/** * Ajax compatible redirect method * * @param string $url * @param array $params * @param bool $isAjax */ function redirectTrustedUrl($url, array $params = array(), $isAjax = false) { if ($isAjax) { $redirectUrl = str_replace(TAB_AJAX_CONTENT_PREFIX, '', $url) . '?' . http_build_query($params); die('<script type="text/javascript">window.location =\'' . $redirectUrl . '\';</script>'); } else { SimpleSAML_Utilities::redirectTrustedUrl($url, $params); } }
$session = SimpleSAML_Session::getSessionFromRequest(); $config = SimpleSAML_Configuration::getInstance(); $janus_config = sspmod_janus_DiContainer::getInstance()->getConfig(); $authsource = $janus_config->getValue('auth', 'login-admin'); $useridattr = $janus_config->getValue('useridattr', 'eduPersonPrincipalName'); $as = new SimpleSAML_Auth_Simple($authsource); if ($as->isAuthenticated()) { $attributes = $as->getAttributes(); // Check if userid exists if (!isset($attributes[$useridattr])) { throw new Exception('User ID is missing'); } $userid = $attributes[$useridattr][0]; } else { $session->setData('string', 'refURL', SimpleSAML_Utilities::selfURL()); SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/index.php')); } if (isset($_GET['eid'])) { $eid = $_GET['eid']; } else { throw new SimpleSAML_Error_Exception('Eid must be set'); } if (isset($_GET['revisionid'])) { $revisionid = $_GET['revisionid']; } else { throw new SimpleSAML_Error_Exception('Revisionid must be set'); } $md_options = $janus_config->getValue('mdexport.default_options'); $metaxml = sspmod_janus_MetaExport::getReadableXMLMetadata($eid, $revisionid, array('maxCache' => $md_options['maxCache'], 'maxDuration' => $md_options['maxDuration'])); $metaflat = sspmod_janus_MetaExport::getFlatMetadata($eid, $revisionid); $metaarray = sspmod_janus_MetaExport::getPHPArrayMetadata($eid, $revisionid);
throw new SimpleSAML_Error_BadRequest('Missing valid csrf token!'); } // Update entity if updated if ($update) { $entityController->saveEntity(); $entityController->loadEntity(); $entity = $entityController->getEntity(); // Notify users who have asked to be updated when $pm = new sspmod_janus_Postman(); $addresses[] = 'ENTITYUPDATE-' . $entity->getEid(); $editLink = SimpleSAML_Module::getModuleURL('janus/editentity.php', array('eid' => $entity->getEid(), 'revisionid' => $entity->getRevisionid())); $pm->post('Entity updated - ' . $entity->getEntityid(), 'Permalink: <a href="' . htmlspecialchars($editLink) . '">' . htmlspecialchars($editLink) . '</a><br /><br />' . htmlspecialchars($entity->getRevisionnote()) . '<br /><br />' . htmlspecialchars($note), $addresses, $user->getUid()); } $session->deleteData('string', 'meta_xml'); $session->deleteData('string', 'meta_json'); SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/editentity.php'), array('eid' => $entity->getEid(), 'revisionid' => $entity->getRevisionid())); exit; } $et->data['update'] = $update; $newMetadata = $entityController->getMetaArray(); unset($newMetadata['attributes']); $newMetadata = $converter->execute($newMetadata); $et->data['new'] = $newMetadata; $et->data['newArp'] = $entityController->getArpAttributes(); $et->data['newAcl'] = array('AllowedAll' => $entityController->getAllowedAll(), 'Allowed' => array_map(function ($allowedEntity) use($janusConfig) { // @todo this is very inefficient for large sets $controller = sspmod_janus_DiContainer::getInstance()->getEntityController(); $controller->setEntity($allowedEntity['remoteeid']); return $controller->getEntity()->getPrettyname(); }, $entityController->getAllowedEntities()), 'Blocked' => array_map(function ($blockedEntity) use($janusConfig) { // @todo this is very inefficient for large sets
