)');
assert('is_array($post)');
$config = SimpleSAML_Configuration::getInstance();
$httpRedirect = $config->getBoolean('enable.http_post', FALSE);
if ($httpRedirect && preg_match("#^http:#", $destination) && self::isHTTPS()) {
$url = self::createHttpPostRedirectLink($destination, $post);
self::redirect($url);
assert('FALSE');
}
$p = new SimpleSAML_XHTML_Template($config, 'post.php');
$p->data['destination'] = $destination;
$p->data['post'] = $post;
$p->show();
exit(0);
}
/**
* Do a POST redirect to a page.
*
* This function never returns.
*
* @param string $destination The destination URL.
* @param array $post An array of name-value pairs which will be posted.
*/
public static function postRedirect($destination, $post)
{
assert('is_string($destination)');
assert('is_array($post)');
$config = SimpleSAML_Configuration::getInstance();
$p = new SimpleSAML_XHTML_Template($config, 'post.php');
$p->data['destination'] = $destination;
$p->data['post'] = $post;
$p->show();
exit(0);
}
/**
* Display this error.
*
* This method displays a standard simpleSAMLphp error page and exits.
*/
public function show()
{
$this->setHTTPCode();
/* Log the error message. */
$this->logError();
$errorData = $this->saveError();
$config = SimpleSAML_Configuration::getInstance();
$data['showerrors'] = $config->getBoolean('showerrors', true);
$data['error'] = $errorData;
$data['errorCode'] = $this->errorCode;
$data['parameters'] = $this->parameters;
$data['module'] = $this->module;
$data['dictTitle'] = $this->dictTitle;
$data['dictDescr'] = $this->dictDescr;
$data['includeTemplate'] = $this->includeTemplate;
/* Check if there is a valid technical contact email address. */
if ($config->getString('technicalcontact_email', '*****@*****.**') !== '*****@*****.**') {
/* Enable error reporting. */
$baseurl = SimpleSAML_Utilities::getBaseURL();
$data['errorReportAddress'] = $baseurl . 'errorreport.php';
}
$session = SimpleSAML_Session::getInstance();
$attributes = $session->getAttributes();
if (is_array($attributes) && array_key_exists('mail', $attributes) && count($attributes['mail']) > 0) {
$data['email'] = $attributes['mail'][0];
} else {
$data['email'] = '';
}
$show_function = $config->getArray('errors.show_function', NULL);
if (isset($show_function)) {
assert('is_callable($show_function)');
call_user_func($show_function, $config, $data);
assert('FALSE');
} else {
$t = new SimpleSAML_XHTML_Template($config, 'error.php', 'errors');
$t->data = array_merge($t->data, $data);
$t->show();
}
exit;
}
/**
* Handles a request to this discovery service.
*
* The IdP disco parameters should be set before calling this function.
*/
public function handleRequest()
{
$idp = $this->getTargetIdp();
if ($idp !== NULL) {
$extDiscoveryStorage = $this->config->getString('idpdisco.extDiscoveryStorage', NULL);
if ($extDiscoveryStorage !== NULL) {
$this->log('Choice made [' . $idp . '] (Forwarding to external discovery storage)');
SimpleSAML_Utilities::redirectTrustedURL($extDiscoveryStorage, array('entityID' => $this->spEntityId, 'IdPentityID' => $idp, 'returnIDParam' => $this->returnIdParam, 'isPassive' => 'true', 'return' => $this->returnURL));
} else {
$this->log('Choice made [' . $idp . '] (Redirecting the user back. returnIDParam=' . $this->returnIdParam . ')');
SimpleSAML_Utilities::redirectTrustedURL($this->returnURL, array($this->returnIdParam => $idp));
}
return;
}
if ($this->isPassive) {
$this->log('Choice not made. (Redirecting the user back without answer)');
SimpleSAML_Utilities::redirectTrustedURL($this->returnURL);
return;
}
/* No choice made. Show discovery service page. */
$idpList = $this->getIdPList();
$preferredIdP = $this->getRecommendedIdP();
$idpintersection = array_intersect(array_keys($idpList), $this->getScopedIDPList());
if (sizeof($idpintersection) > 0) {
$idpList = array_intersect_key($idpList, array_fill_keys($idpintersection, NULL));
}
$idpintersection = array_values($idpintersection);
if (sizeof($idpintersection) == 1) {
$this->log('Choice made [' . $idpintersection[0] . '] (Redirecting the user back. returnIDParam=' . $this->returnIdParam . ')');
SimpleSAML_Utilities::redirectTrustedURL($this->returnURL, array($this->returnIdParam => $idpintersection[0]));
}
/*
* Make use of an XHTML template to present the select IdP choice to the user.
* Currently the supported options is either a drop down menu or a list view.
