/**
* @param string $dictionaryName
* @param string $translationName
* @param array $translations
*/
private function includeTranslation($dictionaryName, $translationName, array $translations)
{
if (!isset($translations[$this->languageCode])) {
return;
}
$translation = $translations[$this->languageCode];
$this->template->includeInlineTranslation($this->createTagForTranslation($dictionaryName, $translationName), $translation);
}
private function showException($e)
{
$globalConfig = SimpleSAML_Configuration::getInstance();
$t = new SimpleSAML_XHTML_Template($globalConfig, 'attributefromrestapi:exception.tpl.php');
$t->data['e'] = $e->getMessage();
$t->show();
exit;
}
function show()
{
$t = new SimpleSAML_XHTML_Template($this->config, 'widget.php', 'foodle_foodle');
$t->data['bread'] = array(array('href' => '/' . $this->config->getValue('baseurlpath'), 'title' => 'bc_frontpage'), array('title' => 'Support'));
$t->data['gmapsAPI'] = $this->config->getValue('gmapsAPI');
$t->data['optimize'] = $this->config->getValue('optimize', false);
$t->show();
}
/**
* Finish a failed authentication.
*
* This function can be overloaded by a child authentication
* class that wish to perform some operations on failure
*
* @param array &$state Information about the current authentication.
*/
public function authFailed(&$state)
{
$config = SimpleSAML_Configuration::getInstance();
$t = new SimpleSAML_XHTML_Template($config, 'authX509:X509error.php');
$t->data['errorcode'] = $state['authX509.error'];
$t->show();
exit;
}
/**
* Show the error to the user.
*
* This function does not return.
*/
public function show()
{
header('HTTP/1.0 500 Internal Server Error');
$this->logError();
$globalConfig = SimpleSAML_Configuration::getInstance();
$t = new SimpleSAML_XHTML_Template($globalConfig, 'core:no_metadata.tpl.php');
$t->data['entityId'] = $this->entityId;
$t->show();
exit;
}
/**
* Send an authenticationResponse using HTTP-POST.
*
* @param string $response The response which should be sent.
* @param array $idpmd The metadata of the IdP which is sending the response.
* @param array $spmd The metadata of the SP which is receiving the response.
* @param string|NULL $relayState The relaystate for the SP.
* @param string $shire The shire which should receive the response.
*/
public function sendResponse($response, $idpmd, $spmd, $relayState, $shire)
{
SimpleSAML_Utilities::validateXMLDocument($response, 'saml11');
$privatekey = SimpleSAML_Utilities::loadPrivateKey($idpmd, TRUE);
$publickey = SimpleSAML_Utilities::loadPublicKey($idpmd, TRUE);
$responsedom = new DOMDocument();
$responsedom->loadXML(str_replace("\r", "", $response));
$responseroot = $responsedom->getElementsByTagName('Response')->item(0);
$firstassertionroot = $responsedom->getElementsByTagName('Assertion')->item(0);
/* Determine what we should sign - either the Response element or the Assertion. The default
* is to sign the Assertion, but that can be overridden by the 'signresponse' option in the
* SP metadata or 'saml20.signresponse' in the global configuration.
*/
$signResponse = FALSE;
if (array_key_exists('signresponse', $spmd) && $spmd['signresponse'] !== NULL) {
$signResponse = $spmd['signresponse'];
if (!is_bool($signResponse)) {
throw new Exception('Expected the \'signresponse\' option in the metadata of the' . ' SP \'' . $spmd['entityid'] . '\' to be a boolean value.');
}
} else {
$signResponse = $this->configuration->getBoolean('shib13.signresponse', TRUE);
}
/* Check if we have an assertion to sign. Force to sign the response if not. */
if ($firstassertionroot === NULL) {
$signResponse = TRUE;
}
$signer = new SimpleSAML_XML_Signer(array('privatekey_array' => $privatekey, 'publickey_array' => $publickey, 'id' => $signResponse ? 'ResponseID' : 'AssertionID'));
if (array_key_exists('certificatechain', $idpmd)) {
$signer->addCertificate($idpmd['certificatechain']);
}
if ($signResponse) {
/* Sign the response - this must be done after encrypting the assertion. */
/* We insert the signature before the saml2p:Status element. */
$statusElements = SimpleSAML_Utilities::getDOMChildren($responseroot, 'Status', '@saml1p');
assert('count($statusElements) === 1');
$signer->sign($responseroot, $responseroot, $statusElements[0]);
} else {
/* Sign the assertion */
$signer->sign($firstassertionroot, $firstassertionroot);
}
$response = $responsedom->saveXML();
if ($this->configuration->getBoolean('debug', FALSE)) {
$p = new SimpleSAML_XHTML_Template($this->configuration, 'post-debug.php');
$p->data['header'] = 'SAML (Shibboleth 1.3) Response Debug-mode';
$p->data['RelayStateName'] = 'TARGET';
$p->data['RelayState'] = $relayState;
$p->data['destination'] = $shire;
$p->data['response'] = str_replace("\n", "", base64_encode($response));
$p->data['responseHTML'] = htmlspecialchars(SimpleSAML_Utilities::formatXMLString($response));
$p->show();
} else {
SimpleSAML_Utilities::postRedirect($shire, array('TARGET' => $relayState, 'SAMLResponse' => base64_encode($response)));
}
}
/**
* Gets the name value from an entry array.
