ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
getconsent.php
Go to the documentation of this file.
1<?php
20session_cache_limiter('nocache');
21
22$globalConfig = SimpleSAML_Configuration::getInstance();
23
24SimpleSAML\Logger::info('Consent - getconsent: Accessing consent interface');
25
26if (!array_key_exists('StateId', $_REQUEST)) {
27 throw new SimpleSAML_Error_BadRequest(
28 'Missing required StateId query parameter.'
29 );
30}
31
32$id = $_REQUEST['StateId'];
33$state = SimpleSAML_Auth_State::loadState($id, 'consent:request');
34
35if (array_key_exists('core:SP', $state)) {
36 $spentityid = $state['core:SP'];
37} else if (array_key_exists('saml:sp:State', $state)) {
38 $spentityid = $state['saml:sp:State']['core:SP'];
39} else {
40 $spentityid = 'UNKNOWN';
41}
42
43
44// The user has pressed the yes-button
45if (array_key_exists('yes', $_REQUEST)) {
46 if (array_key_exists('saveconsent', $_REQUEST)) {
47 SimpleSAML\Logger::stats('consentResponse remember');
48 } else {
49 SimpleSAML\Logger::stats('consentResponse rememberNot');
50 }
51
52 $statsInfo = array(
53 'remember' => array_key_exists('saveconsent', $_REQUEST),
54 );
55 if (isset($state['Destination']['entityid'])) {
56 $statsInfo['spEntityID'] = $state['Destination']['entityid'];
57 }
58 SimpleSAML_Stats::log('consent:accept', $statsInfo);
59
60 if ( array_key_exists('consent:store', $state)
61 && array_key_exists('saveconsent', $_REQUEST)
62 && $_REQUEST['saveconsent'] === '1'
63 ) {
64 // Save consent
65 $store = $state['consent:store'];
66 $userId = $state['consent:store.userId'];
67 $targetedId = $state['consent:store.destination'];
68 $attributeSet = $state['consent:store.attributeSet'];
69
70 SimpleSAML\Logger::debug(
71 'Consent - saveConsent() : [' . $userId . '|' .
72 $targetedId . '|' . $attributeSet . ']'
73 );
74 try {
75 $store->saveConsent($userId, $targetedId, $attributeSet);
76 } catch (Exception $e) {
77 SimpleSAML\Logger::error('Consent: Error writing to storage: ' . $e->getMessage());
78 }
79 }
80
81 SimpleSAML_Auth_ProcessingChain::resumeProcessing($state);
82}
83
84// Prepare attributes for presentation
85$attributes = $state['Attributes'];
86$noconsentattributes = $state['consent:noconsentattributes'];
87
88// Remove attributes that do not require consent
89foreach ($attributes AS $attrkey => $attrval) {
90 if (in_array($attrkey, $noconsentattributes, true)) {
91 unset($attributes[$attrkey]);
92 }
93}
94$para = array(
95 'attributes' => &$attributes
96);
97
98// Reorder attributes according to attributepresentation hooks
99SimpleSAML\Module::callHooks('attributepresentation', $para);
100
101// Parse parameters
102if (array_key_exists('name', $state['Source'])) {
103 $srcName = $state['Source']['name'];
104} elseif (array_key_exists('OrganizationDisplayName', $state['Source'])) {
105 $srcName = $state['Source']['OrganizationDisplayName'];
106} else {
107 $srcName = $state['Source']['entityid'];
108}
109if (array_key_exists('name', $state['Destination'])) {
110 $dstName = $state['Destination']['name'];
111} elseif (array_key_exists('OrganizationDisplayName', $state['Destination'])) {
112 $dstName = $state['Destination']['OrganizationDisplayName'];
113} else {
114 $dstName = $state['Destination']['entityid'];
115}
116
117// Make, populate and layout consent form
118$t = new SimpleSAML_XHTML_Template($globalConfig, 'consent:consentform.php');
119$translator = $t->getTranslator();
120$t->data['srcMetadata'] = $state['Source'];
121$t->data['dstMetadata'] = $state['Destination'];
122$t->data['yesTarget'] = SimpleSAML\Module::getModuleURL('consent/getconsent.php');
123$t->data['yesData'] = array('StateId' => $id);
124$t->data['noTarget'] = SimpleSAML\Module::getModuleURL('consent/noconsent.php');
125$t->data['noData'] = array('StateId' => $id);
126$t->data['attributes'] = $attributes;
127$t->data['checked'] = $state['consent:checked'];
