} } $globalConfig = SimpleSAML_Configuration::getInstance(); $t = new SimpleSAML_XHTML_Template($globalConfig, 'privacyidea:loginform.php'); $t->data['stateparams'] = array('AuthState' => $authStateId); // Determine the login mode $authConfig = SimpleSAML_Configuration::getOptionalConfig("authsources.php"); $privacyideaConfig = array(); $keys = $authConfig->getOptions(); foreach ($keys as $key) { $config = $authConfig->getValue($key); if ($config[0] == "privacyidea:privacyidea") { $privacyideaConfig = $config; } } $pi = new sspmod_privacyidea_Auth_Source_privacyidea(array(), $privacyideaConfig); $t->data['otp_extra'] = $pi->getOtpExtra(); if (array_key_exists('forcedUsername', $state)) { $t->data['username'] = $state['forcedUsername']; $t->data['transaction_id'] = $transaction_id; $t->data['chal_resp_message'] = $message; $t->data['chal_resp_attributes'] = $attributes; $t->data['forceUsername'] = TRUE; $t->data['rememberUsernameEnabled'] = FALSE; $t->data['rememberUsernameChecked'] = FALSE; $t->data['rememberMeEnabled'] = $source->isRememberMeEnabled(); $t->data['rememberMeChecked'] = $source->isRememberMeChecked(); } else { $t->data['username'] = $username; $t->data['forceUsername'] = FALSE; $t->data['rememberUsernameEnabled'] = $source->getRememberUsernameEnabled();
$params['expire'] += isset($_REQUEST['remember_username']) && $_REQUEST['remember_username'] == 'Yes' ? 31536000 : -300; SimpleSAML_Utilities::setCookie($source->getAuthId() . '-username', $username, $params, FALSE); } if ($source->isRememberMeEnabled()) { if (array_key_exists('remember_me', $_REQUEST) && $_REQUEST['remember_me'] === 'Yes') { $state['RememberMe'] = TRUE; $authStateId = SimpleSAML_Auth_State::saveState($state, sspmod_core_Auth_UserPassBase::STAGEID); } } try { // Here we catch the challenge response SimpleSAML_Logger::debug("Calling handleLogin for " . $username); SimpleSAML_Logger::debug("with transaction_id " . $transaction_id); SimpleSAML_Logger::debug("with signatureData " . $signatureData); SimpleSAML_Logger::debug("with clientData " . $clientData); sspmod_privacyidea_Auth_Source_privacyidea::handleLogin($authStateId, $username, $password, $transaction_id, $signatureData, $clientData); } catch (SimpleSAML_Error_Error $e) { /* Login failed. Extract error code and parameters, to display the error. */ $errorCode = $e->getErrorCode(); $errorParams = $e->getParameters(); SimpleSAML_Logger::debug("Login failed. Catching errorCode: " . $errorCode); if ($errorCode === "CHALLENGERESPONSE") { /* In case of challenge response we do not change the username */ $state['forcedUsername'] = $username; $transaction_id = $errorParams[1]; $message = $errorParams[2]; $attributes = $errorParams[3]; SimpleSAML_Logger::debug("Challenge Response transaction_id: " . $errorParams[1]); SimpleSAML_Logger::debug("Challenge Response message: " . $errorParams[2]); SimpleSAML_Logger::debug("CHallenge Response attributes: " . print_r($attributes, TRUE)); }