*
* @param SimpleSAML_XHTML_Template $view The view object.
* @param array $entry The entry array.
*
* @return string The resulting name value.
*/
function simplesamlphp_get_entry_name($view, $entry = array())
{
$result = $entry['entityid'];
if (!empty($entry['name'])) {
$name = SimpleSAML\Utils\Arrays::arrayize($entry['name'], 'en');
$result = $view->getTranslation($name);
} elseif (!empty($entry['OrganizationDisplayName'])) {
$name = SimpleSAML\Utils\Arrays::arrayize($entry['OrganizationDisplayName'], 'en');
$result = $view->getTranslation($name);
}
return htmlspecialchars($result);
}
function present_attributes(SimpleSAML_XHTML_Template $t, $attributes, $nameParent)
{
$alternate = array('odd', 'even');
$i = 0;
$parentStr = strlen($nameParent) > 0 ? strtolower($nameParent) . '_' : '';
$str = strlen($nameParent) > 0 ? '<table class="attributes" summary="attribute overview">' : '<table id="table_with_attributes" class="attributes" summary="attribute overview">';
foreach ($attributes as $name => $value) {
$nameraw = $name;
$name = $t->getTranslator()->getAttributeTranslation($parentStr . $nameraw);
if (preg_match('/^child_/', $nameraw)) {
$parentName = preg_replace('/^child_/', '', $nameraw);
foreach ($value as $child) {
$str .= '<tr class="odd"><td colspan="2" style="padding: 2em">' . present_attributes($t, $child, $parentName) . '</td></tr>';
}
} else {
if (sizeof($value) > 1) {
$str .= '<tr class="' . $alternate[$i++ % 2] . '"><td class="attrname">';
if ($nameraw !== $name) {
$str .= htmlspecialchars($name) . '<br/>';
}
$str .= '<tt>' . htmlspecialchars($nameraw) . '</tt>';
$str .= '</td><td class="attrvalue"><ul>';
foreach ($value as $listitem) {
if ($nameraw === 'jpegPhoto') {
$str .= '<li><img src="data:image/jpeg;base64,' . htmlspecialchars($listitem) . '" /></li>';
} else {
$str .= '<li>' . present_assoc($listitem) . '</li>';
}
}
$str .= '</ul></td></tr>';
} elseif (isset($value[0])) {
$str .= '<tr class="' . $alternate[$i++ % 2] . '"><td class="attrname">';
if ($nameraw !== $name) {
$str .= htmlspecialchars($name) . '<br/>';
}
$str .= '<tt>' . htmlspecialchars($nameraw) . '</tt>';
$str .= '</td>';
if ($nameraw === 'jpegPhoto') {
$str .= '<td class="attrvalue"><img src="data:image/jpeg;base64,' . htmlspecialchars($value[0]) . '" /></td></tr>';
} else {
$str .= '<td class="attrvalue">' . htmlspecialchars($value[0]) . '</td></tr>';
}
}
}
$str .= "\n";
}
$str .= '</table>';
return $str;
}
function show()
{
if (isset($_REQUEST['save'])) {
$this->saveChanges();
}
$t = new SimpleSAML_XHTML_Template($this->config, 'foodlecreate.php', 'foodle_foodle');
$t->data['optimize'] = $this->config->getValue('optimize', false);
$t->data['user'] = $this->user;
$t->data['userToken'] = $this->user->getToken();
$t->data['loginurl'] = $this->auth->getLoginURL();
$t->data['logouturl'] = $this->auth->getLogoutURL('/');
$t->data['authenticated'] = $this->auth->isAuth();
$t->data['foodleid'] = $this->foodle->identifier;
$t->data['gmapsAPI'] = $this->config->getValue('gmapsAPI');
$t->data['bread'] = array(array('href' => '/', 'title' => 'bc_frontpage'), array('href' => '/foodle/' . $this->foodle->identifier, 'title' => $this->foodle->name), array('title' => 'bc_edit'));
$t->show();
}
public static function show($path = '/simplesaml/module.php/discojuice/discojuice/') {
$djconfig = SimpleSAML_Configuration::getOptionalConfig('discojuicecentral.php');
$config = SimpleSAML_Configuration::getInstance();
$feed = new sspmod_discojuice_Feed();
$metadata = json_decode($feed->read(), TRUE);
$t = new SimpleSAML_XHTML_Template($config, 'discojuice:central.tpl.php');
$t->data['metadata'] = $metadata;
$t->data['discojuice.options'] = $djconfig->getValue('discojuice.options');
$t->data['discojuice.options']['discoPath'] = $path;
$t->data['acl'] = $djconfig->getValue('acl');
$t->show();
}
function show()
{
$stats = $this->fdb->getStats();
$t = new SimpleSAML_XHTML_Template($this->config, 'foodlefront.php', 'foodle_foodle');
