/**
 * Hook to add the simple consenet admin module to the frontpage.
 *
 * @param array &$links  The links on the frontpage, split into sections.
 */
function consentSimpleAdmin_hook_frontpage(&$links)
{
    assert('is_array($links)');
    assert('array_key_exists("links", $links)');
    $links['config'][] = array('href' => \SimpleSAML\Module::getModuleURL('consentSimpleAdmin/consentAdmin.php'), 'text' => '{consentSimpleAdmin:consentsimpleadmin:header}');
    $links['config'][] = array('href' => \SimpleSAML\Module::getModuleURL('consentSimpleAdmin/consentStats.php'), 'text' => '{consentSimpleAdmin:consentsimpleadmin:headerstats}');
}
 /**
  * Start the logout operation.
  *
  * @param array &$state The logout state.
  * @param string|null $assocId The SP we are logging out from.
  */
 public function startLogout(array &$state, $assocId)
 {
     assert('is_string($assocId) || is_null($assocId)');
     $associations = $this->idp->getAssociations();
     if (count($associations) === 0) {
         $this->idp->finishLogout($state);
     }
     foreach ($associations as $id => &$association) {
         $idp = \SimpleSAML_IdP::getByState($association);
         $association['core:Logout-IFrame:Name'] = $idp->getSPName($id);
         $association['core:Logout-IFrame:State'] = 'onhold';
     }
     $state['core:Logout-IFrame:Associations'] = $associations;
     if (!is_null($assocId)) {
         $spName = $this->idp->getSPName($assocId);
         if ($spName === null) {
             $spName = array('en' => $assocId);
         }
         $state['core:Logout-IFrame:From'] = $spName;
     } else {
         $state['core:Logout-IFrame:From'] = null;
     }
     $params = array('id' => \SimpleSAML_Auth_State::saveState($state, 'core:Logout-IFrame'));
     if (isset($state['core:Logout-IFrame:InitType'])) {
         $params['type'] = $state['core:Logout-IFrame:InitType'];
     }
     $url = Module::getModuleURL('core/idp/logout-iframe.php', $params);
     HTTP::redirectTrustedURL($url);
 }
Пример #3
0
 /**
  * Test for SimpleSAML\Module::resolveClass(). It covers all the valid use cases.
  */
 public function tesstResolveClass()
 {
     // most basic test
     $this->assertEquals('sspmod_core_ACL', Module::resolveClass('core:ACL', ''));
     // test for the $type parameter correctly translated into a path
     $this->assertEquals('sspmod_core_Auth_Process_PHP', Module::resolveClass('core:PHP', 'Auth_Process'));
     // test for valid subclasses
     $this->assertEquals('sspmod_core_Auth_Process_PHP', Module::resolveClass('core:PHP', 'Auth_Process', 'SimpleSAML_Auth_ProcessingFilter'));
 }
Пример #4
0
 /**
  * Retrieve a admin login URL.
  *
  * @param string|NULL $returnTo The URL the user should arrive on after admin authentication. Defaults to null.
  *
  * @return string A URL which can be used for admin authentication.
  * @throws \InvalidArgumentException If $returnTo is neither a string nor null.
  */
 public static function getAdminLoginURL($returnTo = null)
 {
     if (!(is_string($returnTo) || is_null($returnTo))) {
         throw new \InvalidArgumentException('Invalid input parameters.');
     }
     if ($returnTo === null) {
         $returnTo = HTTP::getSelfURL();
     }
     return Module::getModuleURL('core/login-admin.php', array('ReturnTo' => $returnTo));
 }
 /**
  * Initialize processing of the redirect test.
  *
  * @param array &$state  The state we should update.
