public static function isSignatureValid(sspmod_janus_REST_Request $request)
{
if (is_null($request->getKey())) {
return false;
}
$config = sspmod_janus_DiContainer::getInstance()->getConfig();
$user = new sspmod_janus_User();
$user->setUserid($request->getKey());
if (!$user->load(sspmod_janus_User::USERID_LOAD)) {
return false;
}
sspmod_janus_DiContainer::preAuthenticate($user->getUserid(), 'RESTv1');
$shared_secret = $user->getSecret();
$data = $request->getRequestVars();
// Sort params
ksort($data);
$concat_string = '';
// Concat all params with values
foreach ($data as $key => $value) {
$concat_string .= $key . $value;
}
// Prepend shared secret
$prepend_secret = $shared_secret . $concat_string;
// Hash the string to the signature
$calculated_signature = hash('sha512', $prepend_secret);
return $request->getSignature() == $calculated_signature;
}
/**
* Set the user for the user to be handled
*
* @param string|sspmod_janus_User $user The user email or a user object
*
* @return sspmod_janus_User|bool Return the user or false if the user can
* not be loaded
* @throws InvalidArgumentException If parsed argument is neither a valid
* email address og a user object
* @since Method available since Release 1.0.0
*/
public function setUser($user)
{
// If $user is an email address
if (is_string($user)) {
$this->_user = new sspmod_janus_User($this->_config->getValue('store'));
$this->_user->setUserid($user);
if (!$this->_user->load(sspmod_janus_User::USERID_LOAD)) {
return false;
}
// If $user is a sspmod_janus_User object
} else {
if (is_a($user, 'sspmod_janus_User')) {
$this->_user = $user;
} else {
throw new InvalidArgumentException('Argument must be an email address or instance of sspmod_janus_User.');
}
}
return $this->_user;
}
public static function method_getUser($data, &$status)
{
if (!isset($data["userid"])) {
$status = 400;
return '';
}
$config = SimpleSAML_Configuration::getConfig('module_janus.php');
$user = new sspmod_janus_User($config->getValue('store'));
$user->setUserid($data['userid']);
$user->load(sspmod_janus_User::USERID_LOAD);
$result = array();
$result['uid'] = $user->getUid();
$result['userid'] = $user->getUserid();
$result['active'] = $user->getActive();
$result['type'] = $user->getType();
$result['data'] = $user->getdata();
return $result;
}
/**
* Get User information
*
* @access protected (see isProtected)
* @static
* @param array $data Request parameters for getUser method, supports:
* - string $data['userid']: UserID (login name) to get data for
* @param int $statusCode HTTP Status code to use in response
* @return array|string User information
*/
public static function method_getUser($data, &$statusCode)
{
if (!isset($data["userid"])) {
$statusCode = 400;
return '';
}
$config = sspmod_janus_DiContainer::getInstance()->getConfig();
$user = new sspmod_janus_User();
$user->setUserid($data['userid']);
$user->load(sspmod_janus_User::USERID_LOAD);
$result = array();
$result['uid'] = $user->getUid();
$result['userid'] = $user->getUserid();
$result['active'] = $user->getActive();
$result['type'] = $user->getType();
$result['data'] = $user->getdata();
return $result;
}
public static function isSignatureValid(sspmod_janus_REST_Request $request)
{
if (is_null($request->getKey())) {
return false;
}
$config = SimpleSAML_Configuration::getConfig('module_janus.php');
$user = new sspmod_janus_User($config->getValue('store'));
$user->setUserid($request->getKey());
$user->load(sspmod_janus_User::USERID_LOAD);
$shared_secret = $user->getSecret();
$data = $request->getRequestVars();
// Sort params
ksort($data);
$concat_string = '';
// Concat all params with values
foreach ($data as $key => $value) {
$concat_string .= $key . $value;
}
// Prepend shared secret
$prepend_secret = $shared_secret . $concat_string;
// Hash the string to the signature
$calculated_signature = hash('sha512', $prepend_secret);
return $request->getSignature() == $calculated_signature;
}
if ($as->isAuthenticated()) {
$attributes = $as->getAttributes();
// Check if userid exists
if (!isset($attributes[$useridattr])) {
throw new Exception('User ID is missing');
}
$userid = $attributes[$useridattr][0];
} else {
echo $et->t('error_no_access');
exit;
}
// Get Entity controller
