The initial focus of the consent form can be set by setting the 'focus'-attribute to either
'yes' or 'no'.
Different storage backends can be configured by setting the 'store'-attribute. The'store'-attribute
is on the form :, and refers to the class sspmod__Consent_Store_. For
examples, see the built-in modules 'consent:Cookie' and 'consent:Database', which can be found
under modules/consent/lib/Consent/Store.
Example - minimal:
'authproc' => array(
'consent:Consent',
),
Example - save in cookie:
'authproc' => array(
array(
'consent:Consent',
'store' => 'consent:Cookie',
),
Example - save in MySQL database:
'authproc' => array(
array(
'consent:Consent',
'store' => array(
'consent:Database',
'dsn' => 'mysql:host=db.example.org;dbname=simplesaml',
'username' => 'simplesaml',
'password' => 'secretpassword',
),
),
),
Example - initial focus on yes-button:
'authproc' => array(
array('consent:Consent', 'focus' => 'yes'),
),
function driveProcessingChain($idp_metadata, $source, $sp_metadata, $sp_entityid, $attributes, $userid, $hashAttributes = FALSE) { /* * Create a new processing chain */ $pc = new SimpleSAML_Auth_ProcessingChain($idp_metadata, $sp_metadata, 'idp'); /* * Construct the state. * REMEMBER: Do not set Return URL if you are calling processStatePassive */ $authProcState = array('Attributes' => $attributes, 'Destination' => $sp_metadata, 'Source' => $idp_metadata, 'isPassive' => TRUE); /* * Call processStatePAssive. * We are not interested in any user interaction, only modifications to the attributes */ $pc->processStatePassive($authProcState); $attributes = $authProcState['Attributes']; /* * Generate identifiers and hashes */ $destination = $sp_metadata['metadata-set'] . '|' . $sp_entityid; $targeted_id = sspmod_consent_Auth_Process_Consent::getTargetedID($userid, $source, $destination); $attribute_hash = sspmod_consent_Auth_Process_Consent::getAttributeHash($attributes, $hashAttributes); SimpleSAML_Logger::info('consentAdmin: user: '******'consentAdmin: target: ' . $targeted_id); SimpleSAML_Logger::info('consentAdmin: attribute: ' . $attribute_hash); /* Return values */ return array($targeted_id, $attribute_hash, $attributes); }
*/ if ($as->getAuthData('saml:sp:IdP') != null) { // From a remote idp (as bridge) $idp_entityid = $as->getAuthData('saml:sp:IdP'); $idp_metadata = $metadata->getMetaData($idp_entityid, 'saml20-idp-remote'); } else { // from the local idp $idp_entityid = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted'); $idp_metadata = $metadata->getMetaData($idp_entityid, 'saml20-idp-hosted'); } SimpleSAML_Logger::debug('consentAdmin: IdP is [' . $idp_entityid . ']'); $source = $idp_metadata['metadata-set'] . '|' . $idp_entityid; // Parse consent config $consent_storage = sspmod_consent_Store::parseStoreConfig($consentconfig->getValue('store')); // Calc correct user ID hash $hashed_user_id = sspmod_consent_Auth_Process_Consent::getHashedUserID($userid, $source); // Check if button with withdraw all consent was clicked. if (array_key_exists('withdraw', $_REQUEST)) { SimpleSAML_Logger::info('consentAdmin: UserID [' . $hashed_user_id . '] has requested to withdraw all consents given...'); $consent_storage->deleteAllConsents($hashed_user_id); } // Get all consents for user $user_consent_list = $consent_storage->getConsents($hashed_user_id); $consentServices = array(); foreach ($user_consent_list as $c) { $consentServices[$c[1]] = 1; } SimpleSAML_Logger::debug('consentAdmin: no of consents [' . count($user_consent_list) . '] no of services [' . count($consentServices) . ']'); // Init template $t = new SimpleSAML_XHTML_Template($config, 'consentSimpleAdmin:consentadmin.php'); $t->data['consentServices'] = count($consentServices);
/** * Helper function to run the filter with a given configuration. * * @param array $config The filter configuration. * @param array $request The request state. * @return array The state array after processing. */ private function processFilter(array $config, array $request) { $filter = new \sspmod_consent_Auth_Process_Consent($config, null); $filter->process($request); return $request; }