  */
 public function process(&$state)
 {
     assert('is_array($state)');
     assert('array_key_exists("Attributes", $state)');
     // To check whether the state is saved correctly
     $state['Attributes']['RedirectTest1'] = array('OK');
     // Save state and redirect
     $id = SimpleSAML_Auth_State::saveState($state, 'authVHO:redirectfilter-test');
     $url = Module::getModuleURL('authVHO/redirecttest.php');
     HTTP::redirectTrustedURL($url, array('StateId' => $id));
 }
 /**
  * @inheritDoc
  */
 public function __construct($name)
 {
     parent::__construct($name);
     $this->onValidate[] = [$this, 'validateRedirectUri'];
     $this->setMethod('POST');
     $this->addProtection('Security token has expired, please submit the form again');
     $this->addText('name', 'Name of client:')->setMaxLength(255)->setRequired('Set a name');
     $this->addTextArea('description', 'Description of client:', null, 5);
     $this->addTextArea('redirect_uri', 'Static/enforcing callback-url (one per line)', null, 5)->setRequired('Write one redirect URI at least');
     $this->addSubmit('submit', 'Submit');
     $this->addButton('return', 'Return')->setAttribute('onClick', 'parent.location = \'' . Module::getModuleURL('oauth2/registry.php') . '\'');
 }
Пример #7
0
 /**
  * This method retrieves a dictionary with the name given.
  *
  * @param string $name The name of the dictionary, as the filename in the dictionary directory, without the
  * '.php' ending.
  *
  * @return array An associative array with the dictionary.
  */
 private function getDictionary($name)
 {
     assert('is_string($name)');
     if (!array_key_exists($name, $this->dictionaries)) {
         $sepPos = strpos($name, ':');
         if ($sepPos !== false) {
             $module = substr($name, 0, $sepPos);
             $fileName = substr($name, $sepPos + 1);
             $dictDir = \SimpleSAML\Module::getModuleDir($module) . '/dictionaries/';
         } else {
             $dictDir = $this->configuration->getPathValue('dictionarydir', 'dictionaries/');
             $fileName = $name;
         }
         $this->dictionaries[$name] = $this->readDictionaryFile($dictDir . $fileName);
     }
     return $this->dictionaries[$name];
 }
/**
 * Hook to add the aggregator list to the frontpage.
 *
 * @param array &$links  The links on the frontpage, split into sections.
 */
function aggregator_hook_frontpage(&$links)
{
    assert('is_array($links)');
    assert('array_key_exists("links", $links)');
    $links['federation'][] = array('href' => \SimpleSAML\Module::getModuleURL('aggregator/'), 'text' => '{aggregator:aggregator:frontpage_link}');
}
Пример #9
0
 /**
  * Create a link which will POST data.
  *
  * @param string $destination The destination URL.
  * @param array  $data The name-value pairs which will be posted to the destination.
  *
  * @return string  A URL which can be accessed to post the data.
  * @throws \InvalidArgumentException If $destination is not a string or $data is not an array.
  *
  * @author Andjelko Horvat
  * @author Jaime Perez, UNINETT AS <*****@*****.**>
  */
 public static function getPOSTRedirectURL($destination, $data)
 {
     if (!is_string($destination) || !is_array($data)) {
         throw new \InvalidArgumentException('Invalid input parameters.');
     }
     $config = \SimpleSAML_Configuration::getInstance();
     $allowed = $config->getBoolean('enable.http_post', false);
     if ($allowed && preg_match("#^http:#", $destination) && self::isHTTPS()) {
         // we need to post the data to HTTP
         $url = self::getSecurePOSTRedirectURL($destination, $data);
     } else {
         // post the data directly
         $session = \SimpleSAML_Session::getSessionFromRequest();
         $id = self::savePOSTData($session, $destination, $data);
         $url = Module::getModuleURL('core/postredirect.php', array('RedirId' => $id));
     }
     return $url;
 }
Пример #10
0
 /**
  * Log in using an external authentication helper.
  *
  * @param array &$state  Information about the current authentication.
  */
 public function authenticate(&$state)
 {
     assert('is_array($state)');
     $attributes = $this->getUser();
     if ($attributes !== null) {
         /*
          * The user is already authenticated.
          *
          * Add the users attributes to the $state-array, and return control
          * to the authentication process.
          */
         $state['Attributes'] = $attributes;
         return;
     }
     /*
      * The user isn't authenticated. We therefore need to
      * send the user to the login page.
      */
     /*
      * First we add the identifier of this authentication source
      * to the state array, so that we know where to resume.
