ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
getconsent.php
Go to the documentation of this file.
1 <?php
20 session_cache_limiter('nocache');
21 
22 $globalConfig = SimpleSAML_Configuration::getInstance();
23 
24 SimpleSAML\Logger::info('Consent - getconsent: Accessing consent interface');
25 
26 if (!array_key_exists('StateId', $_REQUEST)) {
27  throw new SimpleSAML_Error_BadRequest(
28  'Missing required StateId query parameter.'
29  );
30 }
31 
32 $id = $_REQUEST['StateId'];
33 $state = SimpleSAML_Auth_State::loadState($id, 'consent:request');
34 
35 if (array_key_exists('core:SP', $state)) {
36  $spentityid = $state['core:SP'];
37 } else if (array_key_exists('saml:sp:State', $state)) {
38  $spentityid = $state['saml:sp:State']['core:SP'];
39 } else {
40  $spentityid = 'UNKNOWN';
41 }
42 
43 
44 // The user has pressed the yes-button
45 if (array_key_exists('yes', $_REQUEST)) {
46  if (array_key_exists('saveconsent', $_REQUEST)) {
47  SimpleSAML\Logger::stats('consentResponse remember');
48  } else {
49  SimpleSAML\Logger::stats('consentResponse rememberNot');
50  }
51 
52  $statsInfo = array(
53  'remember' => array_key_exists('saveconsent', $_REQUEST),
54  );
55  if (isset($state['Destination']['entityid'])) {
56  $statsInfo['spEntityID'] = $state['Destination']['entityid'];
57  }
58  SimpleSAML_Stats::log('consent:accept', $statsInfo);
59 
60  if ( array_key_exists('consent:store', $state)
61  && array_key_exists('saveconsent', $_REQUEST)
62  && $_REQUEST['saveconsent'] === '1'
63  ) {
64  // Save consent
65  $store = $state['consent:store'];
66  $userId = $state['consent:store.userId'];
67  $targetedId = $state['consent:store.destination'];
68  $attributeSet = $state['consent:store.attributeSet'];
69 
70  SimpleSAML\Logger::debug(
71  'Consent - saveConsent() : [' . $userId . '|' .
72  $targetedId . '|' . $attributeSet . ']'
73  );
74  try {
75  $store->saveConsent($userId, $targetedId, $attributeSet);
76  } catch (Exception $e) {
77  SimpleSAML\Logger::error('Consent: Error writing to storage: ' . $e->getMessage());
78  }
79  }
80 
81  SimpleSAML_Auth_ProcessingChain::resumeProcessing($state);
82 }
83 
84 // Prepare attributes for presentation
85 $attributes = $state['Attributes'];
86 $noconsentattributes = $state['consent:noconsentattributes'];
87 
88 // Remove attributes that do not require consent
89 foreach ($attributes AS $attrkey => $attrval) {
90  if (in_array($attrkey, $noconsentattributes, true)) {
91  unset($attributes[$attrkey]);
92  }
93 }
94 $para = array(
95  'attributes' => &$attributes
96 );
97 
98 // Reorder attributes according to attributepresentation hooks
99 SimpleSAML\Module::callHooks('attributepresentation', $para);
100 
101 // Parse parameters
102 if (array_key_exists('name', $state['Source'])) {
103  $srcName = $state['Source']['name'];
104 } elseif (array_key_exists('OrganizationDisplayName', $state['Source'])) {
105  $srcName = $state['Source']['OrganizationDisplayName'];
106 } else {
107  $srcName = $state['Source']['entityid'];
108 }
109 if (array_key_exists('name', $state['Destination'])) {
110  $dstName = $state['Destination']['name'];
111 } elseif (array_key_exists('OrganizationDisplayName', $state['Destination'])) {
112  $dstName = $state['Destination']['OrganizationDisplayName'];
113 } else {
114  $dstName = $state['Destination']['entityid'];
115 }
116 
117 // Make, populate and layout consent form
118 $t = new SimpleSAML_XHTML_Template($globalConfig, 'consent:consentform.php');
119 $translator = $t->getTranslator();
120 $t->data['srcMetadata'] = $state['Source'];
121 $t->data['dstMetadata'] = $state['Destination'];
122 $t->data['yesTarget'] = SimpleSAML\Module::getModuleURL('consent/getconsent.php');
123 $t->data['yesData'] = array('StateId' => $id);
124 $t->data['noTarget'] = SimpleSAML\Module::getModuleURL('consent/noconsent.php');
125 $t->data['noData'] = array('StateId' => $id);
126 $t->data['attributes'] = $attributes;
127 $t->data['checked'] = $state['consent:checked'];
