Exemplo n.º 1
0
 public static function setupSamlNewUserSession($session, $accounttype)
 {
     $attrs = $session->samlattrs;
     //initialize session data
     $session->authCredSessionId = session_id();
     $session->authCredSamlAuthToken = $_COOKIE["SimpleSAMLAuthToken"];
     $session->authCredId = null;
     $session->userid = -1;
     $session->isNewUser = true;
     $session->username = $attrs["idp:uid"][0];
     $session->usercname = "";
     $session->userFirstName = isset($attrs["idp:givenName"]) === true && count($attrs["idp:givenName"]) > 0 ? $attrs["idp:givenName"][0] : "";
     $session->userLastName = isset($attrs["idp:sn"]) === true && count($attrs["idp:givenName"]) > 0 ? $attrs["idp:sn"][0] : "";
     $session->userFullName = $session->userFirstName . " " . $session->userLastName;
     $session->fullName = $session->userFullName;
     $session->userRole = 4;
     $session->userCountryID = 0;
     $session->userCountryName = "";
     $session->userPrimaryEmail = isset($attrs["idp:mail"]) === true && count($attrs["idp:mail"]) > 0 ? $attrs["idp:mail"][0] : "";
     if (isset($session->accountStatus) === false) {
         $session->accountStatus = "new";
     }
     //Check invalid emails from social media user accounts
     if (trim($session->userPrimaryEmail) === "" || strtolower(trim($session->userPrimaryEmail)) === strtolower(trim($session->username . "@" . $accounttype . ".com"))) {
         unset($session->userPrimaryEmail);
     }
     //Check if user has pending connection
     AccountConnect::isPending($session);
     //collect session data for new user based on saml source
     switch ($accounttype) {
         case "x509":
             break;
         case "egi-sso-ldap":
             break;
         case "facebook":
             break;
         case "linkedin":
             break;
         case "twitter":
             break;
         case "google":
             break;
         default:
             break;
     }
 }
Exemplo n.º 2
0
 public function submitconfirmationcodeAction()
 {
     $this->_helper->layout->disableLayout();
     if ($this->session->isNewUser !== true && $this->session->userid !== -1) {
         $this->_helper->viewRenderer->setNoRender();
         header("Location: " . "https://" . $_SERVER['HTTP_HOST']);
         return;
     }
     $this->view->error = null;
     $this->view->session = $this->session;
     $this->view->expired = false;
     $code = isset($_POST["confirmationcode"]) === true ? trim($_POST["confirmationcode"]) : null;
     if ($code === null) {
         $this->view->error = "No confirmation code given";
         return;
     }
     //Check if current account is already connected to a profile implicitly or through a different session
     //In this case the view should inform the user and autorefresh to the portal
     if (AccountConnect::isConnected($this->session) !== false) {
         //Update session so user will auto login on page refresh
         SamlAuth::setupSamlAuth($this->session);
         $this->view->session = $this->session;
         return;
     }
     //Check if account is not pending, which means the request has timedout.
     //In this case the view should inform the user and autorefresh to display the confirmation form.
     if (AccountConnect::isPending($this->session) === false) {
         $this->view->error = "Your connection  request has expired";
         $this->view->expired = true;
         //Update session so user will be redirected to the appropriate form
         SamlAuth::setupSamlAuth($this->session);
         return;
     }
     $result = AccountConnect::submitPendingConnectionCode($this->session, $code);
     if ($result !== true) {
         $this->view->error = "Given code is not correct";
         return;
     }
     $this->view->session = $this->session;
 }