      */
     $state['authVHO:AuthID'] = $this->authId;
     /*
      * We need to save the $state-array, so that we can resume the
      * login process after authentication.
      *
      * Note the second parameter to the saveState-function. This is a
      * unique identifier for where the state was saved, and must be used
      * again when we retrieve the state.
      *
      * The reason for it is to prevent
      * attacks where the user takes a $state-array saved in one location
      * and restores it in another location, and thus bypasses steps in
      * the authentication process.
      */
     $stateId = SimpleSAML_Auth_State::saveState($state, 'authVHO:AuthID');
     /*
      * Now we generate a URL the user should return to after authentication.
      * We assume that whatever authentication page we send the user to has an
      * option to return the user to a specific page afterwards.
      */
     $returnTo = Module::getModuleURL('authVHO/resume.php', array('State' => $stateId));
     /*
      * Get the URL of the VHO authentication page.
      *
      * This is in the configuration file.
      */
     $authPage = $this->config['vho_login_url'];
     /*
      * The redirect to the authentication page.
      *
      * Note the 'ReturnTo' parameter. This must most likely be replaced with
      * the real name of the parameter for the login page.
      */
     HTTP::redirectTrustedURL($authPage, array('ReturnTo' => $returnTo));
     /*
      * The redirect function never returns, so we never get this far.
      */
     assert('FALSE');
 }
/**
 * Hook to add the modinfo module to the frontpage.
 *
 * @param array &$links  The links on the frontpage, split into sections.
 */
function metaedit_hook_frontpage(&$links)
{
    assert('is_array($links)');
    assert('array_key_exists("links", $links)');
    $links['federation']['metaedit'] = array('href' => \SimpleSAML\Module::getModuleURL('metaedit/index.php'), 'text' => array('en' => 'Metadata registry', 'no' => 'Metadata registrering'), 'shorttext' => array('en' => 'Metadata registry', 'no' => 'Metadata registrering'));
}
/**
 * Hook to add the simple consenet admin module to the frontpage.
 *
 * @param array &$links  The links on the frontpage, split into sections.
 */
function saml2debug_hook_frontpage(&$links)
{
    assert('is_array($links)');
    assert('array_key_exists("links", $links)');
    $links['federation'][] = array('href' => \SimpleSAML\Module::getModuleURL('saml2debug/debug.php'), 'text' => array('en' => 'SAML 2.0 Debugger'));
}
/**
 * Hook to add the logpeek module to the frontpage.
 *
 * @param array &$links  The links on the frontpage, split into sections.
 */
function logpeek_hook_frontpage(&$links)
{
    assert('is_array($links)');
    assert('array_key_exists("links", $links)');
    $links['config'][] = array('href' => \SimpleSAML\Module::getModuleURL('logpeek/'), 'text' => array('en' => 'SimpleSAMLphp logs access (Log peek)', 'no' => 'Vis simpleSAMLphp log'));
}
/*
 * This file is part of the simplesamlphp-module-oauth2.
 *
 * (c) Sergio Gómez <*****@*****.**>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */
use SimpleSAML\Modules\OAuth2\Form\ClientForm;
use SimpleSAML\Modules\OAuth2\Repositories\ClientRepository;
use SimpleSAML\Utils\Auth;
use SimpleSAML\Utils\HTTP;
use SimpleSAML\Utils\Random;
/* Load simpleSAMLphp, configuration and metadata */
$action = \SimpleSAML\Module::getModuleURL('oauth2/registry.new.php');
$config = SimpleSAML_Configuration::getInstance();
Auth::requireAdmin();
$form = new ClientForm('client');
$form->setAction($action);
if ($form->isSubmitted() && $form->isSuccess()) {
    $client = $form->getValues();
    $client['id'] = Random::generateID();
    $client['secret'] = Random::generateID();
    $clientRepository = new ClientRepository();
    $clientRepository->persistNewClient($client['id'], $client['secret'], $client['name'], $client['description'], $client['redirect_uri']);
    HTTP::redirectTrustedURL('registry.php');
}
$template = new SimpleSAML_XHTML_Template($config, 'oauth2:registry_new');
$template->data['form'] = $form;
$template->show();
/*
 * This file is part of the simplesamlphp-module-oauth2.
