$janus_config = SimpleSAML_Configuration::getConfig('module_janus.php');
$authsource = $janus_config->getValue('auth', 'login-admin');
$useridattr = $janus_config->getValue('useridattr', 'eduPersonPrincipalName');
// Validate user
if ($session->isValid($authsource)) {
$attributes = $session->getAttributes();
// Check if userid exists
if (!isset($attributes[$useridattr])) {
throw new Exception('User ID is missing');
}
$userid = $attributes[$useridattr][0];
} else {
$session->setData('string', 'refURL', SimpleSAML_Utilities::selfURL());
SimpleSAML_Utilities::redirect(SimpleSAML_Module::getModuleURL('janus/index.php'));
}
$mcontrol = new sspmod_janus_UserController($janus_config);
if (!($user = $mcontrol->setUser($userid))) {
throw new SimpleSAML_Error_Exception('Error in setUser');
}
echo '<h1>SAML20 IdP</h1>';
include 'saml20-idp-remote.php';
foreach ($metadata as $key => $val) {
$msg = $mcontrol->createNewEntity($key, 'saml20-idp');
echo "Id: " . $msg . '<br />';
if (is_int($msg)) {
$econtroller = new sspmod_janus_EntityController($janus_config);
$econtroller->setEntity((string) $msg);
$econtroller->loadEntity();
foreach ($val as $k => $v) {
if ($k == 'name') {
$k = 'entity:name';
if (!isset($attributes[$useridattr])) {
throw new Exception('User ID is missing');
}
$userid = $attributes[$useridattr][0];
} else {
$session->setData('string', 'refURL', SimpleSAML_Utilities::selfURL());
SimpleSAML_Utilities::redirect(SimpleSAML_Module::getModuleURL('janus/index.php'));
}
function check_uri($uri)
{
if (preg_match('/^[a-z][a-z0-9+-\\.]*:.+$/i', $uri) == 1) {
return TRUE;
}
return FALSE;
}
$mcontrol = new sspmod_janus_UserController($janus_config);
$pm = new sspmod_janus_Postman();
if (!($user = $mcontrol->setUser($userid))) {
throw new SimpleSAML_Error_Exception('Error in setUser');
}
$selectedtab = isset($_REQUEST['selectedtab']) ? $_REQUEST['selectedtab'] : 1;
if (isset($_POST['add_usersubmit'])) {
if (empty($_POST['userid']) || empty($_POST['type'])) {
$msg = 'error_user_not_created_due_params';
} else {
$check_user = new sspmod_janus_User($janus_config->getValue('store'));
$check_user->setUserid($_POST['userid']);
if ($check_user->load(sspmod_janus_User::USERID_LOAD) != FALSE) {
$msg = 'error_user_already_exists';
} else {
$new_user = new sspmod_janus_User($janus_config->getValue('store'));
<?php
$session = SimpleSAML_Session::getInstance();
$janusConfig = SimpleSAML_Configuration::getConfig('module_janus.php');
$authSource = $janusConfig->getValue('auth', 'login-admin');
// Validate user
if (!$session->isValid($authSource)) {
SimpleSAML_Utilities::redirect(SimpleSAML_Module::getModuleURL('janus/index.php', array('selectedtab' => "'federation'")));
}
$entities = array();
$util = new sspmod_janus_AdminUtil();
$userController = new sspmod_janus_UserController($janusConfig);
$entities = array_merge($userController->searchEntitiesByType('saml20-idp'), $userController->searchEntitiesByType('saml20-sp'));
foreach ($entities as $entity) {
/**
* @var sspmod_janus_Entity $entity
*/
$entityId = $entity->getEid();
$entityController = new sspmod_janus_EntityController($janusConfig);
$entityController->setEntity($entityId);
$entityController->loadEntity();
$controllerEntity = $entityController->getEntity();
$entityType = $controllerEntity->getType();
if (!isset($entities[$entityType])) {
$entities[$entityType] = array();
}
$entities_info[$entityType][] = array('Id' => $controllerEntity->getEntityid(), 'Name' => $controllerEntity->getPrettyname(), 'WorkflowStatus' => $controllerEntity->getWorkflow(), 'MetadataUrl' => $controllerEntity->getMetadataURL(), 'Eid' => $controllerEntity->getEid());
}
ksort($entities_info);
$template = new SimpleSAML_XHTML_Template(SimpleSAML_Configuration::getInstance(), 'janus:show-entities-validation.php', 'janus:show-entities-validation');
$template->data['header'] = "Service Registry JANUS entities validation";
// Added persistent, transient and unspecified to all entities as valid NameIDFormats
/**
* DbPatch makes the following variables available to PHP patches:
*
* @var $this DbPatch_Command_Patch_PHP
* @var $writer DbPatch_Core_Writer
* @var $db Zend_Db_Adapter_Abstract
* @var $phpFile string
*/
define('SAML2_NAME_ID_FORMAT_UNSPECIFIED', 'urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified');
define('SAML2_NAME_ID_FORMAT_TRANSIENT', 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient');
define('SAML2_NAME_ID_FORMAT_PERSISTENT', 'urn:oasis:names:tc:SAML:2.0:nameid-format:persistent');
$_SERVER['REMOTE_ADDR'] = '127.0.0.1';
$janusConfig = SimpleSAML_Configuration::getConfig('module_janus.php');
$userController = new sspmod_janus_UserController($janusConfig, sspmod_janus_DiContainer::getInstance()->getSecurityContext());
$userController->setUser('engine');
$entities = $userController->getEntities();
/** @var sspmod_janus_Entity $entity */
foreach ($entities as $entity) {
if ($entity->getType() != 'saml20-sp') {
continue;
}
$entity->setRevisionnote('patch-0015.php: Added persistent, transient and unspecified to all entities as valid NameIDFormats');
$entityController = new sspmod_janus_EntityController($janusConfig);
$entityController->setEntity($entity);
$entityController->addMetadata('NameIDFormats:0', SAML2_NAME_ID_FORMAT_PERSISTENT);
$entityController->addMetadata('NameIDFormats:1', SAML2_NAME_ID_FORMAT_TRANSIENT);
$entityController->addMetadata('NameIDFormats:2', SAML2_NAME_ID_FORMAT_UNSPECIFIED);
$entityController->saveEntity();
}
$session = SimpleSAML_Session::getInstance();
$config = SimpleSAML_Configuration::getInstance();
$janus_config = SimpleSAML_Configuration::getConfig('module_janus.php');
$authsource = $janus_config->getValue('auth', 'login-admin');
$useridattr = $janus_config->getValue('useridattr', 'eduPersonPrincipalName');
if ($session->isValid($authsource)) {
$attributes = $session->getAttributes();
// Check if userid exists
if (!isset($attributes[$useridattr])) {
throw new Exception('User ID is missing');
}
$userid = $attributes[$useridattr][0];
} else {
SimpleSAML_Utilities::redirect(SimpleSAML_Module::getModuleURL('janus/index.php'));
}
$econtroller = new sspmod_janus_UserController($janus_config);
$usertypes = $janus_config->getValue('usertypes');
$et = new SimpleSAML_XHTML_Template($config, 'janus:newuser.php', 'janus:newuser');
if (isset($_POST['submit'])) {
$user = new sspmod_janus_User($janus_config->getValue('store'));
$user->setUserid($_POST['userid']);
$user->setType($_POST['type']);
$user->setActive('yes');
$user->save();
$et->data['user_created'] = TRUE;
$pm = new sspmod_janus_Postman();
$pm->post('New user created', 'A new user has been created with username: '******'USER-NEW', $user->getUid());
}
if (isset($_GET['userid'])) {
$et->data['userid'] = $_GET['userid'];
}
/**
* Retrieve all entity metadata for all entities of a certain type.
* @param String $type Supported types: "saml20-idp" or "saml20-sp"
* @param Array $keys optional list of metadata keys to retrieve. Retrieves all if blank
* @param String $allowedEntityId if passed, returns only those entities that are
* whitelisted against the given entity
* @return Array Associative array of all metadata. The key of the array is the identifier
*/
protected static function _getEntities($type, $keys = array(), $allowedEntityId = NULL)
{
$econtroller = new sspmod_janus_EntityController(SimpleSAML_Configuration::getConfig('module_janus.php'));
$ucontroller = new sspmod_janus_UserController(SimpleSAML_Configuration::getConfig('module_janus.php'));
$entities = array();
if (isset($allowedEntityId)) {
$econtroller->setEntity($allowedEntityId);
$econtroller->loadEntity();
if ($econtroller->getEntity()->getAllowedAll() == "yes") {
$entities = $ucontroller->searchEntitiesByType($type);
} else {
$allowedEntities = $econtroller->getAllowedEntities();
// Check the whitelist
if (count($allowedEntities)) {
foreach ($allowedEntities as $entityid => $data) {
$entities[] = $data["remoteentityid"];
}
} else {
// Check the blacklist
$blockedEntities = $econtroller->getBlockedEntities();
if (count($blockedEntities)) {
$blockedEntityIds = array();
foreach ($blockedEntities as $entityid => $data) {
$blockedEntityIds[] = $data["remoteentityid"];
}
$all = $ucontroller->searchEntitiesByType($type);
$list = array();
foreach ($all as $entity) {
$list[] = $entity->getEntityId();
}
// Return all entities that are not in the blacklist
$entities = array_diff($list, $blockedEntityIds);
}
}
}
} else {
$entities = $ucontroller->searchEntitiesByType($type);
}
$result = array();
foreach ($entities as $entity) {
$data = self::_getMetadataForEntity($entity, NULL, $keys);
// Add workflow state info for optional filtering at client side
$data['workflowState'] = $entity->getWorkflow();
if (is_object($entity)) {
$entityId = $entity->getEntityId();
} else {
$entityId = $entity;
}
$result[$entityId] = $data;
}
return $result;
}
SimpleSAML_Utilities::redirect(SimpleSAML_Module::getModuleURL('janus/index.php'));
}
$et = new SimpleSAML_XHTML_Template($config, 'janus:editentity.php', 'janus:editentity');
$language = $et->getLanguage();
$update = FALSE;
$note = '';
if (!empty($_POST)) {
// Array for collecting addresses to notify
$addresses = array();
// Change entityID
if (isset($_POST['entityid']) && $guard->hasPermission('changeentityid', $entity->getWorkflow(), $user->getType())) {
if (check_uri($_POST['entityid']) || true) {
# HACK: For SURFnetGuests : https://espee-test.surfnet.nl/federate/metadata/saml20/SURFnetGuests
$entityIdNeedsUpdating = $_POST['entityid'] != $entity->getEntityid();
if ($entityIdNeedsUpdating) {
$userController = new sspmod_janus_UserController($janus_config);
if ($userController->isEntityIdInUse($_POST['entityid'], $errorMessage)) {
$msg = $errorMessage;
} else {
if ($entity->setEntityid($_POST['entityid'])) {
$update = TRUE;
$note .= 'Changed entityID: ' . $_POST['entityid'] . '<br />';
$addresses[] = 'ENTITYUPDATE-' . $eid . '-CHANGEENTITYID';
}
}
}
} else {
$msg = 'error_entity_not_url';
}
}
// Metadata