128$t->data['stateId'] = $id;
129
130$srcName = htmlspecialchars(is_array($srcName) ? $translator->t($srcName) : $srcName);
131$dstName = htmlspecialchars(is_array($dstName) ? $translator->t($dstName) : $dstName);
132
133$t->data['consent_attributes_header'] = $translator->t(
134 '{consent:consent:consent_attributes_header}',
135 array('SPNAME' => $dstName, 'IDPNAME' => $srcName)
136);
137
138$t->data['consent_accept'] = $translator->t(
139 '{consent:consent:consent_accept}',
140 array('SPNAME' => $dstName, 'IDPNAME' => $srcName)
141);
142
143if (array_key_exists('descr_purpose', $state['Destination'])) {
144 $t->data['consent_purpose'] = $translator->t(
145 '{consent:consent:consent_purpose}',
146 array(
147 'SPNAME' => $dstName,
148 'SPDESC' => $translator->getPreferredTranslation(
149 \SimpleSAML\Utils\Arrays::arrayize(
150 $state['Destination']['descr_purpose'],
151 'en'
152 )
153 ),
154 )
155 );
156}
157
158$t->data['srcName'] = $srcName;
159$t->data['dstName'] = $dstName;
160
161// Fetch privacypolicy
162if (array_key_exists('privacypolicy', $state['Destination'])) {
163 $privacypolicy = $state['Destination']['privacypolicy'];
164} elseif (array_key_exists('privacypolicy', $state['Source'])) {
165 $privacypolicy = $state['Source']['privacypolicy'];
166} else {
167 $privacypolicy = false;
168}
169if ($privacypolicy !== false) {
170 $privacypolicy = str_replace(
171 '%SPENTITYID%',
172 urlencode($spentityid),
173 $privacypolicy
174 );
175}
176$t->data['sppp'] = $privacypolicy;
177
178// Set focus element
179switch ($state['consent:focus']) {
180case 'yes':
181 $t->data['autofocus'] = 'yesbutton';
182 break;
183case 'no':
184 $t->data['autofocus'] = 'nobutton';
185 break;
186case null:
187default:
188 break;
189}
190
191if (array_key_exists('consent:store', $state)) {
192 $t->data['usestorage'] = true;
193} else {
194 $t->data['usestorage'] = false;
195}
196
197if (array_key_exists('consent:hiddenAttributes', $state)) {
198 $t->data['hiddenAttributes'] = $state['consent:hiddenAttributes'];
199} else {
200 $t->data['hiddenAttributes'] = array();
201}
202
203$t->data['attributes_html'] = present_attributes($t, $attributes, '');
204$t->show();
205
206
216function present_attributes($t, $attributes, $nameParent)
217{
218 $translator = $t->getTranslator();
219 $alternate = array('odd', 'even');
220 $i = 0;
221 $summary = 'summary="'.$translator->t('{consent:consent:table_summary}').'"';
222 if (strlen($nameParent) > 0) {
223 $parentStr = strtolower($nameParent).'_';
224 $str = '<table class="attributes" '.$summary.'>';
225 } else {
226 $parentStr = '';
227 $str = '<table id="table_with_attributes" class="attributes" '.$summary.'>';
228 $str .= "\n".'<caption>'.$translator->t('{consent:consent:table_caption}').'</caption>';
229 }
230 foreach ($attributes as $name => $value) {
231 $nameraw = $name;
232 $name = $translator->getAttributeTranslation($parentStr.$nameraw);
233 if (preg_match('/^child_/', $nameraw)) {
234 // insert child table
235 $parentName = preg_replace('/^child_/', '', $nameraw);
236 foreach ($value as $child) {
237 $str .= "\n".'<tr class="odd"><td class="td_odd">'.
238 present_attributes($t, $child, $parentName).'</td></tr>';
239 }
240 } else {
241 // insert values directly
242 $str .= "\n".'<tr class="'.$alternate[($i++ % 2)].
243 '"><td><span class="attrname">'.htmlspecialchars($name).'</span>';
244 $isHidden = in_array($nameraw, $t->data['hiddenAttributes'], true);
245 if ($isHidden) {
246 $hiddenId = \SimpleSAML\Utils\Random::generateID();
247 $str .= '<div class="attrvalue hidden" id="hidden_'.$hiddenId.'">';
248 } else {
249 $str .= '<div class="attrvalue">';
250 }
251 if (sizeof($value) > 1) {
252 // we hawe several values
253 $str .= '<ul>';
254 foreach ($value as $listitem) {
255 if ($nameraw === 'jpegPhoto') {
256 $str .= '<li><img src="data:image/jpeg;base64,'.
