<?php
/**
*
*
* @author Mathias Meisfjordskar, University of Oslo.
* <*****@*****.**>
* @package simpleSAMLphp
*/
$params = array('secure' => FALSE, 'httponly' => TRUE);
SimpleSAML_Utilities::setCookie('NEGOTIATE_AUTOLOGIN_DISABLE_PERMANENT', NULL, $params, FALSE);
$globalConfig = SimpleSAML_Configuration::getInstance();
$session = SimpleSAML_Session::getSessionFromRequest();
$session->setData('negotiate:disable', 'session', FALSE, 24 * 60 * 60);
$t = new SimpleSAML_XHTML_Template($globalConfig, 'negotiate:enable.php');
$t->show();
$organization = $_REQUEST['organization'];
} elseif (isset($state['core:organization'])) {
$organization = (string) $state['core:organization'];
} else {
$organization = '';
}
$errorCode = NULL;
$errorParams = NULL;
if ($organizations === NULL || !empty($organization)) {
if (!empty($username) && !empty($password)) {
if ($source->getRememberUsernameEnabled()) {
$sessionHandler = SimpleSAML_SessionHandler::getSessionHandler();
$params = $sessionHandler->getCookieParams();
$params['expire'] = time();
$params['expire'] += isset($_REQUEST['remember_username']) && $_REQUEST['remember_username'] == 'Yes' ? 31536000 : -300;
SimpleSAML_Utilities::setCookie($source->getAuthId() . '-username', $username, $params, FALSE);
}
try {
sspmod_core_Auth_UserPassOrgBase::handleLogin($authStateId, $username, $password, $organization);
} catch (SimpleSAML_Error_Error $e) {
/* Login failed. Extract error code and parameters, to display the error. */
$errorCode = $e->getErrorCode();
$errorParams = $e->getParameters();
}
}
}
$globalConfig = SimpleSAML_Configuration::getInstance();
$t = new SimpleSAML_XHTML_Template($globalConfig, 'core:loginuserpass.php');
$t->data['stateparams'] = array('AuthState' => $authStateId);
$t->data['username'] = $username;
$t->data['forceUsername'] = FALSE;
/**
* Save the current IdP choice to a cookie.
*
* This function overrides the corresponding function in the parent class,
* to add support for common domain cookie.
*
* @param string $idp The entityID of the IdP.
*/
protected function setPreviousIdP($idp)
{
assert('is_string($idp)');
if ($this->cdcDomain === NULL) {
parent::setPreviousIdP($idp);
return;
}
$list = $this->getCDC();
$prevIndex = array_search($idp, $list, TRUE);
if ($prevIndex !== FALSE) {
unset($list[$prevIndex]);
}
$list[] = $idp;
foreach ($list as &$value) {
$value = base64_encode($value);
}
$newCookie = implode(' ', $list);
while (strlen($newCookie) > 4000) {
/* The cookie is too long. Remove the oldest elements until it is short enough. */
$tmp = explode(' ', $newCookie, 2);
if (count($tmp) === 1) {
/*
* We are left with a single entityID whose base64
* representation is too long to fit in a cookie.
*/
break;
}
$newCookie = $tmp[1];
}
$params = array('lifetime' => $this->cdcLifetime, 'domain' => $this->cdcDomain, 'secure' => TRUE, 'httponly' => FALSE);
SimpleSAML_Utilities::setCookie('_saml_idp', $newCookie, $params, FALSE);
}
/**
* Set the user-selected language in a cookie.
*
* @param string $language The language.
*/
public static function setLanguageCookie($language)
{
assert('is_string($language)');
$language = strtolower($language);
$config = SimpleSAML_Configuration::getInstance();
$availableLanguages = $config->getArray('language.available', array('en'));
if (!in_array($language, $availableLanguages, TRUE) || headers_sent()) {
return;
}
$name = $config->getString('language.cookie.name', 'language');
$params = array('lifetime' => $config->getInteger('language.cookie.lifetime', 60 * 60 * 24 * 900), 'domain' => $config->getString('language.cookie.domain', NULL), 'path' => $config->getString('language.cookie.path', '/'), 'httponly' => FALSE);
SimpleSAML_Utilities::setCookie($name, $language, $params, FALSE);
}
/**
* Helper function for setting a cookie.
*
* @param string $name Name of the cookie.
* @param string|null $value Value of the cookie. Set this to null to
* delete the cookie.