$t->data['optimize'] = $this->config->getValue('optimize', false);
$t->data['gmapsAPI'] = $this->config->getValue('gmapsAPI');
$t->data['bread'] = array(array('title' => 'bc_frontpage'));
$t->data['user'] = $this->user;
$t->data['authenticated'] = $this->auth->isAuth();
if ($this->auth->isAuth()) {
$t->data['userToken'] = $this->user->getToken();
}
$t->data['loginurl'] = $this->auth->getLoginURL();
$t->data['logouturl'] = $this->auth->getLogoutURL();
$t->data['enableFacebookAuth'] = $this->config->getValue('enableFacebookAuth', TRUE);
$t->data['stats'] = $stats;
$t->show();
}
function show()
{
$t = new SimpleSAML_XHTML_Template($this->config, 'support.php', 'foodle_foodle');
$t->data['bread'] = array(array('href' => '/' . $this->config->getValue('baseurlpath'), 'title' => 'bc_frontpage'), array('title' => 'Support'));
$t->data['gmapsAPI'] = $this->config->getValue('gmapsAPI');
$t->data['optimize'] = $this->config->getValue('optimize', false);
// $t->data['user'] = $this->user;
// $t->data['userid'] = $this->user->userid;
// $t->data['displayname'] = $this->user->username;
$t->data['authenticated'] = $this->auth->isAuth();
// FastPass::$domain = "tjenester.ecampus.no";
// $t->data['getsatisfactionscript'] = FastPass::script(
// $this->config->getValue('getsatisfaction.key'), $this->config->getValue('getsatisfaction.secret'),
// $this->user->email, $this->user->username, $this->user->userid);
// $t->data['loginurl'] = $this->auth->getLoginURL();
// $t->data['url'] = $this->auth->getURL();
$t->data['loginurl'] = $this->auth->getLoginURL();
$t->data['logouturl'] = $this->auth->getLogoutURL();
$t->show();
}
function show()
{
$entries = $this->fdb->getYourEntries($this->user);
$statstotal = $this->fdb->getStatsRealm();
$statsweek = $this->fdb->getStatsRealm(60 * 60 * 24 * 7);
$statsday = $this->fdb->getStatsRealm(60 * 60 * 24);
$totals = array('total' => 0, 'week' => 0, 'day' => 0);
$stats = array();
foreach ($statstotal as $s) {
$stats[$s['realm']] = array('total' => $s);
$totals['total'] += $s['c'];
}
foreach ($statsweek as $s) {
$stats[$s['realm']]['week'] = $s;
$totals['week'] += $s['c'];
}
foreach ($statsday as $s) {
$stats[$s['realm']]['day'] = $s;
$totals['day'] += $s['c'];
}
$realm = NULL;
if (!empty($_REQUEST['realm']) && array_key_exists($_REQUEST['realm'], $stats)) {
$realm = $_REQUEST['realm'];
}
$users = $this->fdb->getRecentUsers($realm);
// ---- o ----- o ---- o ----- o ---- o ----- o
$t = new SimpleSAML_XHTML_Template($this->config, 'stats.php', 'foodle_foodle');
$t->data['optimize'] = $this->config->getValue('optimize', false);
$t->data['showsupport'] = TRUE;
$t->data['gmapsAPI'] = $this->config->getValue('gmapsAPI');
$t->data['loginurl'] = $this->auth->getLoginURL();
$t->data['logouturl'] = $this->auth->getLogoutURL();
$t->data['bread'] = array(array('href' => '/' . $this->config->getValue('baseurlpath'), 'title' => 'bc_frontpage'), array('href' => '/stats', 'title' => 'Statistics'));
$t->data['user'] = $this->user;
$t->data['users'] = $users;
$t->data['statsrealm'] = $stats;
$t->data['totalsrealm'] = $totals;
$t->show();
}
function show()
{
if (isset($_REQUEST['save'])) {
$this->saveChanges();
}
if (isset($_REQUEST['col'])) {
$this->foodle->fixDate($_REQUEST['col']);
}
$t = new SimpleSAML_XHTML_Template($this->config, 'fixdate.php', 'foodle_foodle');
$t->data['authenticated'] = $this->auth->isAuth();
$t->data['user'] = $this->user;
$t->data['timezone'] = $this->timezone;
$t->data['ftimezone'] = $this->foodle->timezone;
$t->data['name'] = $this->foodle->name;
$t->data['identifier'] = $this->foodle->identifier;
$t->data['descr'] = $this->foodle->descr;
$t->data['foodle'] = $this->foodle;
$t->data['today'] = date('Y-m-d');
$t->data['tomorrow'] = date('Y-m-d', time() + 60 * 60 * 24);
$t->data['bread'] = array(array('href' => '/', 'title' => 'bc_frontpage'), array('href' => '/foodle/' . $this->foodle->identifier . '#responses', 'title' => $this->foodle->name), array('title' => 'Fix timeslot'));
$t->show();
}
/**
* Show the error to the user.