$mcontroller = sspmod_janus_DiContainer::getInstance()->getEntityController();
// Get the user
$user = new sspmod_janus_User();
$user->setUserid($userid);
$user->load(sspmod_janus_User::USERID_LOAD);
$eid = $_GET['eid'];
$currentRevisionId = $_GET['currentRevisionId'];
$historyTab = $_GET['historyTab'];
if (!($entity = $mcontroller->setEntity($eid))) {
throw new SimpleSAML_Error_Exception('Error in setEntity');
}
$workflowstates = $janus_config->getValue('workflowstates');
// load entity
$mcontroller->loadEntity();
// Check if user is allowed to se entity
$allowedUsers = $mcontroller->getUsers();
$output = '';
$securityContext = sspmod_janus_DiContainer::getInstance()->getSecurityContext();
if ((array_key_exists($userid, $allowedUsers) || $securityContext->isGranted('allentities')) && $securityContext->isGranted('entityhistory', $entity)) {
function addUserToEntity($params)
{
if (!isset($params['eid']) || !isset($params['uid'])) {
return FALSE;
}
$eid = $params['eid'];
$uid = $params['uid'];
# security hack - uid is actually userid ie. user@example.com - convert it to a janus uid as expected for further processing
$janus_config = sspmod_janus_DiContainer::getInstance()->getConfig();
$user = new sspmod_janus_User();
$user->setUserid($uid);
if ($user->load(sspmod_janus_User::USERID_LOAD) === false) {
echo json_encode(array('status' => 'Unknown user'));
exit;
}
$actual_uid = $user->getUid();
$util = new sspmod_janus_AdminUtil();
try {
if (!($userid = $util->addUserToEntity($eid, $actual_uid))) {
return FALSE;
}
} catch (Exception $e) {
echo json_encode(array('status' => 'An unspecified error occurred'));
exit;
}
return array('eid' => $eid, 'uid' => $actual_uid, 'userid' => $userid);
}
$pm = new sspmod_janus_Postman();
if (!($user = $mcontrol->setUser($userid))) {
throw new SimpleSAML_Error_Exception('Error in setUser');
}
$selectedtab = isset($_REQUEST['selectedtab']) ? $_REQUEST['selectedtab'] : 1;
if (isset($_POST['add_usersubmit'])) {
if (empty($_POST['userid']) || empty($_POST['type'])) {
$msg = 'error_user_not_created_due_params';
} else {
$check_user = new sspmod_janus_User($janus_config->getValue('store'));
$check_user->setUserid($_POST['userid']);
if ($check_user->load(sspmod_janus_User::USERID_LOAD) != FALSE) {
$msg = 'error_user_already_exists';
} else {
$new_user = new sspmod_janus_User($janus_config->getValue('store'));
$new_user->setUserid($_POST['userid']);
$new_user->setType($_POST['type']);
if (isset($_POST['active']) && $_POST['active'] == 'on') {
$active = 'yes';
} else {
$active = 'no';
}
$new_user->setActive($active);
$new_user->setData($_POST['userdata']);
if (!$new_user->save()) {
$msg = 'error_user_not_created';
} else {
SimpleSAML_Utilities::redirect(SimpleSAML_Utilities::selfURLNoQuery(), array('selectedtab' => $selectedtab));
}
}
}
} catch (Exception $ex) {
SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/index.php'), $_GET);
exit;
}
function check_uri($uri)
{
if (preg_match('/^[a-z][a-z0-9+-\\.]*:.+$/i', $uri) == 1) {
return TRUE;
}
return FALSE;
}
// Get Entity controller
$entityController = sspmod_janus_DiContainer::getInstance()->getEntityController();
// Get the user
$user = new sspmod_janus_User();
$user->setUserid($loggedInUsername);
$user->load(sspmod_janus_User::USERID_LOAD);
// Get Admin util which we use to retrieve entities
$adminUtil = new sspmod_janus_AdminUtil();
// @todo move to separate class
// Function to fix up PHP's messing up POST input containing dots, etc.
function getRealPOST()
{
$vars = array();
$input = file_get_contents("php://input");
if (!empty($input)) {
$pairs = explode("&", $input);
foreach ($pairs as $pair) {
$nv = explode("=", $pair);
$name = urldecode($nv[0]);
$value = urldecode($nv[1]);
function editUser($params)
{
if (empty($params['uid']) || empty($params['userid']) || !isset($params['active']) || empty($params['type'])) {
return array('status' => 'missing_param');
}
$janus_config = SimpleSAML_Configuration::getConfig('module_janus.php');
$uid = $params['uid'];
$user = new sspmod_janus_User($janus_config->getValue('store'));
$user->setUid($uid);
$user->load(sspmod_janus_User::UID_LOAD);
$user->setActive($params['active']);
$user->setUserid($params['userid']);
$user->setType($params['type']);
$user->save();
return array('uid' => $uid);
}