 *
 * (c) Sergio Gómez <*****@*****.**>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */
use SimpleSAML\Modules\OAuth2\Form\ClientForm;
use SimpleSAML\Modules\OAuth2\Repositories\ClientRepository;
use SimpleSAML\Utils\Auth;
use SimpleSAML\Utils\HTTP;
Auth::requireAdmin();
/* Load simpleSAMLphp, configuration and metadata */
$client_id = $_REQUEST['id'];
$action = \SimpleSAML\Module::getModuleURL('oauth2/registry.edit.php', ['id' => $client_id]);
$config = SimpleSAML_Configuration::getInstance();
$clientRepository = new ClientRepository();
$client = $clientRepository->find($client_id);
if (!$client) {
    header('Content-type: text/plain; utf-8', TRUE, 500);
    print 'Client not found';
    return;
}
$form = new ClientForm('client');
$form->setAction($action);
$form->setDefaults($client);
if ($form->isSubmitted() && $form->isSuccess()) {
    $client = $form->getValues();
    $clientRepository->updateClient($client_id, $client['name'], $client['description'], $client['redirect_uri']);
    HTTP::redirectTrustedURL('registry.php');
Пример #16
0
 /**
  * Find template path.
  *
  * This function locates the given template based on the template name. It will first search for the template in
  * the current theme directory, and then the default theme.
  *
  * The template name may be on the form <module name>:<template path>, in which case it will search for the
  * template file in the given module.
  *
  * @param string $template The relative path from the theme directory to the template file.
  *
  * @return string The absolute path to the template file.
  *
  * @throws Exception If the template file couldn't be found.
  */
 private function findTemplatePath($template, $throw_exception = true)
 {
     assert('is_string($template)');
     $result = $this->findModuleAndTemplateName($template);
     $templateModule = $result[0] ? $result[0] : 'default';
     $templateName = $result[1];
     $tmp = explode(':', $this->configuration->getString('theme.use', 'default'), 2);
     if (count($tmp) === 2) {
         $themeModule = $tmp[0];
         $themeName = $tmp[1];
     } else {
         $themeModule = null;
         $themeName = $tmp[0];
     }
     // first check the current theme
     if ($themeModule !== null) {
         // .../module/<themeModule>/themes/<themeName>/<templateModule>/<templateName>
         $filename = \SimpleSAML\Module::getModuleDir($themeModule) . '/themes/' . $themeName . '/' . $templateModule . '/' . $templateName;
     } elseif ($templateModule !== 'default') {
         // .../module/<templateModule>/templates/<templateName>
         $filename = \SimpleSAML\Module::getModuleDir($templateModule) . '/templates/' . $templateName;
     } else {
         // .../templates/<theme>/<templateName>
         $filename = $this->configuration->getPathValue('templatedir', 'templates/') . $templateName;
     }
     if (file_exists($filename)) {
         return $filename;
     }
     // not found in current theme
     \SimpleSAML\Logger::debug($_SERVER['PHP_SELF'] . ' - Template: Could not find template file [' . $template . '] at [' . $filename . '] - now trying the base template');
     // try default theme
     if ($templateModule !== 'default') {
         // .../module/<templateModule>/templates/<templateName>
         $filename = \SimpleSAML\Module::getModuleDir($templateModule) . '/templates/' . $templateName;
     } else {
         // .../templates/<templateName>
         $filename = $this->configuration->getPathValue('templatedir', 'templates/') . '/' . $templateName;
     }
     if (file_exists($filename)) {
         return $filename;
     }
     // not found in default template
     if ($throw_exception) {
         // log error and throw exception
         $error = 'Template: Could not find template file [' . $template . '] at [' . $filename . ']';
         \SimpleSAML\Logger::critical($_SERVER['PHP_SELF'] . ' - ' . $error);
         throw new Exception($error);
     } else {
         // missing template expected, return NULL
         return null;
     }
 }