*
* This function does not return.
*/
public function show()
{
header('HTTP/1.0 500 Internal Server Error');
$errorData = $this->saveError();
$session = SimpleSAML_Session::getInstance();
$attributes = $session->getAttributes();
if (isset($attributes['mail'][0])) {
$email = $attributes['mail'][0];
} else {
$email = '';
}
$globalConfig = SimpleSAML_Configuration::getInstance();
$t = new SimpleSAML_XHTML_Template($globalConfig, 'core:no_state.tpl.php');
/* Enable error reporting if we have a valid technical contact email. */
if ($globalConfig->getString('technicalcontact_email', '*****@*****.**') !== '*****@*****.**') {
/* Enable error reporting. */
$baseurl = SimpleSAML_Utilities::getBaseURL();
$t->data['errorReportAddress'] = $baseurl . 'errorreport.php';
$t->data['reportId'] = $errorData['reportId'];
$t->data['email'] = $email;
}
$t->show();
exit;
}
/**
* Apply filter to add or replace attributes.
*
* Add or replace existing attributes with the configured values.
*
* @param array &$request The current request
*/
public function process(&$request)
{
assert('is_array($request)');
assert('array_key_exists("Attributes", $request)');
$attributes =& $request['Attributes'];
$attrlang = NULL;
if (array_key_exists($this->langattr, $attributes)) {
$attrlang = $attributes[$this->langattr][0];
}
$config = SimpleSAML_Configuration::getInstance();
$t = new SimpleSAML_XHTML_Template($config, 'frontpage');
$lang = $t->getLanguage(FALSE, FALSE);
if (isset($attrlang)) {
SimpleSAML_Logger::debug('LanguageAdaptor: Language in attribute was set [' . $attrlang . ']');
}
if (isset($lang)) {
SimpleSAML_Logger::debug('LanguageAdaptor: Language in session was set [' . $lang . ']');
}
if (isset($attrlang)) {
if (!isset($lang)) {
$t->setLanguage($attrlang);
$_GET['language'] = $attrlang;
} else {
// Language was set in both attributes and session.
if ($lang !== $attrlang) {
// Different language set in attributes and session.
}
}
} else {
if (isset($lang)) {
$request['Attributes'][$this->langattr] = array($lang);
} else {
// Language was neighter set in attributes or in session
}
}
}
/**
* getLanguage() will return the language selected by the user, or the default language
* This function first looks for a cached language code,
* then checks for a language cookie,
* then it tries to calculate the preferred language from HTTP headers.
* Last it returns the default language.
*/
public function getLanguage()
{
// Language is set in object
if (isset($this->language)) {
return $this->language;
}
// Language is provided in a stored COOKIE
$languageCookie = SimpleSAML_XHTML_Template::getLanguageCookie();
if ($languageCookie !== NULL) {
$this->language = $languageCookie;
return $languageCookie;
}
/* Check if we can find a good language from the Accept-Language http header. */
$httpLanguage = $this->getHTTPLanguage();
if ($httpLanguage !== NULL) {
return $httpLanguage;
}
// Language is not set, and we get the default language from the configuration.
return $this->getDefaultLanguage();
}
/**
* Apply filter to add or replace attributes.
*
* Add or replace existing attributes with the configured values.
*
* @param array &$request The current request
*/
public function process(&$request)
{
assert('is_array($request)');
assert('array_key_exists("Attributes", $request)');
$attributes =& $request['Attributes'];
$attrlang = NULL;
if (array_key_exists($this->langattr, $attributes)) {
$attrlang = $attributes[$this->langattr][0];
}
$lang = SimpleSAML_XHTML_Template::getLanguageCookie();
if (isset($attrlang)) {
SimpleSAML_Logger::debug('LanguageAdaptor: Language in attribute was set [' . $attrlang . ']');
}
if (isset($lang)) {
SimpleSAML_Logger::debug('LanguageAdaptor: Language in session was set [' . $lang . ']');
}
if (isset($attrlang) && !isset($lang)) {
// Language set in attribute but not in cookie - update cookie
SimpleSAML_XHTML_Template::setLanguageCookie($attrlang);
} elseif (!isset($attrlang) && isset($lang)) {
// Language set in cookie, but not in attribute. Update attribute
$request['Attributes'][$this->langattr] = array($lang);
}
}
/**
* Handles a request to this discovery service.
