ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
Public Member Functions | Static Public Member Functions | Protected Member Functions | Private Member Functions | Private Attributes
sspmod_discopower_PowerIdPDisco Class Reference
+ Inheritance diagram for sspmod_discopower_PowerIdPDisco:
+ Collaboration diagram for sspmod_discopower_PowerIdPDisco:

Public Member Functions

 __construct (array $metadataSets, $instance)
 Initializes this discovery service. More...
 
 handleRequest ()
 Handles a request to this discovery service. More...
 
- Public Member Functions inherited from SimpleSAML_XHTML_IdPDisco
 __construct (array $metadataSets, $instance)
 Initializes this discovery service. More...
 
 handleRequest ()
 Handles a request to this discovery service. More...
 

Static Public Member Functions

static mcmp (array $a, array $b)
 Compare two entities. More...
 

Protected Member Functions

 log ($message)
 Log a message. More...
 
 idplistStructured ($list)
 Structure the list of IdPs in a hierarchy based upon the tags. More...
 
 filterList ($list)
 Filter a list of entities according to any filters defined in the parent class, plus discopower configuration options regarding filtering. More...
 
 setPreviousIdP ($idp)
 Save the current IdP choice to a cookie. More...
 
 getPreviousIdP ()
 Retrieve the previous IdP the user used. More...
 
- Protected Member Functions inherited from SimpleSAML_XHTML_IdPDisco
 log ($message)
 Log a message. More...
 
 getCookie ($name)
 Retrieve cookie with the given name. More...
 
 setCookie ($name, $value)
 Save cookie with the given name and value. More...
 
 validateIdP ($idp)
 Validates the given IdP entity id. More...
 
 getSelectedIdP ()
 Retrieve the users choice of IdP. More...
 
 getSavedIdP ()
 Retrieve the users saved choice of IdP. More...
 
 getPreviousIdP ()
 Retrieve the previous IdP the user used. More...
 
 getFromCIDRhint ()
 Retrieve a recommended IdP based on the IP address of the client. More...
 
 getRecommendedIdP ()
 Try to determine which IdP the user should most likely use. More...
 
 setPreviousIdP ($idp)
 Save the current IdP choice to a cookie. More...
 
 saveIdP ()
 Determine whether the choice of IdP should be saved. More...
 
 getTargetIdP ()
 Determine which IdP the user should go to, if any. More...
 
 getIdPList ()
 Retrieve the list of IdPs which are stored in the metadata. More...
 
 getScopedIDPList ()
 Return the list of scoped idp. More...
 
 filterList ($list)
 Filter the list of IdPs. More...
 
 start ()
 Check if an IdP is set or if the request is passive, and redirect accordingly. More...
 

Private Member Functions

 processFilter ($filter, $entry, $default=true)
 Do the actual filtering according the rules defined. More...
 
 getCDC ()
 Get the IdP entities saved in the common domain cookie. More...
 

Private Attributes

 $discoconfig
 
 $cdcDomain
 
 $cdcLifetime
 

Additional Inherited Members

- Protected Attributes inherited from SimpleSAML_XHTML_IdPDisco
 $config
 
 $instance
 
 $metadata
 
 $session
 
 $metadataSets
 
 $spEntityId
 
 $isPassive
 
 $setIdPentityID = null
 
 $returnIdParam
 
 $scopedIDPList = array()
 
 $returnURL
 

Detailed Description

Definition at line 13 of file PowerIdPDisco.php.

Constructor & Destructor Documentation

◆ __construct()

sspmod_discopower_PowerIdPDisco::__construct ( array  $metadataSets,
  $instance 
)

Initializes this discovery service.

The constructor does the parsing of the request. If this is an invalid request, it will throw an exception.

Parameters
array$metadataSetsArray with metadata sets we find remote entities in.
string$instanceThe name of this instance of the discovery service.

Definition at line 50 of file PowerIdPDisco.php.

References SimpleSAML_XHTML_IdPDisco\$instance, and SimpleSAML_Configuration\getConfig().

