static function liveatedu($params) { $acs = $params['cortodata']['response']['_Destination']; $assertion =& $params['cortodata']['response']['saml:Assertion']; $samlattribute = $assertion['saml:AttributeStatement'][0]['saml:Attribute']; $attributes = attributes2array($samlattribute); // Get the federated id (ePPN)) $dollar = array(); preg_match("/^(.*)@/", $attributes['eduPersonPrincipalName'][0], $dollar); $fid = $dollar[1]; // Get the WLID (eduPersonEntitlement) $dollar = array(); foreach ($attributes['eduPersonEntitlement'] as $epe) { if (preg_match("/^http:\\/\\/wayf\\.dk\\/live@edu\\/(.*)\$/", $epe, $dollar)) { $wlid = $dollar[1]; break; } } // Send the WLID $newattributes['urn:oid:1.3.6.1.4.1.5923.1.1.1.6'] = array($wlid); unset($assertion['saml:AttributeStatement']); $assertion['saml:AttributeStatement'][0]['saml:Attribute'] = array2attributes($newattributes); unset($assertion['saml:AuthnStatement']['saml:AuthnContext']['saml:AuthenticatingAuthority']); // Set subject to ePPN $assertion['saml:Subject']['saml:NameID'] = array('_Format' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent', '__v' => $fid); $assertion['saml:Conditions']['saml:AudienceRestriction']['saml:Audience']['__v'] = 'uri:WindowsLiveID'; $assertion['saml:Subject']['saml:SubjectConfirmation']['saml:SubjectConfirmationData']['_Recipient'] = $acs; return $params['cortodata']; }
static function google($params) { $uid = 'antonten'; #self::provision($uid, '1234567890', 'Anton', 'Banton'); $acs = $params['cortodata']['response']['_Destination']; $assertion =& $params['cortodata']['response']['saml:Assertion']; $samlattribute = $assertion['saml:AttributeStatement'][0]['saml:Attribute']; $attributes = attributes2array($samlattribute); $dollar = array(); preg_match("/^(.*)@/", $attributes['eduPersonPrincipalName'][0], $dollar); $mail = $dollar[1]; #$mail = $uid; unset($assertion['saml:AttributeStatement']); unset($assertion['ds:Signature']); unset($assertion['saml:AuthnStatement']['saml:AuthnContext']['saml:AuthenticatingAuthority']); $assertion['saml:Subject']['saml:NameID'] = array('_Format' => 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress', '_SPNameQualifier' => "google.com", '__v' => $mail); $assertion['saml:Conditions']['saml:AudienceRestriction']['saml:Audience']['__v'] = $acs; $assertion['saml:Subject']['saml:SubjectConfirmation']['saml:SubjectConfirmationData']['_Recipient'] = $acs; return $params['cortodata']; }
/** * NO UI allowed - poor mans continuations can't handle it! * @static * @param $params * @return */ static function demofilter() { if ($_POST['cortoreturn'] == 'json') { session_name('backend'); session_start(); } if ($_POST['cortofirstcall']) { $_SESSION['DemoFilterClassState'] = $_POST['cortodata']; ?> <html> <body> <form method=POST action="<?php echo $_POST['cortolocation']; ?> "><input type="submit" name="submit" value="Continue processing ..."> <input type="hidden" name="cortopassthru" value="<?php echo $_POST['cortopassthru']; ?> "> <p>This is a Corto "<?php echo $_POST['cortophase']; ?> " filter with user interaction. Just click to 'Continue' button to continue.</p> </form> <pre> <?php echo print_r($_POST['cortodata'], 1); ?> </pre> </body> </head> </html> <?php exit; } $samlattribute =& $_SESSION['DemoFilterClassState']['response']['saml:Assertion']['saml:AttributeStatement'][0]['saml:Attribute']; $attributes = attributes2array($samlattribute); $attributes['uid'][] = '-x-'; $samlattribute = array2attributes($attributes); $ret = $_SESSION['DemoFilterClassState']; unset($_SESSION['DemoFilterClassState']); if ($_POST['cortoreturn'] == 'array') { return $ret; } else { header('X-Corto-Return: true'); print json_encode($ret); exit; } }