*
* The IdP disco parameters should be set before calling this function.
*/
public function handleRequest()
{
$idp = $this->getTargetIdp();
if ($idp !== NULL) {
$extDiscoveryStorage = $this->config->getString('idpdisco.extDiscoveryStorage', NULL);
if ($extDiscoveryStorage !== NULL) {
$this->log('Choice made [' . $idp . '] (Forwarding to external discovery storage)');
SimpleSAML_Utilities::redirectTrustedURL($extDiscoveryStorage, array('entityID' => $this->spEntityId, 'IdPentityID' => $idp, 'returnIDParam' => $this->returnIdParam, 'isPassive' => 'true', 'return' => $this->returnURL));
} else {
$this->log('Choice made [' . $idp . '] (Redirecting the user back. returnIDParam=' . $this->returnIdParam . ')');
SimpleSAML_Utilities::redirectTrustedURL($this->returnURL, array($this->returnIdParam => $idp));
}
return;
}
if ($this->isPassive) {
$this->log('Choice not made. (Redirecting the user back without answer)');
SimpleSAML_Utilities::redirectTrustedURL($this->returnURL);
return;
}
/* No choice made. Show discovery service page. */
$idpList = $this->getIdPList();
$idpList = $this->idplistStructured($this->filterList($idpList));
$preferredIdP = $this->getRecommendedIdP();
$t = new SimpleSAML_XHTML_Template($this->config, 'discopower:disco-tpl.php', 'disco');
$t->data['idplist'] = $idpList;
$t->data['preferredidp'] = $preferredIdP;
$t->data['return'] = $this->returnURL;
$t->data['returnIDParam'] = $this->returnIdParam;
$t->data['entityID'] = $this->spEntityId;
$t->data['urlpattern'] = htmlspecialchars(SimpleSAML_Utilities::selfURLNoQuery());
$t->data['rememberenabled'] = $this->config->getBoolean('idpdisco.enableremember', FALSE);
$t->data['rememberchecked'] = $this->config->getBoolean('idpdisco.rememberchecked', FALSE);
$t->data['defaulttab'] = $this->discoconfig->getValue('defaulttab', 0);
$t->data['score'] = $this->discoconfig->getValue('score', 'quicksilver');
$t->show();
}
$metaBuilder->addSecurityTokenServiceType($metaArray);
$metaBuilder->addOrganizationInfo($metaArray);
$technicalContactEmail = $config->getString('technicalcontact_email', null);
if ($technicalContactEmail && $technicalContactEmail !== '*****@*****.**') {
$metaBuilder->addContact('technical', \SimpleSAML\Utils\Config\Metadata::getContact(array('emailAddress' => $technicalContactEmail, 'name' => $config->getString('technicalcontact_name', null), 'contactType' => 'technical')));
}
$output_xhtml = array_key_exists('output', $_GET) && $_GET['output'] == 'xhtml';
$metaxml = $metaBuilder->getEntityDescriptorText($output_xhtml);
if (!$output_xhtml) {
$metaxml = str_replace("\n", '', $metaxml);
}
// sign the metadata if enabled
$metaxml = SimpleSAML_Metadata_Signer::sign($metaxml, $idpmeta->toArray(), 'ADFS IdP');
if ($output_xhtml) {
$defaultidp = $config->getString('default-adfs-idp', null);
$t = new SimpleSAML_XHTML_Template($config, 'metadata.php', 'admin');
$t->data['clipboard.js'] = true;
$t->data['available_certs'] = $availableCerts;
$t->data['header'] = 'adfs-idp';
// TODO: Replace with headerString in 2.0
$t->data['headerString'] = $t->noop('metadata_adfs-idp');
$t->data['metaurl'] = \SimpleSAML\Utils\HTTP::getSelfURLNoQuery();
$t->data['metadata'] = htmlspecialchars($metaxml);
$t->data['metadataflat'] = htmlspecialchars($metaflat);
$t->data['defaultidp'] = $defaultidp;
$t->show();
} else {
header('Content-Type: application/xml');
// make sure to export only the md:EntityDescriptor
$metaxml = substr($metaxml, strpos($metaxml, '<md:EntityDescriptor'));
// 22 = strlen('</md:EntityDescriptor>')
} elseif (array_key_exists('RedirInfo', $_REQUEST)) {
$encData = base64_decode($_REQUEST['RedirInfo']);
if (empty($encData)) {
throw new SimpleSAML_Error_BadRequest('Invalid RedirInfo data.');
}
list($sessionId, $postId) = explode(':', SimpleSAML\Utils\Crypto::aesDecrypt($encData));
if (empty($sessionId) || empty($postId)) {
throw new SimpleSAML_Error_BadRequest('Invalid session info data.');
}
$session = SimpleSAML_Session::getSession($sessionId);
} else {
throw new SimpleSAML_Error_BadRequest('Missing redirection info parameter.');
}
if ($session === NULL) {
throw new Exception('Unable to load session.');
}
$postData = $session->getData('core_postdatalink', $postId);
if ($postData === NULL) {
/* The post data is missing, probably because it timed out. */
throw new Exception('The POST data we should restore was lost.');
}
$session->deleteData('core_postdatalink', $postId);
assert('is_array($postData)');
assert('array_key_exists("url", $postData)');
assert('array_key_exists("post", $postData)');
$config = SimpleSAML_Configuration::getInstance();
$p = new SimpleSAML_XHTML_Template($config, 'post.php');
$p->data['destination'] = $postData['url'];
$p->data['post'] = $postData['post'];
$p->show();
exit(0);
/**
* Display this error.