51  {
52  parent::__construct($metadataSets, $instance);
53 
54  $this->discoconfig = SimpleSAML_Configuration::getConfig('module_discopower.php');
55 
56  $this->cdcDomain = $this->discoconfig->getString('cdc.domain', null);
57  if ($this->cdcDomain !== null && $this->cdcDomain[0] !== '.') {
58  // ensure that the CDC domain starts with a dot ('.') as required by the spec
59  $this->cdcDomain = '.'.$this->cdcDomain;
60  }
61 
62  $this->cdcLifetime = $this->discoconfig->getInteger('cdc.lifetime', null);
63  }
SimpleSAML_XHTML_IdPDisco\$metadataSets
$metadataSets
Definition: IdPDisco.php:55
SimpleSAML_XHTML_IdPDisco\$instance
$instance
Definition: IdPDisco.php:31
SimpleSAML_Configuration\getConfig
static getConfig($filename='config.php', $configSet='simplesaml')
Load a configuration file from a configuration set.
Definition: Configuration.php:209
+ Here is the call graph for this function:

Member Function Documentation

◆ filterList()

sspmod_discopower_PowerIdPDisco::filterList (   $list)
protected

Filter a list of entities according to any filters defined in the parent class, plus discopower configuration options regarding filtering.

Parameters
array$listA list of entities to filter.
Returns
array The list in $list after filtering entities.

Definition at line 187 of file PowerIdPDisco.php.

References $key, $list, $spmd, array, and processFilter().

Referenced by handleRequest().

188  {
189  $list = parent::filterList($list);
190 
191  try {
192  $spmd = $this->metadata->getMetaData($this->spEntityId, 'saml20-sp-remote');
193  } catch (Exception $e) {
194  return $list;
195  }
196 
197  if (!isset($spmd)) {
198  return $list;
199  }
200  if (!array_key_exists('discopower.filter', $spmd)) {
201  return $list;
202  }
203  $filter = $spmd['discopower.filter'];
204 
205  if (!array_key_exists('entities.include', $filter)) {
206  $filter['entities.include'] = array();
207  }
208  if (!array_key_exists('entities.exclude', $filter)) {
209  $filter['entities.exclude'] = array();
210  }
211  if (!array_key_exists('tags.include', $filter)) {
212  $filter['tags.include'] = array();
213  }
214  if (!array_key_exists('tags.exclude', $filter)) {
215  $filter['tags.exclude'] = array();
216  }
217 
218  $defaultrule = true;
219  if (array_key_exists('entities.include', $spmd['discopower.filter']) ||
220  array_key_exists('tags.include', $spmd['discopower.filter'])
221  ) {
222 
223  $defaultrule = false;
224  }
225 
226  $returnlist = array();
227  foreach ($list as $key => $entry) {
228  if ($this->processFilter($filter, $entry, $defaultrule)) {
229  $returnlist[$key] = $entry;
230  }
231  }
232  return $returnlist;
233  }
$list
if(isset($_REQUEST['delete'])) $list
Definition: registry.php:41
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
sspmod_discopower_PowerIdPDisco\processFilter
processFilter($filter, $entry, $default=true)
Do the actual filtering according the rules defined.
Definition: PowerIdPDisco.php:154
$spmd
$spmd
Definition: invalid_session.php:65
$key
$key
Definition: croninfo.php:18
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getCDC()

sspmod_discopower_PowerIdPDisco::getCDC ( )
private

Get the IdP entities saved in the common domain cookie.

Returns
array List of IdP entities.

Definition at line 293 of file PowerIdPDisco.php.

References $_COOKIE, $idp, $ret, array, and string.

Referenced by getPreviousIdP(), and setPreviousIdP().

294  {
295  if (!isset($_COOKIE['_saml_idp'])) {
296  return array();
297  }
298 
299  $ret = (string) $_COOKIE['_saml_idp'];
300  $ret = explode(' ', $ret);
301  foreach ($ret as &$idp) {
302  $idp = base64_decode($idp);
303  if ($idp === false) {
304  // not properly base64 encoded
305  return array();
306  }
307  }
308 
309  return $ret;
310  }
string
Add rich text string
Definition: 05featuredemo.inc.php:117
$_COOKIE
$_COOKIE['client_id']
Definition: server.php:9
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$idp
$idp
Definition: prp.php:13
$ret
$ret
Definition: parser.php:6
+ Here is the caller graph for this function:

◆ getPreviousIdP()

sspmod_discopower_PowerIdPDisco::getPreviousIdP ( )
protected

Retrieve the previous IdP the user used.

This function overrides the corresponding function in the parent class, to add support for common domain cookie.

Returns
string|null The entity id of the previous IdP the user used, or null if this is the first time.

Definition at line 369 of file PowerIdPDisco.php.