128 $t->data['stateId'] = $id;
129 
130 $srcName = htmlspecialchars(is_array($srcName) ? $translator->t($srcName) : $srcName);
131 $dstName = htmlspecialchars(is_array($dstName) ? $translator->t($dstName) : $dstName);
132 
133 $t->data['consent_attributes_header'] = $translator->t(
134  '{consent:consent:consent_attributes_header}',
135  array('SPNAME' => $dstName, 'IDPNAME' => $srcName)
136 );
137 
138 $t->data['consent_accept'] = $translator->t(
139  '{consent:consent:consent_accept}',
140  array('SPNAME' => $dstName, 'IDPNAME' => $srcName)
141 );
142 
143 if (array_key_exists('descr_purpose', $state['Destination'])) {
144  $t->data['consent_purpose'] = $translator->t(
145  '{consent:consent:consent_purpose}',
146  array(
147  'SPNAME' => $dstName,
148  'SPDESC' => $translator->getPreferredTranslation(
149  \SimpleSAML\Utils\Arrays::arrayize(
150  $state['Destination']['descr_purpose'],
151  'en'
152  )
153  ),
154  )
155  );
156 }
157 
158 $t->data['srcName'] = $srcName;
159 $t->data['dstName'] = $dstName;
160 
161 // Fetch privacypolicy
162 if (array_key_exists('privacypolicy', $state['Destination'])) {
163  $privacypolicy = $state['Destination']['privacypolicy'];
164 } elseif (array_key_exists('privacypolicy', $state['Source'])) {
165  $privacypolicy = $state['Source']['privacypolicy'];
166 } else {
167  $privacypolicy = false;
168 }
169 if ($privacypolicy !== false) {
170  $privacypolicy = str_replace(
171  '%SPENTITYID%',
172  urlencode($spentityid),
173  $privacypolicy
174  );
175 }
176 $t->data['sppp'] = $privacypolicy;
177 
178 // Set focus element
179 switch ($state['consent:focus']) {
180 case 'yes':
181  $t->data['autofocus'] = 'yesbutton';
182  break;
183 case 'no':
184  $t->data['autofocus'] = 'nobutton';
185  break;
186 case null:
187 default:
188  break;
189 }
190 
191 if (array_key_exists('consent:store', $state)) {
192  $t->data['usestorage'] = true;
193 } else {
194  $t->data['usestorage'] = false;
195 }
196 
197 if (array_key_exists('consent:hiddenAttributes', $state)) {
198  $t->data['hiddenAttributes'] = $state['consent:hiddenAttributes'];
199 } else {
200  $t->data['hiddenAttributes'] = array();
201 }
202 
203 $t->data['attributes_html'] = present_attributes($t, $attributes, '');
204 $t->show();
205 
206 
216 function present_attributes($t, $attributes, $nameParent)
217 {
218  $translator = $t->getTranslator();
219  $alternate = array('odd', 'even');
220  $i = 0;
221  $summary = 'summary="'.$translator->t('{consent:consent:table_summary}').'"';
222  if (strlen($nameParent) > 0) {
223  $parentStr = strtolower($nameParent).'_';
224  $str = '<table class="attributes" '.$summary.'>';
225  } else {
226  $parentStr = '';
227  $str = '<table id="table_with_attributes" class="attributes" '.$summary.'>';
228  $str .= "\n".'<caption>'.$translator->t('{consent:consent:table_caption}').'</caption>';
229  }
230  foreach ($attributes as $name => $value) {
231  $nameraw = $name;
232  $name = $translator->getAttributeTranslation($parentStr.$nameraw);
233  if (preg_match('/^child_/', $nameraw)) {
234  // insert child table
235  $parentName = preg_replace('/^child_/', '', $nameraw);
236  foreach ($value as $child) {
237  $str .= "\n".'<tr class="odd"><td class="td_odd">'.
238  present_attributes($t, $child, $parentName).'</td></tr>';
239  }
240  } else {
241  // insert values directly
242  $str .= "\n".'<tr class="'.$alternate[($i++ % 2)].
243  '"><td><span class="attrname">'.htmlspecialchars($name).'</span>';
244  $isHidden = in_array($nameraw, $t->data['hiddenAttributes'], true);
245  if ($isHidden) {
246  $hiddenId = \SimpleSAML\Utils\Random::generateID();
247  $str .= '<div class="attrvalue hidden" id="hidden_'.$hiddenId.'">';
248  } else {
249  $str .= '<div class="attrvalue">';
250  }
251  if (sizeof($value) > 1) {
252  // we hawe several values
253  $str .= '<ul>';
254  foreach ($value as $listitem) {
255  if ($nameraw === 'jpegPhoto') {
256  $str .= '<li><img src="data:image/jpeg;base64,'.