*
* This method displays a standard SimpleSAMLphp error page and exits.
*/
public function show()
{
$this->setHTTPCode();
// log the error message
$this->logError();
$errorData = $this->saveError();
$config = SimpleSAML_Configuration::getInstance();
$data['showerrors'] = $config->getBoolean('showerrors', true);
$data['error'] = $errorData;
$data['errorCode'] = $this->errorCode;
$data['parameters'] = $this->parameters;
$data['module'] = $this->module;
$data['dictTitle'] = $this->dictTitle;
$data['dictDescr'] = $this->dictDescr;
$data['includeTemplate'] = $this->includeTemplate;
$data['clipboard.js'] = true;
// check if there is a valid technical contact email address
if ($config->getBoolean('errorreporting', true) && $config->getString('technicalcontact_email', '*****@*****.**') !== '*****@*****.**') {
// enable error reporting
$baseurl = \SimpleSAML\Utils\HTTP::getBaseURL();
$data['errorReportAddress'] = $baseurl . 'errorreport.php';
}
$data['email'] = '';
$session = SimpleSAML_Session::getSessionFromRequest();
$authorities = $session->getAuthorities();
foreach ($authorities as $authority) {
$attributes = $session->getAuthData($authority, 'Attributes');
if ($attributes !== null && array_key_exists('mail', $attributes) && count($attributes['mail']) > 0) {
$data['email'] = $attributes['mail'][0];
break;
// enough, don't need to get all available mails, if more than one
}
}
$show_function = $config->getArray('errors.show_function', null);
if (isset($show_function)) {
assert('is_callable($show_function)');
call_user_func($show_function, $config, $data);
assert('FALSE');
} else {
$t = new SimpleSAML_XHTML_Template($config, 'error.php', 'errors');
$t->data = array_merge($t->data, $data);
$t->show();
}
exit;
}
* @category SimpleSAMLphp
* @package JANUS
* @subpackage Core
* @author Jacob Christiansen <*****@*****.**>
* @copyright 2009 Jacob Christiansen
* @license http://www.opensource.org/licenses/mit-license.php MIT License
* @link http://github.com/janus-ssp/janus/
* @since File available since Release 1.5.1
*/
require __DIR__ . '/_includes.php';
// Initial setup
$config = SimpleSAML_Configuration::getInstance();
$janus_config = sspmod_janus_DiContainer::getInstance()->getConfig();
$authsource = $janus_config->getValue('auth', 'login-admin');
$useridattr = $janus_config->getValue('useridattr', 'eduPersonPrincipalName');
$et = new SimpleSAML_XHTML_Template($config, 'janus:editentity.php', 'janus:editentity');
$as = new SimpleSAML_Auth_Simple($authsource);
// Validate user
if ($as->isAuthenticated()) {
$attributes = $as->getAttributes();
// Check if userid exists
if (!isset($attributes[$useridattr])) {
throw new Exception('User ID is missing');
}
$userid = $attributes[$useridattr][0];
} else {
echo $et->t('error_no_access');
exit;
}
// Get Entity controller
$mcontroller = sspmod_janus_DiContainer::getInstance()->getEntityController();
/**
* Do a POST redirect to a page.
*
* This function never returns.
*
* @param string $destination The destination URL.
* @param array $post An array of name-value pairs which will be posted.
