public static function isSignatureValid(sspmod_janus_REST_Request $request) { if (is_null($request->getKey())) { return false; } $config = sspmod_janus_DiContainer::getInstance()->getConfig(); $user = new sspmod_janus_User(); $user->setUserid($request->getKey()); if (!$user->load(sspmod_janus_User::USERID_LOAD)) { return false; } sspmod_janus_DiContainer::preAuthenticate($user->getUserid(), 'RESTv1'); $shared_secret = $user->getSecret(); $data = $request->getRequestVars(); // Sort params ksort($data); $concat_string = ''; // Concat all params with values foreach ($data as $key => $value) { $concat_string .= $key . $value; } // Prepend shared secret $prepend_secret = $shared_secret . $concat_string; // Hash the string to the signature $calculated_signature = hash('sha512', $prepend_secret); return $request->getSignature() == $calculated_signature; }
/** * Set the user for the user to be handled * * @param string|sspmod_janus_User $user The user email or a user object * * @return sspmod_janus_User|bool Return the user or false if the user can * not be loaded * @throws InvalidArgumentException If parsed argument is neither a valid * email address og a user object * @since Method available since Release 1.0.0 */ public function setUser($user) { // If $user is an email address if (is_string($user)) { $this->_user = new sspmod_janus_User($this->_config->getValue('store')); $this->_user->setUserid($user); if (!$this->_user->load(sspmod_janus_User::USERID_LOAD)) { return false; } // If $user is a sspmod_janus_User object } else { if (is_a($user, 'sspmod_janus_User')) { $this->_user = $user; } else { throw new InvalidArgumentException('Argument must be an email address or instance of sspmod_janus_User.'); } } return $this->_user; }
public static function method_getUser($data, &$status) { if (!isset($data["userid"])) { $status = 400; return ''; } $config = SimpleSAML_Configuration::getConfig('module_janus.php'); $user = new sspmod_janus_User($config->getValue('store')); $user->setUserid($data['userid']); $user->load(sspmod_janus_User::USERID_LOAD); $result = array(); $result['uid'] = $user->getUid(); $result['userid'] = $user->getUserid(); $result['active'] = $user->getActive(); $result['type'] = $user->getType(); $result['data'] = $user->getdata(); return $result; }
/** * Get User information * * @access protected (see isProtected) * @static * @param array $data Request parameters for getUser method, supports: * - string $data['userid']: UserID (login name) to get data for * @param int $statusCode HTTP Status code to use in response * @return array|string User information */ public static function method_getUser($data, &$statusCode) { if (!isset($data["userid"])) { $statusCode = 400; return ''; } $config = sspmod_janus_DiContainer::getInstance()->getConfig(); $user = new sspmod_janus_User(); $user->setUserid($data['userid']); $user->load(sspmod_janus_User::USERID_LOAD); $result = array(); $result['uid'] = $user->getUid(); $result['userid'] = $user->getUserid(); $result['active'] = $user->getActive(); $result['type'] = $user->getType(); $result['data'] = $user->getdata(); return $result; }
public static function isSignatureValid(sspmod_janus_REST_Request $request) { if (is_null($request->getKey())) { return false; } $config = SimpleSAML_Configuration::getConfig('module_janus.php'); $user = new sspmod_janus_User($config->getValue('store')); $user->setUserid($request->getKey()); $user->load(sspmod_janus_User::USERID_LOAD); $shared_secret = $user->getSecret(); $data = $request->getRequestVars(); // Sort params ksort($data); $concat_string = ''; // Concat all params with values foreach ($data as $key => $value) { $concat_string .= $key . $value; } // Prepend shared secret $prepend_secret = $shared_secret . $concat_string; // Hash the string to the signature $calculated_signature = hash('sha512', $prepend_secret); return $request->getSignature() == $calculated_signature; }