*
* @return void
*/
private function _setConsentCookie($name, $value)
{
assert('is_string($name)');
assert('is_string($value) || is_null($value)');
$globalConfig = SimpleSAML_Configuration::getInstance();
$params = array('lifetime' => 90 * 24 * 60 * 60, 'path' => '/' . $globalConfig->getBaseURL(), 'httponly' => FALSE);
if (SimpleSAML_Utilities::isHTTPS()) {
/* Enable secure cookie for https-requests. */
$params['secure'] = true;
} else {
$params['secure'] = false;
}
SimpleSAML_Utilities::setCookie($name, $value, $params, FALSE);
}
/**
* Build a CDC cookie string.
*
* @param array $list The list of IdPs.
* @return string The CDC cookie value.
*/
function setCDC(array $list)
{
foreach ($list as &$value) {
$value = base64_encode($value);
}
$cookie = implode(' ', $list);
while (strlen($cookie) > 4000) {
/* The cookie is too long. Remove the oldest elements until it is short enough. */
$tmp = explode(' ', $cookie, 2);
if (count($tmp) === 1) {
/*
* We are left with a single entityID whose base64
* representation is too long to fit in a cookie.
*/
break;
}
$cookie = $tmp[1];
}
$params = array('lifetime' => $this->cookieLifetime, 'path' => '/', 'domain' => '.' . $this->domain, 'secure' => TRUE, 'httponly' => FALSE);
SimpleSAML_Utilities::setCookie('_saml_idp', $cookie, $params, FALSE);
}
<?php
require_once '_include.php';
/**
* This page clears the user's IdP discovery choices.
*/
/* The base path for cookies. This should be the installation directory for simpleSAMLphp. */
$config = SimpleSAML_Configuration::getInstance();
$cookiePath = '/' . $config->getBaseUrl();
/* We delete all cookies which starts with 'idpdisco_' */
foreach ($_COOKIE as $cookieName => $value) {
if (substr($cookieName, 0, 9) !== 'idpdisco_') {
/* Not a idpdisco cookie. */
continue;
}
/* Delete the cookie. We delete it once without the secure flag and once with the secure flag. This
* ensures that the cookie will be deleted in any case.
*/
SimpleSAML_Utilities::setCookie($cookieName, NULL, array('path' => $cookiePath, 'httponly' => FALSE), FALSE);
}
/* Find where we should go now. */
if (array_key_exists('ReturnTo', $_REQUEST)) {
$returnTo = SimpleSAML_Utilities::checkURLAllowed($_REQUEST['ReturnTo']);
} else {
/* Return to the front page if no other destination is given. This is the same as the base cookie path. */
$returnTo = $cookiePath;
}
/* Redirect to destination. */
SimpleSAML_Utilities::redirectTrustedURL($returnTo);
/**
* Set the previous authentication source.
*
* This method remembers the authentication source that the user selected
* by storing its name in a cookie.
*
* @param string $source Name of the authentication source the user selected.
*/
public function setPreviousSource($source)
{
assert('is_string($source)');
$cookieName = 'multiauth_source_' . $this->authId;
$config = SimpleSAML_Configuration::getInstance();
$params = array('lifetime' => 60 * 60 * 24 * 90, 'path' => '/' . $config->getBaseUrl(), 'httponly' => FALSE);
SimpleSAML_Utilities::setCookie($cookieName, $source, $params, FALSE);
}
/**
* Save cookie with the given name and value.
*
* This function will save a cookie with the given name and value for the current discovery
* service type.
*
* @param $name The name of the cookie.
* @param $value The value of the cookie.
*/
protected function setCookie($name, $value)
{
$prefixedName = 'idpdisco_' . $this->instance . '_' . $name;
$params = array('lifetime' => 60 * 60 * 24 * 90, 'path' => '/' . $this->config->getBaseUrl(), 'httponly' => FALSE);
SimpleSAML_Utilities::setCookie($prefixedName, $value, $params, FALSE);
}
/**
* Set a session cookie.
*
* @param string $name The name of the session cookie.
* @param string|NULL $value The value of the cookie. Set to NULL to delete the cookie.
*/
public function setCookie($name, $value, array $params = NULL)
{
assert('is_string($name)');
assert('is_string($value) || is_null($value)');
if ($params !== NULL) {
$params = array_merge($this->getCookieParams(), $params);
} else {
$params = $this->getCookieParams();
}
SimpleSAML_Utilities::setCookie($name, $value, $params);
}