*/
public static function postRedirect($destination, $post)
{
assert('is_string($destination)');
assert('is_array($post)');
$config = SimpleSAML_Configuration::getInstance();
$httpRedirect = $config->getBoolean('enable.http_post', FALSE);
if ($httpRedirect && preg_match("#^http:#", $destination) && self::isHTTPS()) {
$url = self::createHttpPostRedirectLink($destination, $post);
self::redirect($url);
assert('FALSE');
}
$p = new SimpleSAML_XHTML_Template($config, 'post.php');
$p->data['destination'] = $destination;
$p->data['post'] = $post;
$p->show();
exit(0);
}
}
$liveClients = array();
foreach ($user['clients'] as $id) {
$client = $clientStore->getClient($id);
if (!is_null($client)) {
array_push($clients, $client);
array_push($liveClients, $client['id']);
}
}
if (count($liveAuthorizationCodes) != count($user['authorizationCodes']) || count($liveRefreshTokens) != count($user['refreshTokens']) || count($liveAccessTokens) != count($user['accessTokens']) || count($liveClients) != count($user['clients'])) {
$user['authorizationCodes'] = $liveAuthorizationCodes;
$user['refreshTokens'] = $liveRefreshTokens;
$user['accessTokens'] = $liveAccessTokens;
$user['clients'] = $liveClients;
$userStore->updateUser($user);
}
}
$t = new SimpleSAML_XHTML_Template($globalConfig, 'oauth2server:manage/status.php');
$t->data['authorizationCodes'] = $authorizationCodes;
$t->data['refreshTokens'] = $refreshTokens;
$t->data['accessTokens'] = $accessTokens;
if ($config->getValue('enable_client_registration', false)) {
$t->data['clients'] = $clients;
foreach ($clients as $client) {
$t->includeInlineTranslation('{oauth2server:oauth2server:client_description_' . $client['id'] . '}', $client['description']);
}
}
$t->data['statusForm'] = SimpleSAML_Module::getModuleURL('oauth2server/manage/status.php');
$t->data['tokenForm'] = SimpleSAML_Module::getModuleURL('oauth2server/manage/token.php');
$t->data['clientForm'] = SimpleSAML_Module::getModuleURL('oauth2server/manage/client.php');
$t->show();
/**
* Handles a request to this discovery service.
*
* The IdP disco parameters should be set before calling this function.
*/
public function handleRequest()
{
$this->start();
// no choice made. Show discovery service page
$idpList = $this->getIdPList();
$idpList = $this->idplistStructured($this->filterList($idpList));
$preferredIdP = $this->getRecommendedIdP();
$t = new SimpleSAML_XHTML_Template($this->config, 'discopower:disco-tpl.php', 'disco');
$t->data['idplist'] = $idpList;
$t->data['preferredidp'] = $preferredIdP;
$t->data['return'] = $this->returnURL;
$t->data['returnIDParam'] = $this->returnIdParam;
$t->data['entityID'] = $this->spEntityId;
$t->data['urlpattern'] = htmlspecialchars(\SimpleSAML\Utils\HTTP::getSelfURLNoQuery());
$t->data['rememberenabled'] = $this->config->getBoolean('idpdisco.enableremember', false);
$t->data['rememberchecked'] = $this->config->getBoolean('idpdisco.rememberchecked', false);
$t->data['defaulttab'] = $this->discoconfig->getValue('defaulttab', 0);
$t->data['score'] = $this->discoconfig->getValue('score', 'quicksilver');
$t->show();
}
/* Get all metadata for the entities. */
foreach ($entities as &$entity) {
$entity = array('shib13-sp-remote' => $entity->getMetadata1xSP(), 'shib13-idp-remote' => $entity->getMetadata1xIdP(), 'saml20-sp-remote' => $entity->getMetadata20SP(), 'saml20-idp-remote' => $entity->getMetadata20IdP());
}
/* Transpose from $entities[entityid][type] to $output[type][entityid]. */
$output = SimpleSAML\Utils\Arrays::transpose($entities);
/* Merge all metadata of each type to a single string which should be
* added to the corresponding file.
*/
foreach ($output as $type => &$entities) {
$text = '';
foreach ($entities as $entityId => $entityMetadata) {
if ($entityMetadata === NULL) {
continue;
}
/* Remove the entityDescriptor element because it is unused, and only
* makes the output harder to read.
*/
unset($entityMetadata['entityDescriptor']);
$text .= '$metadata[' . var_export($entityId, TRUE) . '] = ' . var_export($entityMetadata, TRUE) . ";\n";
}
$entities = $text;
}
} else {
$xmldata = '';
$output = array();
}
$template = new SimpleSAML_XHTML_Template($config, 'metadata-converter.php', 'admin');
$template->data['xmldata'] = $xmldata;
$template->data['output'] = $output;
$template->show();
/**
* Submit a POST form to a specific destination.
*
* This function never returns.
*
* @param string $destination The destination URL.
* @param array $data An associative array with the data to be posted to $destination.
*
* @throws \InvalidArgumentException If $destination is not a string or $data is not an array.