// Check if userid exists if (!isset($attributes[$useridattr])) { throw new Exception('User ID is missing'); } $userid = $attributes[$useridattr][0]; } else { $returnURL = $session->getData('string', 'refURL'); if (is_null($returnURL)) { $returnURL = SimpleSAML_Utilities::selfURL(); } else { $session->deleteData('string', 'refURL'); } SimpleSAML_Auth_Default::initLogin($authsource, $returnURL, NULL, $_GET); } $user = new sspmod_janus_User(); $user->setUserid($userid); if (!$user->load(sspmod_janus_User::USERID_LOAD)) { $autocreatenewuser = $janus_config->getValue('user.autocreate', false); if ($autocreatenewuser) { SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/newUser.php'), array('userid' => $userid)); } else { SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/noNewUser.php'), array('userid' => $userid)); } } else { if ($user->getActive() === 'yes') { SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/dashboard.php/entities')); } else { $session->doLogout(); SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/index.php?error=error_index_user_inactive')); } }
<?php require __DIR__ . '/_includes.php'; $session = SimpleSAML_Session::getInstance(); $janusConfig = sspmod_janus_DiContainer::getInstance()->getConfig(); $authSource = $janusConfig->getValue('auth', 'login-admin'); // Validate user if (!$session->isValid($authSource)) { SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/index.php', array('selectedtab' => "'federation'"))); } $entities = array(); $util = new sspmod_janus_AdminUtil(); $userController = sspmod_janus_DiContainer::getInstance()->getUserController(); $entities = array_merge($userController->searchEntitiesByType('saml20-idp'), $userController->searchEntitiesByType('saml20-sp')); foreach ($entities as $entity) { /** * @var sspmod_janus_Entity $entity */ $entityId = $entity->getEid(); $entityController = sspmod_janus_DiContainer::getInstance()->getEntityController(); $entityController->setEntity($entityId); $entityController->loadEntity(); $controllerEntity = $entityController->getEntity(); $entityType = $controllerEntity->getType(); if (!isset($entities[$entityType])) { $entities[$entityType] = array(); } $entities_info[$entityType][] = array('Id' => $controllerEntity->getEntityid(), 'Name' => $controllerEntity->getPrettyname(), 'WorkflowStatus' => $controllerEntity->getWorkflow(), 'MetadataUrl' => $controllerEntity->getMetadataURL(), 'Eid' => $controllerEntity->getEid()); } ksort($entities_info); $template = new SimpleSAML_XHTML_Template(SimpleSAML_Configuration::getInstance(), 'janus:show-entities-validation.php', 'janus:show-entities-validation');
$entity->setRevisionnote($_POST['revisionnote']); } // Update entity if updated if ($update) { $entityController->saveEntity(); $entityController->loadEntity(); $pm = new sspmod_janus_Postman(); $addresses[] = 'ENTITYUPDATE-' . $eid; $directlink = SimpleSAML_Module::getModuleURL('janus/editentity.php', array('eid' => $entity->getEid(), 'revisionid' => $entity->getRevisionid())); $pm->post('Entity updated - ' . $entity->getEntityid(), 'Permalink: <a href="' . htmlspecialchars($directlink) . '">' . htmlspecialchars($directlink) . '</a><br /><br />' . htmlspecialchars($entity->getRevisionnote()) . '<br /><br />' . htmlspecialchars($note), $addresses, $user->getUid()); } if ($redirectToImport) { $entity = $entityController->getEntity(); SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/importentity.php'), array('eid' => $entity->getEid())); } else { SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Utilities::selfURLNoQuery(), array('eid' => $eid, 'msg' => $msg, 'selectedtab' => isset($_POST['selectedtab']) ? (int) $_POST['selectedtab'] : 0)); } } // Get remote entities if ($entity->getType() == 'saml20-sp') { $remoteTypes = array('saml20-idp', 'shib13-idp'); } else { if ($entity->getType() == 'saml20-idp') { $remoteTypes = array('saml20-sp', 'shib13-sp'); } else { if ($entity->getType() == 'shib13-sp') { $remoteTypes = array('saml20-idp', 'shib13-idp'); } else { if ($entity->getType() == 'shib13-idp') { $remoteTypes = array('saml20-sp', 'shib13-sp'); } else {