예제 #1
0
 public static function isSignatureValid(sspmod_janus_REST_Request $request)
 {
     if (is_null($request->getKey())) {
         return false;
     }
     $config = sspmod_janus_DiContainer::getInstance()->getConfig();
     $user = new sspmod_janus_User();
     $user->setUserid($request->getKey());
     if (!$user->load(sspmod_janus_User::USERID_LOAD)) {
         return false;
     }
     sspmod_janus_DiContainer::preAuthenticate($user->getUserid(), 'RESTv1');
     $shared_secret = $user->getSecret();
     $data = $request->getRequestVars();
     // Sort params
     ksort($data);
     $concat_string = '';
     // Concat all params with values
     foreach ($data as $key => $value) {
         $concat_string .= $key . $value;
     }
     // Prepend shared secret
     $prepend_secret = $shared_secret . $concat_string;
     // Hash the string to the signature
     $calculated_signature = hash('sha512', $prepend_secret);
     return $request->getSignature() == $calculated_signature;
 }
 /**
  * Set the user for the user to be handled
  *
  * @param string|sspmod_janus_User $user The user email or a user object
  *
  * @return sspmod_janus_User|bool Return the user or false if the user can
  * not be loaded
  * @throws InvalidArgumentException If parsed argument is neither a valid
  * email address og a user object
  * @since Method available since Release 1.0.0
  */
 public function setUser($user)
 {
     // If $user is an email address
     if (is_string($user)) {
         $this->_user = new sspmod_janus_User($this->_config->getValue('store'));
         $this->_user->setUserid($user);
         if (!$this->_user->load(sspmod_janus_User::USERID_LOAD)) {
             return false;
         }
         // If $user is a sspmod_janus_User object
     } else {
         if (is_a($user, 'sspmod_janus_User')) {
             $this->_user = $user;
         } else {
             throw new InvalidArgumentException('Argument must be an email address or instance of sspmod_janus_User.');
         }
     }
     return $this->_user;
 }
 public static function method_getUser($data, &$status)
 {
     if (!isset($data["userid"])) {
         $status = 400;
         return '';
     }
     $config = SimpleSAML_Configuration::getConfig('module_janus.php');
     $user = new sspmod_janus_User($config->getValue('store'));
     $user->setUserid($data['userid']);
     $user->load(sspmod_janus_User::USERID_LOAD);
     $result = array();
     $result['uid'] = $user->getUid();
     $result['userid'] = $user->getUserid();
     $result['active'] = $user->getActive();
     $result['type'] = $user->getType();
     $result['data'] = $user->getdata();
     return $result;
 }
예제 #4
0
 /**
  * Get User information
  *
  * @access protected (see isProtected)
  * @static
  * @param array $data Request parameters for getUser method, supports:
  *                      - string $data['userid']: UserID (login name) to get data for
  * @param int $statusCode HTTP Status code to use in response
  * @return array|string User information
  */
 public static function method_getUser($data, &$statusCode)
 {
     if (!isset($data["userid"])) {
         $statusCode = 400;
         return '';
     }
     $config = sspmod_janus_DiContainer::getInstance()->getConfig();
     $user = new sspmod_janus_User();
     $user->setUserid($data['userid']);
     $user->load(sspmod_janus_User::USERID_LOAD);
     $result = array();
     $result['uid'] = $user->getUid();
     $result['userid'] = $user->getUserid();
     $result['active'] = $user->getActive();
     $result['type'] = $user->getType();
     $result['data'] = $user->getdata();
     return $result;
 }
 public static function isSignatureValid(sspmod_janus_REST_Request $request)
 {
     if (is_null($request->getKey())) {
         return false;
     }
     $config = SimpleSAML_Configuration::getConfig('module_janus.php');
     $user = new sspmod_janus_User($config->getValue('store'));
     $user->setUserid($request->getKey());
     $user->load(sspmod_janus_User::USERID_LOAD);
     $shared_secret = $user->getSecret();
     $data = $request->getRequestVars();
     // Sort params
     ksort($data);
     $concat_string = '';
     // Concat all params with values
     foreach ($data as $key => $value) {
         $concat_string .= $key . $value;
     }
     // Prepend shared secret
     $prepend_secret = $shared_secret . $concat_string;
     // Hash the string to the signature
     $calculated_signature = hash('sha512', $prepend_secret);
     return $request->getSignature() == $calculated_signature;
 }
예제 #6
0
파일: history.php 프로젝트: janus-ssp/janus
if ($as->isAuthenticated()) {
    $attributes = $as->getAttributes();
    // Check if userid exists
    if (!isset($attributes[$useridattr])) {
        throw new Exception('User ID is missing');
    }
    $userid = $attributes[$useridattr][0];
} else {
    echo $et->t('error_no_access');