*
* @author Olav Morken, UNINETT AS <*****@*****.**>
* @author Andjelko Horvat
* @author Jaime Perez, UNINETT AS <*****@*****.**>
*/
public static function submitPOSTData($destination, $data)
{
if (!is_string($destination) || !is_array($data)) {
throw new \InvalidArgumentException('Invalid input parameters.');
}
$config = \SimpleSAML_Configuration::getInstance();
$allowed = $config->getBoolean('enable.http_post', false);
if ($allowed && preg_match("#^http:#", $destination) && self::isHTTPS()) {
// we need to post the data to HTTP
self::redirect(self::getSecurePOSTRedirectURL($destination, $data));
}
$p = new \SimpleSAML_XHTML_Template($config, 'post.php');
$p->data['destination'] = $destination;
$p->data['post'] = $data;
$p->show();
exit(0);
}
foreach ($state['core:Logout-IFrame:Associations'] as $assocId => &$sp) {
if ($sp['core:Logout-IFrame:State'] !== 'inprogress') {
/* This SP isn't logging out. */
continue;
}
try {
$assocIdP = SimpleSAML_IdP::getByState($sp);
$url = call_user_func(array($sp['Handler'], 'getLogoutURL'), $assocIdP, $sp, NULL);
$sp['core:Logout-IFrame:URL'] = $url;
} catch (Exception $e) {
$sp['core:Logout-IFrame:State'] = 'failed';
}
}
}
$id = SimpleSAML_Auth_State::saveState($state, 'core:Logout-IFrame');
$globalConfig = SimpleSAML_Configuration::getInstance();
if ($type === 'nojs') {
$t = new SimpleSAML_XHTML_Template($globalConfig, 'core:logout-iframe-wrapper.php');
$t->data['id'] = $id;
$t->data['SPs'] = $state['core:Logout-IFrame:Associations'];
$t->show();
exit(0);
}
$t = new SimpleSAML_XHTML_Template($globalConfig, 'core:logout-iframe.php');
$t->data['id'] = $id;
$t->data['type'] = $type;
$t->data['from'] = $state['core:Logout-IFrame:From'];
$t->data['SPs'] = $state['core:Logout-IFrame:Associations'];
$t->data['jquery'] = array('version' => '1.6', 'core' => TRUE, 'ui' => FALSE, 'css' => FALSE);
$t->show();
exit(0);
/**
* Recursiv attribute array listing function
*
* @param SimpleSAML_XHTML_Template $t Template object
* @param array $attributes Attributes to be presented
* @param string $nameParent Name of parent element
*
* @return string HTML representation of the attributes
*/
function present_attributes($t, $attributes, $nameParent)
{
$alternate = array('odd', 'even');
$i = 0;
$summary = 'summary="' . $t->t('{consent:consent:table_summary}') . '"';
if (strlen($nameParent) > 0) {
$parentStr = strtolower($nameParent) . '_';
$str = '<table class="attributes" ' . $summary . '>';
} else {
$parentStr = '';
$str = '<table id="table_with_attributes" class="attributes" ' . $summary . '>';
$str .= "\n" . '<caption>' . $t->t('{consent:consent:table_caption}') . '</caption>';
}
foreach ($attributes as $name => $value) {
$nameraw = $name;
$name = $t->getAttributeTranslation($parentStr . $nameraw);
if (preg_match('/^child_/', $nameraw)) {
// Insert child table
$parentName = preg_replace('/^child_/', '', $nameraw);
foreach ($value as $child) {
$str .= "\n" . '<tr class="odd"><td style="padding: 2em">' . present_attributes($t, $child, $parentName) . '</td></tr>';
}
} else {
// Insert values directly
$str .= "\n" . '<tr class="' . $alternate[$i++ % 2] . '"><td><span class="attrname">' . htmlspecialchars($name) . '</span>';
$isHidden = in_array($nameraw, $t->data['hiddenAttributes'], true);
if ($isHidden) {
$hiddenId = SimpleSAML_Utilities::generateID();
$str .= '<div class="attrvalue" style="display: none;" id="hidden_' . $hiddenId . '">';
} else {
$str .= '<div class="attrvalue">';
}
if (sizeof($value) > 1) {
// We hawe several values
$str .= '<ul>';
foreach ($value as $listitem) {
if ($nameraw === 'jpegPhoto') {
$str .= '<li><img src="data:image/jpeg;base64,' . htmlspecialchars($listitem) . '" alt="User photo" /></li>';
} else {
$str .= '<li>' . htmlspecialchars($listitem) . '</li>';
}
}
$str .= '</ul>';
} elseif (isset($value[0])) {
// We hawe only one value
if ($nameraw === 'jpegPhoto') {
$str .= '<img src="data:image/jpeg;base64,' . htmlspecialchars($value[0]) . '" alt="User photo" />';
} else {
$str .= htmlspecialchars($value[0]);
}
}
// end of if multivalue
$str .= '</div>';
if ($isHidden) {
$str .= '<div class="attrvalue consent_showattribute" id="visible_' . $hiddenId . '">';
$str .= '... ';
$str .= '<a class="consent_showattributelink" href="javascript:SimpleSAML_show(\'hidden_' . $hiddenId . '\'); SimpleSAML_hide(\'visible_' . $hiddenId . '\');">';
$str .= $t->t('{consent:consent:show_attribute}');
$str .= '</a>';
$str .= '</div>';
}
$str .= '</td></tr>';
}
// end else: not child table
}
// end foreach
$str .= isset($attributes) ? '</table>' : '';
return $str;
}
