entrouvert
/
spkitlasso
Archived
17
0
Fork 0
Code Issues Pull Requests Releases Activity
This repository has been archived on 2023-02-21. You can view files and clone it, but cannot push or open issues or pull requests.
spkitlasso/include/lassospkit_configgen.inc.php

280 lines
10 KiB
PHP
Raw Permalink Blame History

<?php
require_once('lassospkit_datadir.inc.php');
require_once('lassospkit_helper.inc.php');
/** This class generate the WebUI for configuring the SP kit. */
class LassoSPKitConfigUIGen
{
private $special_input;
private $default_input;
private $base;
function __construct() {
$suffix = "";
if (LassoSPKitConfig::get('showExtension')) {
$suffix = ".php";
}
$this->special_input = array(
'organization' =>
array('Nom du service',
'text'),
'baseUrl' =>
array('Base des URLS des points d\'accès', 'text'),
'gruik' =>
array('URL des métadatas SAML 2.0 du SP',
'url',
LassoSPKitUtils::relativePathToURL("saml2" . $suffix . "/metadata")),
'gruik2' =>
array('URL des métadatas Liberty 1.2 du SP',
'url',
LassoSPKitUtils::relativePathToURL("liberty" . $suffix . "/metadata")),
'idp_metadata_url' =>
array('URL des métadatas du service d\'authentification',
'text'),
'idp_metadata' =>
array('Métadatas de l\'IdP',
'textarea'),
'clear_pkey' =>
array('Génère une clé privée, même si une existe déjà',
'checkbox'),
'federate' =>
array('Stockage de la fédération',
'select',
array('no' => 'Non',
'MySql' => 'Via MySql',
'File' => 'Via le filesystem')),
'mysql_host' => array('Host de la base MySql'),
'mysql_user' => array('Identifiant sur la base'),
'mysql_password' => array('Mot de passe sur la base', 'password'),
'mysql_database' => array('Nom de la base'),
'mysql_table' => array('Nom de la table'),
'lasso_lib' => array('Emplacement de la bibliothèque Lasso PHP'),
'cookiename' => array('Cookiename', 'text'),
'default_return_url' => array('URL de retour par défaut', 'text'));
}
function itype($name) {
if (isset($this->special_input[$name][1])) {
return $this->special_input[$name][1];
}
return 'text';
}
function icaption($name) {
if (isset($this->special_input[$name][0])) {
return $this->special_input[$name][0];
}
return $name;
}
function value($name) {
switch ($name) {
case 'idp_metadata':
return @file_get_contents(LassoSPKitHelper::getIdpMetadataFile());
case 'baseUrl':
return LassoSPKitUtils::mydir();
}
$val = null;
try {
$val = LassoSPKitConfig::get($name);
} catch (Exception $e) {
}
if ($val) {
return $val;
} else {
return '';
}
}
function msg($mess) {
echo htmlspecialchars(gettext($mess));
}
function render_form() {
echo '<head>', "\n";
echo '<title>';
$this->msg('Configuration du SP-Kit LassoSPKit');
echo '</title>', "\n";
echo '<body>', "\n";
echo '<h1>', "\n";
$this->msg('Configuration du SP-kit LassoSPKit');
echo '</h1>', "\n";
echo '<form action="' . htmlspecialchars(LassoSPKitUtils::myself()) . '" method="post">', "\n";
echo ' <table>', "\n";
foreach ($this->special_input as $k => $v) {
echo '<tr><td>';
$this->msg($this->icaption($k));
echo '</td><td>';
$actual = $this->value($k);
$type = $this->itype($k);
switch ($type) {
case 'textarea':
echo '<textarea name="' . $k . '" cols="80" row="20">';
$this->msg($actual);
echo '</textarea>';
break;
case 'select':
echo '<select name="' . $k . '" size="1">';
foreach ($v[2] as $x => $y) {
echo '<option value="' . $x . '"';
if ($actual == $x) {
echo ' selected ';
}
echo '>';
$this->msg($y);
echo '</option>';
}
echo '</select>';
break;
case 'text':
echo '<input name="' . $k . '"';
echo 'type="text" size="80" value="' . $actual . '"/>';
break;
case 'url':
echo '<a href="';
$this->msg($v[2]);
echo '">';
$this->msg($v[2]);
echo '</a>';
break;
default:
echo '<input name="' . $k . '"';
echo 'type="' . $type . '" ';