257  htmlspecialchars($listitem).'" alt="User photo" /></li>';
258  } else {
259  $str .= '<li>'.htmlspecialchars($listitem).'</li>';
260  }
261  }
262  $str .= '</ul>';
263  } elseif (isset($value[0])) {
264  // we hawe only one value
265  if ($nameraw === 'jpegPhoto') {
266  $str .= '<img src="data:image/jpeg;base64,'.
267  htmlspecialchars($value[0]).'" alt="User photo" />';
268  } else {
269  $str .= htmlspecialchars($value[0]);
270  }
271  } // end of if multivalue
272  $str .= '</div>';
273  if ($isHidden) {
274  $str .= '<div class="attrvalue consent_showattribute" id="visible_'.$hiddenId.'">';
275  $str .= '... ';
276  $str .= '<a class="consent_showattributelink" href="javascript:SimpleSAML_show(\'hidden_'.$hiddenId;
277  $str .= '\'); SimpleSAML_hide(\'visible_'.$hiddenId.'\');">';
278  $str .= $t->t('{consent:consent:show_attribute}');
279  $str .= '</a>';
280  $str .= '</div>';
281  }
282  $str .= '</td></tr>';
283  } // end else: not child table
284  } // end foreach
285  $str .= isset($attributes) ? '</table>' : '';
286  return $str;
287 }
SimpleSAML\Utils\Random\generateID
static generateID()
Generate a random identifier, ID_LENGTH bytes long.
Definition: Random.php:26
SimpleSAML\Logger\debug
static debug($string)
Definition: Logger.php:211
$statsInfo
if(!isset($state['consent:showNoConsentAboutService'])|| $state['consent:showNoConsentAboutService']) $statsInfo
Definition: noconsent.php:34
$dstName
$dstName
Definition: getconsent.php:131
$t
$t
Definition: getconsent.php:118
present_attributes
present_attributes($t, $attributes, $nameParent)
Recursive attribute array listing function.
Definition: getconsent.php:216
SimpleSAML\Module\callHooks
static callHooks($hook, &$data=null)
Call a hook in all enabled modules.
Definition: Module.php:281
SimpleSAML_Auth_ProcessingChain\resumeProcessing
static resumeProcessing($state)
Continues processing of the state.
Definition: ProcessingChain.php:226
$noconsentattributes
$noconsentattributes
Definition: getconsent.php:86
$summary
$summary
Definition: cron.php:24
$store
if(! $oauthconfig->getBoolean('getUserInfo.enable', FALSE)) $store
Definition: getUserInfo.php:11
SimpleSAML\Module\getModuleURL
static getModuleURL($resource, array $parameters=array())
Get absolute URL to a specified module resource.
Definition: Module.php:220
SimpleSAML\Logger\stats
static stats($string)
Definition: Logger.php:222
SimpleSAML
Attribute-related utility methods.
SimpleSAML\Logger\info
static info($string)
Definition: Logger.php:199
SimpleSAML_Error_BadRequest
Definition: BadRequest.php:12
$srcName
$srcName
Definition: getconsent.php:130
$para
foreach($attributes AS $attrkey=> $attrval) $para
Definition: getconsent.php:94
SimpleSAML\Logger\error
static error($string)
Definition: Logger.php:166
SimpleSAML_Auth_State\loadState
static loadState($id, $stage, $allowMissing=false)
Retrieve saved state.
Definition: State.php:259
$attributes
if(array_key_exists('yes', $_REQUEST)) $attributes
Definition: getconsent.php:85
$globalConfig
$globalConfig
Definition: getconsent.php:22
SimpleSAML_XHTML_Template
Definition: Template.php:14
$i
$i
Definition: disco.tpl.php:19
$name
$name
Definition: client_example.php:35
$state
$state
Definition: getconsent.php:33
$id
if(!array_key_exists('StateId', $_REQUEST)) $id
Definition: getconsent.php:32
$translator
$translator
Definition: getconsent.php:119
SimpleSAML_Configuration\getInstance
static getInstance($instancename='simplesaml')
Get a configuration file by its instance name.
Definition: Configuration.php:325
SimpleSAML_Stats\log
static log($event, array $data=array())
Notify about an event.
Definition: Stats.php:71