if ($as->isAuthenticated()) { $attributes = $as->getAttributes(); // Check if userid exists if (!isset($attributes[$useridattr])) { throw new Exception('User ID is missing'); } $userid = $attributes[$useridattr][0]; } else { echo $et->t('error_no_access'); exit; } // Get Entity controller $mcontroller = sspmod_janus_DiContainer::getInstance()->getEntityController(); // Get the user $user = new sspmod_janus_User(); $user->setUserid($userid); $user->load(sspmod_janus_User::USERID_LOAD); $eid = $_GET['eid']; $currentRevisionId = $_GET['currentRevisionId']; $historyTab = $_GET['historyTab']; if (!($entity = $mcontroller->setEntity($eid))) { throw new SimpleSAML_Error_Exception('Error in setEntity'); } $workflowstates = $janus_config->getValue('workflowstates'); // load entity $mcontroller->loadEntity(); // Check if user is allowed to se entity $allowedUsers = $mcontroller->getUsers(); $output = ''; $securityContext = sspmod_janus_DiContainer::getInstance()->getSecurityContext(); if ((array_key_exists($userid, $allowedUsers) || $securityContext->isGranted('allentities')) && $securityContext->isGranted('entityhistory', $entity)) {
function addUserToEntity($params) { if (!isset($params['eid']) || !isset($params['uid'])) { return FALSE; } $eid = $params['eid']; $uid = $params['uid']; # security hack - uid is actually userid ie. user@example.com - convert it to a janus uid as expected for further processing $janus_config = sspmod_janus_DiContainer::getInstance()->getConfig(); $user = new sspmod_janus_User(); $user->setUserid($uid); if ($user->load(sspmod_janus_User::USERID_LOAD) === false) { echo json_encode(array('status' => 'Unknown user')); exit; } $actual_uid = $user->getUid(); $util = new sspmod_janus_AdminUtil(); try { if (!($userid = $util->addUserToEntity($eid, $actual_uid))) { return FALSE; } } catch (Exception $e) { echo json_encode(array('status' => 'An unspecified error occurred')); exit; } return array('eid' => $eid, 'uid' => $actual_uid, 'userid' => $userid); }
$pm = new sspmod_janus_Postman(); if (!($user = $mcontrol->setUser($userid))) { throw new SimpleSAML_Error_Exception('Error in setUser'); } $selectedtab = isset($_REQUEST['selectedtab']) ? $_REQUEST['selectedtab'] : 1; if (isset($_POST['add_usersubmit'])) { if (empty($_POST['userid']) || empty($_POST['type'])) { $msg = 'error_user_not_created_due_params'; } else { $check_user = new sspmod_janus_User($janus_config->getValue('store')); $check_user->setUserid($_POST['userid']); if ($check_user->load(sspmod_janus_User::USERID_LOAD) != FALSE) { $msg = 'error_user_already_exists'; } else { $new_user = new sspmod_janus_User($janus_config->getValue('store')); $new_user->setUserid($_POST['userid']); $new_user->setType($_POST['type']); if (isset($_POST['active']) && $_POST['active'] == 'on') { $active = 'yes'; } else { $active = 'no'; } $new_user->setActive($active); $new_user->setData($_POST['userdata']); if (!$new_user->save()) { $msg = 'error_user_not_created'; } else { SimpleSAML_Utilities::redirect(SimpleSAML_Utilities::selfURLNoQuery(), array('selectedtab' => $selectedtab)); } } }
} catch (Exception $ex) { SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/index.php'), $_GET); exit; } function check_uri($uri) { if (preg_match('/^[a-z][a-z0-9+-\\.]*:.+$/i', $uri) == 1) { return TRUE; } return FALSE; } // Get Entity controller $entityController = sspmod_janus_DiContainer::getInstance()->getEntityController(); // Get the user $user = new sspmod_janus_User(); $user->setUserid($loggedInUsername); $user->load(sspmod_janus_User::USERID_LOAD); // Get Admin util which we use to retrieve entities $adminUtil = new sspmod_janus_AdminUtil(); // @todo move to separate class // Function to fix up PHP's messing up POST input containing dots, etc. function getRealPOST() { $vars = array(); $input = file_get_contents("php://input"); if (!empty($input)) { $pairs = explode("&", $input); foreach ($pairs as $pair) { $nv = explode("=", $pair); $name = urldecode($nv[0]); $value = urldecode($nv[1]);
function editUser($params) { if (empty($params['uid']) || empty($params['userid']) || !isset($params['active']) || empty($params['type'])) { return array('status' => 'missing_param'); } $janus_config = SimpleSAML_Configuration::getConfig('module_janus.php'); $uid = $params['uid']; $user = new sspmod_janus_User($janus_config->getValue('store')); $user->setUid($uid); $user->load(sspmod_janus_User::UID_LOAD); $user->setActive($params['active']); $user->setUserid($params['userid']); $user->setType($params['type']); $user->save(); return array('uid' => $uid); }