References $idp, getCDC(), and SimpleSAML_XHTML_IdPDisco\validateIdP().

370  {
371  if ($this->cdcDomain === null) {
372  return parent::getPreviousIdP();
373  }
374 
375  $prevIdPs = $this->getCDC();
376  while (count($prevIdPs) > 0) {
377  $idp = array_pop($prevIdPs);
378  $idp = $this->validateIdP($idp);
379  if ($idp !== null) {
380  return $idp;
381  }
382  }
383 
384  return null;
385  }
sspmod_discopower_PowerIdPDisco\getCDC
getCDC()
Get the IdP entities saved in the common domain cookie.
Definition: PowerIdPDisco.php:293
$idp
$idp
Definition: prp.php:13
SimpleSAML_XHTML_IdPDisco\validateIdP
validateIdP($idp)
Validates the given IdP entity id.
Definition: IdPDisco.php:238
+ Here is the call graph for this function:

◆ handleRequest()

sspmod_discopower_PowerIdPDisco::handleRequest ( )

Handles a request to this discovery service.

The IdP disco parameters should be set before calling this function.

Definition at line 241 of file PowerIdPDisco.php.

References SimpleSAML_XHTML_IdPDisco\$returnIdParam, SimpleSAML_XHTML_IdPDisco\$returnURL, $slist, SimpleSAML_XHTML_IdPDisco\$spEntityId, $t, $tab, array, filterList(), SimpleSAML_XHTML_IdPDisco\getIdPList(), SimpleSAML_XHTML_IdPDisco\getRecommendedIdP(), idplistStructured(), and SimpleSAML_XHTML_IdPDisco\start().

242  {
243  $this->start();
244 
245  // no choice made. Show discovery service page
246  $idpList = $this->getIdPList();
247  $idpList = $this->idplistStructured($this->filterList($idpList));
248  $preferredIdP = $this->getRecommendedIdP();
249  $faventry = NULL;
250  foreach ($idpList AS $tab => $slist) {
251  if (!empty($preferredIdP) && array_key_exists($preferredIdP, $slist)) {
252  $faventry = $slist[$preferredIdP];
253  }
254  }
255 
256  $t = new SimpleSAML_XHTML_Template($this->config, 'discopower:disco.tpl.php', 'disco');
257  $discoPowerTabs = array(
258  'denmark' => $t->noop('{discopower:tabs:denmark}'),
259  'edugain' => $t->noop('{discopower:tabs:edugain}'),
260  'finland' => $t->noop('{discopower:tabs:finland}'),
261  'greece' => $t->noop('{discopower:tabs:greece}'),
262  'southafrica' => $t->noop('{discopower:tabs:southafrica}'),
263  'iceland' => $t->noop('{discopower:tabs:iceland}'),
264  'incommon' => $t->noop('{discopower:tabs:incommon}'),
265  'kalmar' => $t->noop('{discopower:tabs:kalmar}'),
266  'misc' => $t->noop('{discopower:tabs:misc}'),
267  'norway' => $t->noop('{discopower:tabs:norway}'),
268  'sweden' => $t->noop('{discopower:tabs:sweden}'),
269  'switzerland' => $t->noop('{discopower:tabs:switzerland}'),
270  'ukacessfederation' => $t->noop('{discopower:tabs:ukacessfederation}'),
271  );
272  $t->data['faventry'] = $faventry;
273  $t->data['tabNames'] = $discoPowerTabs;
274  $t->data['idplist'] = $idpList;
275  $t->data['preferredidp'] = $preferredIdP;
276  $t->data['return'] = $this->returnURL;
277  $t->data['returnIDParam'] = $this->returnIdParam;
278  $t->data['entityID'] = $this->spEntityId;
279  $t->data['urlpattern'] = htmlspecialchars(\SimpleSAML\Utils\HTTP::getSelfURLNoQuery());
280  $t->data['rememberenabled'] = $this->config->getBoolean('idpdisco.enableremember', false);
281  $t->data['rememberchecked'] = $this->config->getBoolean('idpdisco.rememberchecked', false);
282  $t->data['defaulttab'] = $this->discoconfig->getValue('defaulttab', 0);
283  $t->data['score'] = $this->discoconfig->getValue('score', 'quicksilver');
284  $t->show();
285  }
sspmod_discopower_PowerIdPDisco\idplistStructured
idplistStructured($list)
Structure the list of IdPs in a hierarchy based upon the tags.
Definition: PowerIdPDisco.php:111
SimpleSAML_XHTML_IdPDisco\$spEntityId
$spEntityId
Definition: IdPDisco.php:63
$slist
$slist
Definition: registry.php:43
SimpleSAML_XHTML_IdPDisco\start
start()
Check if an IdP is set or if the request is passive, and redirect accordingly.
Definition: IdPDisco.php:512
SimpleSAML
Attribute-related utility methods.
$tab
$tab
Definition: inc.client_tabs.php:15
SimpleSAML_XHTML_IdPDisco\getIdPList
getIdPList()
Retrieve the list of IdPs which are stored in the metadata.
Definition: IdPDisco.php:459
sspmod_discopower_PowerIdPDisco\filterList
filterList($list)
Filter a list of entities according to any filters defined in the parent class, plus discopower confi...
Definition: PowerIdPDisco.php:187
SimpleSAML_XHTML_IdPDisco\$returnURL
$returnURL
Definition: IdPDisco.php:103
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
SimpleSAML_XHTML_IdPDisco\getRecommendedIdP
getRecommendedIdP()
Try to determine which IdP the user should most likely use.
Definition: IdPDisco.php:365
SimpleSAML_XHTML_Template
Definition: Template.php:16
SimpleSAML_XHTML_IdPDisco\$returnIdParam
$returnIdParam
Definition: IdPDisco.php:87
+ Here is the call graph for this function:

◆ idplistStructured()

sspmod_discopower_PowerIdPDisco::idplistStructured (   $list)
protected

Structure the list of IdPs in a hierarchy based upon the tags.

Parameters
array$listA list of IdPs.
Returns
array The list of IdPs structured accordingly.

Definition at line 111 of file PowerIdPDisco.php.

References $key, $list, $slist, $tab, $tag, $tags, and array.

Referenced by handleRequest().

112  {
113  $slist = array();
114 
115  $order = $this->discoconfig->getValue('taborder');
116  if (is_array($order)) {
117  foreach ($order as $oe) {
118  $slist[$oe] = array();
119  }
120  }
121 
122  $enableTabs = $this->discoconfig->getValue('tabs', null);
123 
124  foreach ($list as $key => $val) {
125  $tags = array('misc');
126  if (array_key_exists('tags', $val)) {
127  $tags = $val['tags'];
128  }
129  foreach ($tags as $tag) {
130  if (!empty($enableTabs) && !in_array($tag, $enableTabs, true)) {
131  continue;
132  }
133  $slist[$tag][$key] = $val;
134  }
135  }
136 
137  foreach ($slist as $tab => $tbslist) {
138  uasort($slist[$tab], array('sspmod_discopower_PowerIdPDisco', 'mcmp'));
139  }
140 
141  return $slist;
142  }
$list
if(isset($_REQUEST['delete'])) $list
Definition: registry.php:41
$slist
$slist
Definition: registry.php:43
$tab
$tab
Definition: inc.client_tabs.php:15
$tags
$tags
Definition: croninfo.php:19
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$key
$key
Definition: croninfo.php:18
$tag
if(function_exists('posix_getuid') &&posix_getuid()===0) if(!array_key_exists('t', $options)) $tag
Definition: cron.php:35
+ Here is the caller graph for this function:

◆ log()

sspmod_discopower_PowerIdPDisco::log (   $message)
protected

Log a message.

This is an helper function for logging messages. It will prefix the messages with our discovery service type.

Parameters
string$messageThe message which should be logged.

Definition at line 73 of file PowerIdPDisco.php.

References $message, and SimpleSAML\Logger\info().

74  {
75  SimpleSAML\Logger::info('PowerIdPDisco.'.$this->instance.': '.$message);
76  }
SimpleSAML\Logger\info
static info($string)
Definition: Logger.php:201
$message
catch(Exception $e) $message
Definition: saml2-logout.php:34
+ Here is the call graph for this function:

◆ mcmp()

static sspmod_discopower_PowerIdPDisco::mcmp ( array  $a,
array  $b 
)
static

Compare two entities.

This function is used to sort the entity list. It sorts based on english name, and will always put IdP's with names configured before those with only an entityID.

Parameters
array$aThe metadata of the first entity.
array$bThe metadata of the second entity.
Returns
int How $a compares to $b.

Definition at line 90 of file PowerIdPDisco.php.