if ($actual) {
echo 'value="' . $actual . '" ';
}
echo '/>';
break;
}
echo '</td></tr>', "\n";
}
echo '<tr><td/><td><input type="submit" value="Modifier"/></td></tr>', "\n";
echo '</table>', "\n";
echo '</body>', "\n";
}
function importConfigFromPost($post) {
foreach (LassoSPKitConfig::keys() as $k) {
if (isset($post[$k]))
{
LassoSPKitConfig::set($k, $post[$k]);
}
}
LassoSPKitConfig::commit();
}
function validateMetadata($file) {
return LassoSPKitHelper::getConformance($file);
}
function getIdpMeta($idpMeta, $idpMetaUrl, &$conformance, &$error) {
if (! $idpMeta && ! $idpMetaUrl) {
throw new Exception("illegal argument");
}
$file = tempnam(TEMPDIR, "idp-metadata-temp");
$ok = 0;
if ($idpMetaUrl) {
$idpMeta = @file_get_contents($idpMetaUrl);
$ok = ($idpMeta != null);
if ($ok) {
$ok = @file_put_contents($file, $idpMeta);
if ($ok) {
$conformance = $this->validateMetadata($file);
$ok = ($conformance != -1);
if (! $ok) {
$error = "GetIDPMeta: Retrieved metadatas non conformant";
}
} else {
$error = "GetIDPMeta: Cannot store retrieved IdP metadatas";
}
} else {
$error = "GetIDPMeta: Cannot retrieve metadatas from the given URL: $idpMetaUrl";
}
}
if (! $ok && $idpMeta) {
$ok = @file_put_contents($file, $idpMeta);
if ($ok) {
$conformance = $this->validateMetadata($file);
$ok = ($conformance != -1);
if (! $ok) {
$error = "GetIDPMeta: Metadatas non conformant";
}
} else {
$error = "GetIDPMeta: Cannot store given IdP metadatas";
}
}
if ($ok) {
return $file;
} else {
@unlink($file);
return FALSE;
}
}
function generateSPMetadata($conformance, $organization, $publickey, &$error) {
$spmeta = LassoSPKitHelper::getMetadataDir($conformance) . "/" . SP_METADATA;
$base = LassoSPKitConfig::get('baseUrl');
switch ($conformance) {
case LASSO_PROTOCOL_SAML_2_0:
$meta = LassoSPKitMetadataSAML2::generateMetadata($base, $organization, array('publickey' => $publickey));
LassoSPKitConfig::set('conformance', 'saml2');
break;
case LASSO_PROTOCOL_LIBERTY_1_0:
case LASSO_PROTOCOL_LIBERTY_1_1:
case LASSO_PROTOCOL_LIBERTY_1_2:
$meta = LassoSPKitMetadataLiberty::generateMetadata($base, $organization, $publickey);
LassoSPKitConfig::set('conformance', 'liberty');
break;
default:
throw new Exception("illegal argument");
}
$ok = file_put_contents($spmeta, $meta);
if (! $ok) {
$error = "GenerateSPMetadata: Cannot save generated sp metadatas in $spmeta ";
return 0;
}
return 1;
}
function makeConfig($organization, $idpMeta, $idpMetaUrl, $removePrivateKey, &$error) {
$base = lassospkit_datadir();
// Get idp metadatas
$file = $this->getIdpMeta($idpMeta, $idpMetaUrl, $conformance, $error);
if (! $file) {
return 0;
}
$metabase = LassoSPKitHelper::getMetadataDir($conformance);
if (! is_dir($metabase)) {
if (! @mkdir($metabase, 0755, 1)) {
$error = "MakeConfig: Cannot create directory $metabase";
return 0;
}
}
if (! LassoSPKitUtils::checkCanWrite($metabase, $error)) {
return 0;
}
if (! LassoSPKitUtils::checkCanWrite($base, $error)) {
return 0;
}
$idpmeta = LassoSPKitHelper::getIdpMetadataFile();
if (! ($contents = @file_get_contents($file)) || ! @file_put_contents($idpmeta, $contents)) {
$error = "MakeConfig: Cannot move idp temporary files to final place";
return 0;
}
@unlink($file);
// Create local metadatas
$pkey = $metabase . "/" . PRIVATE_KEY;
if (! is_file($pkey) || $removePrivateKey) {
@unlink($pkey);
if (! LassoSPKitUtils::generatePrivateKey($pkey, $error)) {
return 0;
}
}
$publickey = null; // Will contain the publickey
if (! LassoSPKitUtils::extractPublicKey($pkey, $publickey, $error)) {
return 0;
}
if (! $this->generateSPMetadata($conformance,
LassoSPKitConfig::get('organization'),
$publickey,
$error)) {
return 0;
}
return 1;
}
}
View Git Blame Copy Permalink