*/
switch ($this->config->getString('idpdisco.layout', 'links')) {
case 'dropdown':
$templateFile = 'selectidp-dropdown.php';
break;
case 'links':
$templateFile = 'selectidp-links.php';
break;
default:
throw new Exception('Invalid value for the \'idpdisco.layout\' option.');
}
$t = new SimpleSAML_XHTML_Template($this->config, $templateFile, 'disco');
$t->data['idplist'] = $idpList;
$t->data['preferredidp'] = $preferredIdP;
$t->data['return'] = $this->returnURL;
$t->data['returnIDParam'] = $this->returnIdParam;
$t->data['entityID'] = $this->spEntityId;
$t->data['urlpattern'] = htmlspecialchars(SimpleSAML_Utilities::selfURLNoQuery());
$t->data['rememberenabled'] = $this->config->getBoolean('idpdisco.enableremember', FALSE);
$t->show();
}
function show()
{
$t = new SimpleSAML_XHTML_Template($this->config, 'disco.php', 'foodle_foodle');
$t->data['optimize'] = $this->config->getValue('optimize', false);
$t->show();
}
} elseif (array_key_exists('RedirInfo', $_REQUEST)) {
$encData = base64_decode($_REQUEST['RedirInfo']);
if (empty($encData)) {
throw new SimpleSAML_Error_BadRequest('Invalid RedirInfo data.');
}
list($sessionId, $postId) = explode(':', SimpleSAML\Utils\Crypto::aesDecrypt($encData));
if (empty($sessionId) || empty($postId)) {
throw new SimpleSAML_Error_BadRequest('Invalid session info data.');
}
$session = SimpleSAML_Session::getSession($sessionId);
} else {
throw new SimpleSAML_Error_BadRequest('Missing redirection info parameter.');
}
if ($session === NULL) {
throw new Exception('Unable to load session.');
}
$postData = $session->getData('core_postdatalink', $postId);
if ($postData === NULL) {
/* The post data is missing, probably because it timed out. */
throw new Exception('The POST data we should restore was lost.');
}
$session->deleteData('core_postdatalink', $postId);
assert('is_array($postData)');
assert('array_key_exists("url", $postData)');
assert('array_key_exists("post", $postData)');
$config = SimpleSAML_Configuration::getInstance();
$p = new SimpleSAML_XHTML_Template($config, 'post.php');
$p->data['destination'] = $postData['url'];
$p->data['post'] = $postData['post'];
$p->show();
exit(0);
// Some user error detected
$formGen = new sspmod_selfregister_XHTML_Form($formFields, 'newUser.php');
$showFields = sspmod_selfregister_Util::genFieldView($viewAttr);
$formGen->fieldsToShow($showFields);
$formGen->setReadOnly('mail');
$values = $validator->getRawInput();
$hidden = array();
$values['mail'] = $hidden['emailconfirmed'] = $_REQUEST['emailconfirmed'];
$hidden['token'] = $_REQUEST['token'];
$formGen->addHiddenData($hidden);
$values['pw1'] = '';
$values['pw2'] = '';
$formGen->setValues($values);
$formGen->setSubmitter('submit_change');
$formHtml = $formGen->genFormHtml();
$html = new SimpleSAML_XHTML_Template($config, 'selfregister:step3_register.tpl.php', 'selfregister:selfregister');
$html->data['formHtml'] = $formHtml;
$error = $html->t($e->getMesgId(), $e->getTrVars());
$html->data['error'] = htmlspecialchars($error);
$html->show();
}
} else {
// Stage 1: New user clean access
$html = new SimpleSAML_XHTML_Template($config, 'selfregister:step1_email.tpl.php', 'selfregister:selfregister');
$html->data['systemName'] = $systemName;
$logged_and_same_auth = sspmod_selfregister_Util::checkLoggedAndSameAuth();
if ($logged_and_same_auth) {
$html->data['logouturl'] = $logged_and_same_auth->getLogoutURL();
}
$html->show();
}
/**
* Handles a request to this discovery service.
*
* The IdP disco parameters should be set before calling this function.
*/
public function handleRequest()
{
$idp = $this->getTargetIdp();
if ($idp !== NULL) {
$extDiscoveryStorage = $this->config->getString('idpdisco.extDiscoveryStorage', NULL);
if ($extDiscoveryStorage !== NULL) {
$this->log('Choice made [' . $idp . '] (Forwarding to external discovery storage)');
SimpleSAML_Utilities::redirectTrustedURL($extDiscoveryStorage, array('entityID' => $this->spEntityId, 'IdPentityID' => $idp, 'returnIDParam' => $this->returnIdParam, 'isPassive' => 'true', 'return' => $this->returnURL));
} else {
$this->log('Choice made [' . $idp . '] (Redirecting the user back. returnIDParam=' . $this->returnIdParam . ')');
SimpleSAML_Utilities::redirectTrustedURL($this->returnURL, array($this->returnIdParam => $idp));
}
return;
}
if ($this->isPassive) {
$this->log('Choice not made. (Redirecting the user back without answer)');
SimpleSAML_Utilities::redirectTrustedURL($this->returnURL);
return;
}
/* No choice made. Show discovery service page. */
$idpList = $this->getIdPList();
$idpList = $this->idplistStructured($this->filterList($idpList));
$preferredIdP = $this->getRecommendedIdP();
$t = new SimpleSAML_XHTML_Template($this->config, 'discopower:disco-tpl.php', 'disco');
$t->data['idplist'] = $idpList;
$t->data['preferredidp'] = $preferredIdP;
$t->data['return'] = $this->returnURL;
$t->data['returnIDParam'] = $this->returnIdParam;
$t->data['entityID'] = $this->spEntityId;
$t->data['urlpattern'] = htmlspecialchars(SimpleSAML_Utilities::selfURLNoQuery());
$t->data['rememberenabled'] = $this->config->getBoolean('idpdisco.enableremember', FALSE);
$t->data['rememberchecked'] = $this->config->getBoolean('idpdisco.rememberchecked', FALSE);
$t->data['defaulttab'] = $this->discoconfig->getValue('defaulttab', 0);
$t->data['score'] = $this->discoconfig->getValue('score', 'quicksilver');
$t->show();
}
SimpleSAML_Logger::info('consentAdmin: none');
$sp_status = "none";
}
// Set name of SP
if (isset($sp_values['name']) && is_array($sp_values['name'])) {
$sp_name = $sp_metadata['name'];
} else {
if (isset($sp_values['name']) && is_string($sp_values['name'])) {
$sp_name = $sp_metadata['name'];
} elseif (isset($sp_values['OrganizationDisplayName']) && is_array($sp_values['OrganizationDisplayName'])) {
$sp_name = $sp_metadata['OrganizationDisplayName'];
} else {
$sp_name = $sp_empty_name;
}
}
// Set description of SP
if (empty($sp_metadata['description']) || !is_array($sp_metadata['description'])) {
$sp_description = $sp_empty_description;
} else {
$sp_description = $sp_metadata['description'];
}
// Add an URL to the service if present in metadata
$sp_service_url = isset($sp_metadata['ServiceURL']) ? $sp_metadata['ServiceURL'] : null;
// Fill out array for the template
$sp_list[$sp_entityid] = array('spentityid' => $sp_entityid, 'name' => $sp_name, 'description' => $sp_description, 'consentStatus' => $sp_status, 'consentValue' => $sp_entityid, 'attributes_by_sp' => $attributes_new, 'serviceurl' => $sp_service_url);
}
$et->data['header'] = 'Consent Administration';
$et->data['spList'] = $sp_list;
$et->data['showDescription'] = $cA_config->getValue('showDescription');
$et->show();
foreach ($entities as &$entity) {
$entity = array('shib13-sp-remote' => $entity->getMetadata1xSP(), 'shib13-idp-remote' => $entity->getMetadata1xIdP(), 'saml20-sp-remote' => $entity->getMetadata20SP(), 'saml20-idp-remote' => $entity->getMetadata20IdP());
}
/* Transpose from $entities[entityid][type] to $output[type][entityid]. */
$output = SimpleSAML\Utils\Arrays::transpose($entities);
/* Merge all metadata of each type to a single string which should be
* added to the corresponding file.
*/
foreach ($output as $type => &$entities) {
$text = '';
foreach ($entities as $entityId => $entityMetadata) {
if ($entityMetadata === NULL) {
continue;
}
/* Remove the entityDescriptor element because it is unused, and only
* makes the output harder to read.
*/
unset($entityMetadata['entityDescriptor']);
$text .= '$metadata[' . var_export($entityId, TRUE) . '] = ' . var_export($entityMetadata, TRUE) . ";\n";
}
$entities = $text;
}
} else {
$xmldata = '';
$output = array();
}
$template = new SimpleSAML_XHTML_Template($config, 'metadata-converter.php', 'admin');
$template->data['xmldata'] = $xmldata;
$template->data['output'] = $output;
$template->show();
/**
* Handles a request to this discovery service.
*
* The IdP disco parameters should be set before calling this function.