91  {
92  if (isset($a['name']['en']) && isset($b['name']['en'])) {
93  return strcasecmp($a['name']['en'], $b['name']['en']);
94  } elseif (isset($a['name']['en'])) {
95  return -1; // place name before entity ID
96  } elseif (isset($b['name']['en'])) {
97  return 1; // Place entity ID after name
98  } else {
99  return strcasecmp($a['entityid'], $b['entityid']);
100  }
101  }

◆ processFilter()

sspmod_discopower_PowerIdPDisco::processFilter (   $filter,
  $entry,
  $default = true 
)
private

Do the actual filtering according the rules defined.

Parameters
array$filterA set of rules regarding filtering.
array$entryAn entry to be evaluated by the filters.
boolean$defaultWhat to do in case the entity does not match any rules. Defaults to true.
Returns
boolean True if the entity should be kept, false if it should be discarded according to the filters.

Definition at line 154 of file PowerIdPDisco.php.

Referenced by filterList().

155  {
156  if (in_array($entry['entityid'], $filter['entities.include'], true)) {
157  return true;
158  }
159  if (in_array($entry['entityid'], $filter['entities.exclude'], true)) {
160  return false;
161  }
162 
163  if (array_key_exists('tags', $entry)) {
164  foreach ($filter['tags.include'] as $fe) {
165  if (in_array($fe, $entry['tags'], true)) {
166  return true;
167  }
168  }
169  foreach ($filter['tags.exclude'] as $fe) {
170  if (in_array($fe, $entry['tags'], true)) {
171  return false;
172  }
173  }
174  }
175  return $default;
176  }
+ Here is the caller graph for this function:

◆ setPreviousIdP()

sspmod_discopower_PowerIdPDisco::setPreviousIdP (   $idp)
protected

Save the current IdP choice to a cookie.

This function overrides the corresponding function in the parent class, to add support for common domain cookie.

Parameters
string$idpThe entityID of the IdP.

Definition at line 320 of file PowerIdPDisco.php.

References $idp, $list, $params, array, getCDC(), and SimpleSAML\Utils\HTTP\setCookie().

321  {
322  assert('is_string($idp)');
323 
324  if ($this->cdcDomain === null) {
325  parent::setPreviousIdP($idp);
326  return;
327  }
328 
329  $list = $this->getCDC();
330 
331  $prevIndex = array_search($idp, $list, true);
332  if ($prevIndex !== false) {
333  unset($list[$prevIndex]);
334  }
335  $list[] = $idp;
336 
337  foreach ($list as &$value) {
338  $value = base64_encode($value);
339  }
340  $newCookie = implode(' ', $list);
341 
342  while (strlen($newCookie) > 4000) {
343  // the cookie is too long. Remove the oldest elements until it is short enough
344  $tmp = explode(' ', $newCookie, 2);
345  if (count($tmp) === 1) {
346  // we are left with a single entityID whose base64 representation is too long to fit in a cookie
347  break;
348  }
349  $newCookie = $tmp[1];
350  }
351 
352  $params = array(
353  'lifetime' => $this->cdcLifetime,
354  'domain' => $this->cdcDomain,
355  'secure' => true,
356  'httponly' => false,
357  );
358  \SimpleSAML\Utils\HTTP::setCookie('_saml_idp', $newCookie, $params, false);
359  }
$params
$params
Definition: disable.php:11
$list
if(isset($_REQUEST['delete'])) $list
Definition: registry.php:41
sspmod_discopower_PowerIdPDisco\getCDC
getCDC()
Get the IdP entities saved in the common domain cookie.
Definition: PowerIdPDisco.php:293
SimpleSAML\Utils\HTTP\setCookie
static setCookie($name, $value, $params=null, $throw=true)
Set a cookie.
Definition: HTTP.php:1107
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
$idp
$idp
Definition: prp.php:13
+ Here is the call graph for this function:

Field Documentation

◆ $cdcDomain

sspmod_discopower_PowerIdPDisco::$cdcDomain
private

Definition at line 31 of file PowerIdPDisco.php.

◆ $cdcLifetime

sspmod_discopower_PowerIdPDisco::$cdcLifetime
private

Definition at line 39 of file PowerIdPDisco.php.

◆ $discoconfig

sspmod_discopower_PowerIdPDisco::$discoconfig
private

Definition at line 22 of file PowerIdPDisco.php.

The documentation for this class was generated from the following file: