<?php /** * * * @author Mathias Meisfjordskar, University of Oslo. * <*****@*****.**> * @package simpleSAMLphp */ $params = array('secure' => FALSE, 'httponly' => TRUE); SimpleSAML_Utilities::setCookie('NEGOTIATE_AUTOLOGIN_DISABLE_PERMANENT', NULL, $params, FALSE); $globalConfig = SimpleSAML_Configuration::getInstance(); $session = SimpleSAML_Session::getSessionFromRequest(); $session->setData('negotiate:disable', 'session', FALSE, 24 * 60 * 60); $t = new SimpleSAML_XHTML_Template($globalConfig, 'negotiate:enable.php'); $t->show();
$organization = $_REQUEST['organization']; } elseif (isset($state['core:organization'])) { $organization = (string) $state['core:organization']; } else { $organization = ''; } $errorCode = NULL; $errorParams = NULL; if ($organizations === NULL || !empty($organization)) { if (!empty($username) && !empty($password)) { if ($source->getRememberUsernameEnabled()) { $sessionHandler = SimpleSAML_SessionHandler::getSessionHandler(); $params = $sessionHandler->getCookieParams(); $params['expire'] = time(); $params['expire'] += isset($_REQUEST['remember_username']) && $_REQUEST['remember_username'] == 'Yes' ? 31536000 : -300; SimpleSAML_Utilities::setCookie($source->getAuthId() . '-username', $username, $params, FALSE); } try { sspmod_core_Auth_UserPassOrgBase::handleLogin($authStateId, $username, $password, $organization); } catch (SimpleSAML_Error_Error $e) { /* Login failed. Extract error code and parameters, to display the error. */ $errorCode = $e->getErrorCode(); $errorParams = $e->getParameters(); } } } $globalConfig = SimpleSAML_Configuration::getInstance(); $t = new SimpleSAML_XHTML_Template($globalConfig, 'core:loginuserpass.php'); $t->data['stateparams'] = array('AuthState' => $authStateId); $t->data['username'] = $username; $t->data['forceUsername'] = FALSE;
/** * Save the current IdP choice to a cookie. * * This function overrides the corresponding function in the parent class, * to add support for common domain cookie. * * @param string $idp The entityID of the IdP. */ protected function setPreviousIdP($idp) { assert('is_string($idp)'); if ($this->cdcDomain === NULL) { parent::setPreviousIdP($idp); return; } $list = $this->getCDC(); $prevIndex = array_search($idp, $list, TRUE); if ($prevIndex !== FALSE) { unset($list[$prevIndex]); } $list[] = $idp; foreach ($list as &$value) { $value = base64_encode($value); } $newCookie = implode(' ', $list); while (strlen($newCookie) > 4000) { /* The cookie is too long. Remove the oldest elements until it is short enough. */ $tmp = explode(' ', $newCookie, 2); if (count($tmp) === 1) { /* * We are left with a single entityID whose base64 * representation is too long to fit in a cookie. */ break; } $newCookie = $tmp[1]; } $params = array('lifetime' => $this->cdcLifetime, 'domain' => $this->cdcDomain, 'secure' => TRUE, 'httponly' => FALSE); SimpleSAML_Utilities::setCookie('_saml_idp', $newCookie, $params, FALSE); }
/** * Set the user-selected language in a cookie. * * @param string $language The language. */ public static function setLanguageCookie($language) { assert('is_string($language)'); $language = strtolower($language); $config = SimpleSAML_Configuration::getInstance(); $availableLanguages = $config->getArray('language.available', array('en')); if (!in_array($language, $availableLanguages, TRUE) || headers_sent()) { return; } $name = $config->getString('language.cookie.name', 'language'); $params = array('lifetime' => $config->getInteger('language.cookie.lifetime', 60 * 60 * 24 * 900), 'domain' => $config->getString('language.cookie.domain', NULL), 'path' => $config->getString('language.cookie.path', '/'), 'httponly' => FALSE); SimpleSAML_Utilities::setCookie($name, $language, $params, FALSE); }
/** * Helper function for setting a cookie. * * @param string $name Name of the cookie. * @param string|null $value Value of the cookie. Set this to null to * delete the cookie. * * @return void */ private function _setConsentCookie($name, $value) { assert('is_string($name)'); assert('is_string($value) || is_null($value)'); $globalConfig = SimpleSAML_Configuration::getInstance(); $params = array('lifetime' => 90 * 24 * 60 * 60, 'path' => '/' . $globalConfig->getBaseURL(), 'httponly' => FALSE); if (SimpleSAML_Utilities::isHTTPS()) { /* Enable secure cookie for https-requests. */ $params['secure'] = true; } else { $params['secure'] = false; } SimpleSAML_Utilities::setCookie($name, $value, $params, FALSE); }
/** * Build a CDC cookie string. * * @param array $list The list of IdPs. * @return string The CDC cookie value. */ function setCDC(array $list) { foreach ($list as &$value) { $value = base64_encode($value); } $cookie = implode(' ', $list); while (strlen($cookie) > 4000) { /* The cookie is too long. Remove the oldest elements until it is short enough. */ $tmp = explode(' ', $cookie, 2); if (count($tmp) === 1) { /* * We are left with a single entityID whose base64 * representation is too long to fit in a cookie. */ break; } $cookie = $tmp[1]; } $params = array('lifetime' => $this->cookieLifetime, 'path' => '/', 'domain' => '.' . $this->domain, 'secure' => TRUE, 'httponly' => FALSE); SimpleSAML_Utilities::setCookie('_saml_idp', $cookie, $params, FALSE); }
<?php require_once '_include.php'; /** * This page clears the user's IdP discovery choices. */ /* The base path for cookies. This should be the installation directory for simpleSAMLphp. */ $config = SimpleSAML_Configuration::getInstance(); $cookiePath = '/' . $config->getBaseUrl(); /* We delete all cookies which starts with 'idpdisco_' */ foreach ($_COOKIE as $cookieName => $value) { if (substr($cookieName, 0, 9) !== 'idpdisco_') { /* Not a idpdisco cookie. */ continue; } /* Delete the cookie. We delete it once without the secure flag and once with the secure flag. This * ensures that the cookie will be deleted in any case. */ SimpleSAML_Utilities::setCookie($cookieName, NULL, array('path' => $cookiePath, 'httponly' => FALSE), FALSE); } /* Find where we should go now. */ if (array_key_exists('ReturnTo', $_REQUEST)) { $returnTo = SimpleSAML_Utilities::checkURLAllowed($_REQUEST['ReturnTo']); } else { /* Return to the front page if no other destination is given. This is the same as the base cookie path. */ $returnTo = $cookiePath; } /* Redirect to destination. */ SimpleSAML_Utilities::redirectTrustedURL($returnTo);
/** * Set the previous authentication source. * * This method remembers the authentication source that the user selected * by storing its name in a cookie. * * @param string $source Name of the authentication source the user selected. */ public function setPreviousSource($source) { assert('is_string($source)'); $cookieName = 'multiauth_source_' . $this->authId; $config = SimpleSAML_Configuration::getInstance(); $params = array('lifetime' => 60 * 60 * 24 * 90, 'path' => '/' . $config->getBaseUrl(), 'httponly' => FALSE); SimpleSAML_Utilities::setCookie($cookieName, $source, $params, FALSE); }
/** * Save cookie with the given name and value. * * This function will save a cookie with the given name and value for the current discovery * service type. * * @param $name The name of the cookie. * @param $value The value of the cookie. */ protected function setCookie($name, $value) { $prefixedName = 'idpdisco_' . $this->instance . '_' . $name; $params = array('lifetime' => 60 * 60 * 24 * 90, 'path' => '/' . $this->config->getBaseUrl(), 'httponly' => FALSE); SimpleSAML_Utilities::setCookie($prefixedName, $value, $params, FALSE); }
/** * Set a session cookie. * * @param string $name The name of the session cookie. * @param string|NULL $value The value of the cookie. Set to NULL to delete the cookie. */ public function setCookie($name, $value, array $params = NULL) { assert('is_string($name)'); assert('is_string($value) || is_null($value)'); if ($params !== NULL) { $params = array_merge($this->getCookieParams(), $params); } else { $params = $this->getCookieParams(); } SimpleSAML_Utilities::setCookie($name, $value, $params); }