*/
public function handleRequest()
{
$this->start();
// no choice made. Show discovery service page
$idpList = $this->getIdPList();
$idpList = $this->filterList($idpList);
$preferredIdP = $this->getRecommendedIdP();
$idpintersection = array_intersect(array_keys($idpList), $this->getScopedIDPList());
if (sizeof($idpintersection) > 0) {
$idpList = array_intersect_key($idpList, array_fill_keys($idpintersection, null));
}
$idpintersection = array_values($idpintersection);
if (sizeof($idpintersection) == 1) {
$this->log('Choice made [' . $idpintersection[0] . '] (Redirecting the user back. returnIDParam=' . $this->returnIdParam . ')');
\SimpleSAML\Utils\HTTP::redirectTrustedURL($this->returnURL, array($this->returnIdParam => $idpintersection[0]));
}
/*
* Make use of an XHTML template to present the select IdP choice to the user. Currently the supported options
* is either a drop down menu or a list view.
*/
switch ($this->config->getString('idpdisco.layout', 'links')) {
case 'dropdown':
$templateFile = 'selectidp-dropdown.php';
break;
case 'links':
$templateFile = 'selectidp-links.php';
break;
default:
throw new Exception('Invalid value for the \'idpdisco.layout\' option.');
}
$t = new SimpleSAML_XHTML_Template($this->config, $templateFile, 'disco');
$t->data['idplist'] = $idpList;
$t->data['preferredidp'] = $preferredIdP;
$t->data['return'] = $this->returnURL;
$t->data['returnIDParam'] = $this->returnIdParam;
$t->data['entityID'] = $this->spEntityId;
$t->data['urlpattern'] = htmlspecialchars(\SimpleSAML\Utils\HTTP::getSelfURLNoQuery());
$t->data['rememberenabled'] = $this->config->getBoolean('idpdisco.enableremember', false);
$t->show();
}
foreach ($state['core:Logout-IFrame:Associations'] as $assocId => &$sp) {
if ($sp['core:Logout-IFrame:State'] !== 'inprogress') {
/* This SP isn't logging out. */
continue;
}
try {
$assocIdP = SimpleSAML_IdP::getByState($sp);
$url = call_user_func(array($sp['Handler'], 'getLogoutURL'), $assocIdP, $sp, NULL);
$sp['core:Logout-IFrame:URL'] = $url;
} catch (Exception $e) {
$sp['core:Logout-IFrame:State'] = 'failed';
}
}
}
$id = SimpleSAML_Auth_State::saveState($state, 'core:Logout-IFrame');
$globalConfig = SimpleSAML_Configuration::getInstance();
if ($type === 'nojs') {
$t = new SimpleSAML_XHTML_Template($globalConfig, 'core:logout-iframe-wrapper.php');
$t->data['id'] = $id;
$t->data['SPs'] = $state['core:Logout-IFrame:Associations'];
$t->show();
exit(0);
}
$t = new SimpleSAML_XHTML_Template($globalConfig, 'core:logout-iframe.php');
$t->data['id'] = $id;
$t->data['type'] = $type;
$t->data['from'] = $state['core:Logout-IFrame:From'];
$t->data['SPs'] = $state['core:Logout-IFrame:Associations'];
$t->data['jquery'] = array('version' => '1.6', 'core' => TRUE, 'ui' => FALSE, 'css' => FALSE);
$t->show();
exit(0);
/**
* This function logs a error message to the error log and shows the
* message to the user. Script execution terminates afterwards.
*
* @param $title Short title for the error message.
* @param $message The error message.
*/
public static function fatalError($trackid = 'na', $errorcode = null, Exception $e = null, $level = LOG_ERR)
{
$config = SimpleSAML_Configuration::getInstance();
// Get the exception message if there is any exception provided.
$emsg = empty($e) ? 'No exception available' : $e->getMessage();
$etrace = empty($e) ? 'No exception available' : $e->getTraceAsString();
// Log a error message
SimpleSAML_Logger::error($_SERVER['PHP_SELF'] . ' - UserError: ErrCode:' . (!empty($errorcode) ? $errorcode : 'na') . ': ' . urlencode($emsg));
$languagefile = null;
if (isset($errorcode)) {
$languagefile = 'errors.php';
}
// Initialize a template
$t = new SimpleSAML_XHTML_Template($config, 'error.php', $languagefile);
$t->data['errorcode'] = $errorcode;
$t->data['showerrors'] = $config->getValue('showerrors', true);
/* Check if there is a valid technical contact email address. */
if ($config->getValue('technicalcontact_email', '*****@*****.**') !== '*****@*****.**') {
/* Enable error reporting. */
$baseurl = SimpleSAML_Utilities::selfURLhost() . '/' . $config->getBaseURL();
$t->data['errorreportaddress'] = $baseurl . 'errorreport.php';
} else {
/* Disable error reporting. */
$t->data['errorreportaddress'] = NULL;
}
$t->data['exceptionmsg'] = $emsg;
$t->data['exceptiontrace'] = $etrace;
$t->data['trackid'] = $trackid;
$t->data['version'] = $config->getValue('version', 'na');
$t->data['url'] = self::selfURLNoQuery();
$t->show();
exit;
}