257 htmlspecialchars($listitem).'" alt="User photo" /></li>';
258 } else {
259 $str .= '<li>'.htmlspecialchars($listitem).'</li>';
260 }
261 }
262 $str .= '</ul>';
263 } elseif (isset($value[0])) {
264 // we hawe only one value
265 if ($nameraw === 'jpegPhoto') {
266 $str .= '<img src="data:image/jpeg;base64,'.
267 htmlspecialchars($value[0]).'" alt="User photo" />';
268 } else {
269 $str .= htmlspecialchars($value[0]);
270 }
271 } // end of if multivalue
272 $str .= '</div>';
273 if ($isHidden) {
274 $str .= '<div class="attrvalue consent_showattribute" id="visible_'.$hiddenId.'">';
275 $str .= '... ';
276 $str .= '<a class="consent_showattributelink" href="javascript:SimpleSAML_show(\'hidden_'.$hiddenId;
277 $str .= '\'); SimpleSAML_hide(\'visible_'.$hiddenId.'\');">';
278 $str .= $t->t('{consent:consent:show_attribute}');
279 $str .= '</a>';
280 $str .= '</div>';
281 }
282 $str .= '</td></tr>';
283 } // end else: not child table
284 } // end foreach
285 $str .= isset($attributes) ? '</table>' : '';
286 return $str;
287}
php
An exception for terminatinating execution or to throw for unit testing.
SimpleSAML\Logger\info
static info($string)
Definition: Logger.php:199
SimpleSAML\Logger\stats
static stats($string)
Definition: Logger.php:222
SimpleSAML\Logger\error
static error($string)
Definition: Logger.php:166
SimpleSAML\Logger\debug
static debug($string)
Definition: Logger.php:211
SimpleSAML\Module\getModuleURL
static getModuleURL($resource, array $parameters=array())
Get absolute URL to a specified module resource.
Definition: Module.php:220
SimpleSAML\Module\callHooks
static callHooks($hook, &$data=null)
Call a hook in all enabled modules.
Definition: Module.php:281
SimpleSAML\Utils\Random\generateID
static generateID()
Generate a random identifier, ID_LENGTH bytes long.
Definition: Random.php:26
SimpleSAML_Auth_ProcessingChain\resumeProcessing
static resumeProcessing($state)
Continues processing of the state.
Definition: ProcessingChain.php:226
SimpleSAML_Auth_State\loadState
static loadState($id, $stage, $allowMissing=false)
Retrieve saved state.
Definition: State.php:259
SimpleSAML_Configuration\getInstance
static getInstance($instancename='simplesaml')
Get a configuration file by its instance name.
Definition: Configuration.php:325
SimpleSAML_Error_BadRequest
Definition: BadRequest.php:13
SimpleSAML_Stats\log
static log($event, array $data=array())
Notify about an event.
Definition: Stats.php:71
SimpleSAML_XHTML_Template
Definition: Template.php:15
$name
$name
Definition: client_example.php:35
$i
$i
Definition: disco.tpl.php:19
$store
if(! $oauthconfig->getBoolean('getUserInfo.enable', FALSE)) $store
Definition: getUserInfo.php:11
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: getconsent.php:32
$t
$t
Definition: getconsent.php:118
present_attributes
present_attributes($t, $attributes, $nameParent)
Recursive attribute array listing function.
Definition: getconsent.php:216
$para
foreach($attributes AS $attrkey=> $attrval) $para
Definition: getconsent.php:94
$noconsentattributes
$noconsentattributes
Definition: getconsent.php:86
$globalConfig
$globalConfig
Definition: getconsent.php:22
$srcName
$srcName
Definition: getconsent.php:130
$translator
$translator
Definition: getconsent.php:119
$state
$state
Definition: getconsent.php:33
$attributes
if(array_key_exists('yes', $_REQUEST)) $attributes
Definition: getconsent.php:85
$dstName
$dstName
Definition: getconsent.php:131
$summary
$summary
Definition: cron.php:24
SimpleSAML
Attribute-related utility methods.
$statsInfo
if(!isset($state['consent:showNoConsentAboutService'])|| $state['consent:showNoConsentAboutService']) $statsInfo
Definition: noconsent.php:34