ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
class.ilShibbolethWAYF.php
Go to the documentation of this file.
1<?php
2/*
3 +-----------------------------------------------------------------------------+
4 | ILIAS open source |
5 +-----------------------------------------------------------------------------+
6 | Copyright (c) 1998-2001 ILIAS open source, University of Cologne |
7 | |
8 | This program is free software; you can redistribute it and/or |
9 | modify it under the terms of the GNU General Public License |
10 | as published by the Free Software Foundation; either version 2 |
11 | of the License, or (at your option) any later version. |
12 | |
13 | This program is distributed in the hope that it will be useful, |
14 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16 | GNU General Public License for more details. |
17 | |
18 | You should have received a copy of the GNU General Public License |
19 | along with this program; if not, write to the Free Software |
20 | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
21 +-----------------------------------------------------------------------------+
22*/
23
34class ShibWAYF {
35
39 public $is_selection = false;
43 public $is_valid_selection = false;
47 public $selected_idp = '-';
51 public $idp_list = false;
52
53
54 public function __construct() {
55 // Was the WAYF form submitted?
56 if (isset($_POST['home_organization_selection'])) {
57 $this->is_selection = true;
58 } else {
59 $this->is_selection = false;
60 }
61 // Was selected IdP a valid
62 $this->idp_list = $this->getIdplist();
63 if (isset($_POST['idp_selection']) AND
64 $_POST['idp_selection'] != '-' AND isset($this->idp_list[$_POST['idp_selection']])
65 ) {
66 $this->is_valid_selection = true;
67 $this->selected_idp = $_POST['idp_selection'];
68 } else {
69 $this->is_valid_selection = false;
70 }
71 }
72
73
77 public function is_selection() {
78 return $this->isSelection();
79 }
80
81
85 public function isSelection() {
87 }
88
89
93 public function is_valid_selection() {
94 return $this->isValidSelection();
95 }
96
97
101 public function isValidSelection() {
103 }
104
105
109 public function generateSelection() {
110 if (! $this->idp_list) {
111 $arr_idp_list = $this->getIdplist();
112 } else {
113 $arr_idp_list = $this->idp_list;
114 }
115 $idp_cookie = $this->generateCookieArray($_COOKIE['_saml_idp']);
116 $lng = new ilLanguage($_GET["lang"]);
117 if (count($idp_cookie) > 0 AND isset($arr_idp_list[end($idp_cookie)])) {
118 $selectedIDP = end($idp_cookie);
119 $selectElement = '
120 <select name="idp_selection">
121 <option value="-">' . $lng->txt("shib_member_of") . '</option>';
122 } else {
123 $selectElement = '
124 <select name="idp_selection">
125 <option value="-" selected="selected">' . $lng->txt("shib_member_of") . '</option>';
126 }
127 foreach ($arr_idp_list as $idp_id => $idp_data) {
128 if ($idp_id == $selectedIDP) {
129 $selectElement .= '<option value="' . $idp_id . '" selected="selected">' . $idp_data[0] . '</option>';
130 } else {
131 $selectElement .= '<option value="' . $idp_id . '">' . $idp_data[0] . '</option>';
132 }
133 }
134 $selectElement .= '
135 </select>';
136
137 return $selectElement;
138 }
139
140
144 public function redirect() {
145 if (! $this->idp_list) {
146 $arr_idp_list = $this->getIdplist();
147 } else {
148 $arr_idp_list = $this->idp_list;
149 }
150 // Where to return after the authentication process
151 $target = trim(ILIAS_HTTP_PATH, '/') . '/shib_login.php?target=' . $_POST["il_target"];
152 $idp_data = $arr_idp_list[$this->selected_idp];
153 if (isset($idp_data[1])) {
154 ilUtil::redirect($idp_data[1] . '?providerId=' . urlencode($this->selected_idp) . '&target='
155 . urlencode($target));
156 } else {
157 // TODO: This has to be changed to /Shibboleth.sso/DS?entityId= for
158 // Shibbolet 2.x sometime...
159 ilUtil::redirect('/Shibboleth.sso?providerId=' . urlencode($this->selected_idp) . '&target='
160 . urlencode($target));
161 }
162 }
163
164
168 public function setSAMLCookie() {
169 if (isset($_COOKIE['_saml_idp'])) {
170 $arr_idps = $this->generateCookieArray($_COOKIE['_saml_idp']);
171 } else {
172 $arr_idps = array();
173 }
174 $arr_idps = $this->appendCookieValue($this->selected_idp, $arr_idps);
175 setcookie('_saml_idp', $this->generateCookieValue($arr_idps), time() + (100 * 24 * 3600), '/');
176 }
177
178
183 public function showNotice() {
184 $lng = new ilLanguage($_GET["lang"]);
185 if (! $this->is_selection() or $this->is_valid_selection()) {
186 return '';
187 } else {
188 return $lng->txt("shib_invalid_home_organization");
189 }
190 }
191
192
197 public function getIdplist() {
198 global $DIC;
199 $ilSetting = $DIC['ilSetting'];
200 $idp_list = array();
201 $idp_raw_list = explode("\n", $ilSetting->get("shib_idp_list"));
202 foreach ($idp_raw_list as $idp_line) {
203 $idp_data = explode(',', $idp_line);
204 if (isset($idp_data[2])) {
205 $idp_list[trim($idp_data[0])] = array( trim($idp_data[1]), trim($idp_data[2]) );
206 } elseif (isset($idp_data[1])) {
207 $idp_list[trim($idp_data[0])] = array( trim($idp_data[1]) );
208 }
209 }
210
211 return $idp_list;
212 }
213
214
222 public function generateCookieArray($value) {
223 $arr_cookie = explode(' ', $value);
224 $arr_cookie = array_map('base64_decode', $arr_cookie);
225
226 return $arr_cookie;
227 }
228
229
237 public function generateCookieValue(array $arr_cookie) {
238 $arr_cookie = array_map('base64_encode', $arr_cookie);
239 $value = implode(' ', $arr_cookie);
240
241 return $value;
242 }
243
244
253 public function appendCookieValue($value, array $arr_cookie) {
254 array_push($arr_cookie, $value);
255 $arr_cookie = array_reverse($arr_cookie);
256 $arr_cookie = array_unique($arr_cookie);
257 $arr_cookie = array_reverse($arr_cookie);
258
259 return $arr_cookie;
260 }
261}
262
263?>
$_COOKIE['ilClientId']
Definition: BPMN2Parser.php:15
$_GET["client_id"]
$_POST["username"]
An exception for terminatinating execution or to throw for unit testing.
Class ShibbolethWAYF.
redirect()
@description Redirects user to the local Shibboleth session initatiotor with already set GET argument...
generateCookieValue(array $arr_cookie)
setSAMLCookie()
@description Sets the standard SAML domain cookie that is also used to preselect the right entry on t...
appendCookieValue($value, array $arr_cookie)
generateCookieArray($value)
language handling
static redirect($a_script)
http redirect to other script
global $lng
Definition: privfeed.php:17
global $ilSetting
Definition: privfeed.php:17
global $DIC