    exit;
}
// Get Entity controller
$mcontroller = sspmod_janus_DiContainer::getInstance()->getEntityController();
// Get the user
$user = new sspmod_janus_User();
$user->setUserid($userid);
$user->load(sspmod_janus_User::USERID_LOAD);
$eid = $_GET['eid'];
$currentRevisionId = $_GET['currentRevisionId'];
$historyTab = $_GET['historyTab'];
if (!($entity = $mcontroller->setEntity($eid))) {
    throw new SimpleSAML_Error_Exception('Error in setEntity');
}
$workflowstates = $janus_config->getValue('workflowstates');
// load entity
$mcontroller->loadEntity();
// Check if user is allowed to se entity
$allowedUsers = $mcontroller->getUsers();
$output = '';
$securityContext = sspmod_janus_DiContainer::getInstance()->getSecurityContext();
if ((array_key_exists($userid, $allowedUsers) || $securityContext->isGranted('allentities')) && $securityContext->isGranted('entityhistory', $entity)) {
예제 #7
0
function addUserToEntity($params)
{
    if (!isset($params['eid']) || !isset($params['uid'])) {
        return FALSE;
    }
    $eid = $params['eid'];
    $uid = $params['uid'];
    # security hack - uid is actually userid ie. user@example.com - convert it to a janus uid as expected for further processing
    $janus_config = sspmod_janus_DiContainer::getInstance()->getConfig();
    $user = new sspmod_janus_User();
    $user->setUserid($uid);
    if ($user->load(sspmod_janus_User::USERID_LOAD) === false) {
        echo json_encode(array('status' => 'Unknown user'));
        exit;
    }
    $actual_uid = $user->getUid();
    $util = new sspmod_janus_AdminUtil();
    try {
        if (!($userid = $util->addUserToEntity($eid, $actual_uid))) {
            return FALSE;
        }
    } catch (Exception $e) {
        echo json_encode(array('status' => 'An unspecified error occurred'));
        exit;
    }
    return array('eid' => $eid, 'uid' => $actual_uid, 'userid' => $userid);
}
$pm = new sspmod_janus_Postman();
if (!($user = $mcontrol->setUser($userid))) {
    throw new SimpleSAML_Error_Exception('Error in setUser');
}
$selectedtab = isset($_REQUEST['selectedtab']) ? $_REQUEST['selectedtab'] : 1;
if (isset($_POST['add_usersubmit'])) {
    if (empty($_POST['userid']) || empty($_POST['type'])) {
        $msg = 'error_user_not_created_due_params';
    } else {
        $check_user = new sspmod_janus_User($janus_config->getValue('store'));
        $check_user->setUserid($_POST['userid']);
        if ($check_user->load(sspmod_janus_User::USERID_LOAD) != FALSE) {
            $msg = 'error_user_already_exists';
        } else {
            $new_user = new sspmod_janus_User($janus_config->getValue('store'));
            $new_user->setUserid($_POST['userid']);
            $new_user->setType($_POST['type']);
            if (isset($_POST['active']) && $_POST['active'] == 'on') {
                $active = 'yes';
            } else {
                $active = 'no';
            }
            $new_user->setActive($active);
            $new_user->setData($_POST['userdata']);
            if (!$new_user->save()) {
                $msg = 'error_user_not_created';
            } else {
                SimpleSAML_Utilities::redirect(SimpleSAML_Utilities::selfURLNoQuery(), array('selectedtab' => $selectedtab));
            }
        }
    }
예제 #9
0
} catch (Exception $ex) {
    SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/index.php'), $_GET);
    exit;
}
function check_uri($uri)
{
    if (preg_match('/^[a-z][a-z0-9+-\\.]*:.+$/i', $uri) == 1) {
        return TRUE;
    }
    return FALSE;
}
// Get Entity controller
$entityController = sspmod_janus_DiContainer::getInstance()->getEntityController();
// Get the user
$user = new sspmod_janus_User();
$user->setUserid($loggedInUsername);
$user->load(sspmod_janus_User::USERID_LOAD);
// Get Admin util which we use to retrieve entities
$adminUtil = new sspmod_janus_AdminUtil();
// @todo move to separate class
// Function to fix up PHP's messing up POST input containing dots, etc.
function getRealPOST()
{
    $vars = array();
    $input = file_get_contents("php://input");
    if (!empty($input)) {
        $pairs = explode("&", $input);
        foreach ($pairs as $pair) {
            $nv = explode("=", $pair);
            $name = urldecode($nv[0]);
            $value = urldecode($nv[1]);
function editUser($params)
{
    if (empty($params['uid']) || empty($params['userid']) || !isset($params['active']) || empty($params['type'])) {
        return array('status' => 'missing_param');
    }
    $janus_config = SimpleSAML_Configuration::getConfig('module_janus.php');
    $uid = $params['uid'];
    $user = new sspmod_janus_User($janus_config->getValue('store'));
    $user->setUid($uid);
    $user->load(sspmod_janus_User::UID_LOAD);
    $user->setActive($params['active']);
    $user->setUserid($params['userid']);
    $user->setType($params['type']);
    $user->save();
    return array('uid' => $uid);
}