* move index.php to exemple1.php
* use the lassospkit sessionid as a real session id for logout * change redirects to relative url around exemple1.php * show attributes * lassospkit_endpoints.php: - store in var $currentHttpMethod the current http method. - add documentation to methods - handle relaystate in slo endpoints
This commit is contained in:
parent
6d9841b60e
commit
dffdd1b050
|
@ -2,10 +2,10 @@
|
|||
require_once('spkitlasso/lassospkit_public_api.inc.php');
|
||||
require_once('spkitlasso/lassospkit_debug.inc.php');
|
||||
require_once('spkitlasso/lassospkit_utils.inc.php');
|
||||
$myself = LassoSPKitUtils::myself();
|
||||
|
||||
if (isset($_SERVER['PATH_INFO']) && $_SERVER['PATH_INFO'] == '/logout') {
|
||||
echo lassospkit_soap_logout();
|
||||
header('Location: ..');
|
||||
lassospkit_soap_logout();
|
||||
header('Location: ../exemple.php');
|
||||
exit(0);
|
||||
}
|
||||
if (isset($_SERVER['PATH_INFO']) && $_SERVER['PATH_INFO'] == '/login') {
|
||||
|
@ -13,7 +13,9 @@ if (isset($_SERVER['PATH_INFO']) && $_SERVER['PATH_INFO'] == '/login') {
|
|||
if (isset($_GET['passive']) && $_GET['passive'] == 1) {
|
||||
$isPassive = true;
|
||||
}
|
||||
echo lassospkit_redirect_login('http://localhost/~bdauvergne/spkittest/',$isPassive);
|
||||
# Very special
|
||||
lassospkit_set_userid(LassoSPKitUtilsSession::getSingleton()->id);
|
||||
lassospkit_redirect_login('../exemple.php',$isPassive);
|
||||
exit(0);
|
||||
}
|
||||
if (isset($_SERVER['PATH_INFO']) && $_SERVER['PATH_INFO'] == '/federate') {
|
||||
|
@ -21,7 +23,13 @@ if (isset($_SERVER['PATH_INFO']) && $_SERVER['PATH_INFO'] == '/federate') {
|
|||
if (isset($_GET['passive']) && $_GET['passive'] == 1) {
|
||||
$isPassive = true;
|
||||
}
|
||||
echo lassospkit_redirect_federate('http://localhost/~bdauvergne/spkittest/',$isPassive);
|
||||
lassospkit_set_userid(LassoSPKitUtilsSession::getSingleton()->id);
|
||||
lassospkit_redirect_federate('../exemple.php',$isPassive);
|
||||
exit(0);
|
||||
}
|
||||
if (isset($_SERVER['PATH_INFO']) && $_SERVER['PATH_INFO'] == '/defederate') {
|
||||
lassospkit_soap_defederate();
|
||||
header('Location: ../exemple.php');
|
||||
exit(0);
|
||||
}
|
||||
echo '<?xml version="1.0" encoding="UTF-8"?>';
|
||||
|
@ -40,12 +48,12 @@ function show($a) {
|
|||
<h1>Points d'accès</h1>
|
||||
<ul>
|
||||
<?
|
||||
show("$myself/logout");
|
||||
show("$myself/login");
|
||||
show("$myself/federate");
|
||||
show("$myself/login?passive=1");
|
||||
show(lassospkit_defederation_url($myself));
|
||||
show(lassospkit_configure_url());
|
||||
echo lassospkit_datadir() . "<br/>";
|
||||
show("exemple.php/logout");
|
||||
show("exemple.php/login");
|
||||
show("exemple.php/federate");
|
||||
show("exemple.php/defederate");
|
||||
show("exemple.php/login?passive=1");
|
||||
|
||||
if (isset($_GET['userid'])) {
|
||||
lassospkit_set_userid($_GET['userid']);
|
||||
|
@ -59,11 +67,12 @@ if ($federation) {
|
|||
lassospkit_set_federation($federation);
|
||||
}
|
||||
?>
|
||||
<li><? echo lassospkit_showCode(var_export($_COOKIE, 1)); ?></li>
|
||||
<li>NameId: <? echo lassospkit_showCode(var_export($nameid,1)) ?></li>
|
||||
<li>UserId: <? echo lassospkit_showCode($userid) ?></li>
|
||||
<li>Error: <? echo lassospkit_showCode($error) ?></li>
|
||||
<li>Federation: <? echo lassospkit_showCode($federation) ?></li>
|
||||
<li>Attributes: <? echo lassospkit_showCode(var_export(lassospkit_get_assertion_attributes(),1)); ?></li>
|
||||
<li>Cookies: <? echo lassospkit_showCode(var_export($_COOKIE, 1)); ?></li>
|
||||
</ul>
|
||||
|
||||
</html>
|
|
@ -9,6 +9,7 @@ require_once('lassospkit_autopersistentsession.inc.php');
|
|||
|
||||
class LassoSPKitEndpoint extends LassoSPKitUrlDispatch {
|
||||
var $relayState = null;
|
||||
var $currentHttpMethod;
|
||||
|
||||
function LassoSPKitEndpoint() {
|
||||
$this->addDispatch('/assertionConsumer', 'assertionConsumer');
|
||||
|
@ -46,40 +47,53 @@ class LassoSPKitEndpoint extends LassoSPKitUrlDispatch {
|
|||
exit(1);
|
||||
}
|
||||
}
|
||||
/** Get the profile object, LassoSPKitSaml2 or LassoSPKitLiberty */
|
||||
function getProfileObject() {
|
||||
throw new Exception('Not implemented');
|
||||
}
|
||||
/** Implementation of an assertion consumer endpoint, it supports
|
||||
ARTIFACT, POST and GET methods */
|
||||
function assertionConsumer() {
|
||||
$ret = 0;
|
||||
$profile = null;
|
||||
try {
|
||||
$profile = $this->getProfileObject();
|
||||
$http_method = $this->limitMethodBrws($this->identifyHttpMethod());
|
||||
$query_string = $this->getQueryString($http_method);
|
||||
$ok = $profile->ssoConsumer($http_method, $query_string);
|
||||
$this->relayState = $profile->relayState;
|
||||
return $ok;
|
||||
} catch (LassoError $e) {
|
||||
return $e->getCode();
|
||||
} catch (Exception $e) {
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
/** Profiles initiés par l'IdP */
|
||||
function sloBrws() {
|
||||
$ret = 0;
|
||||
try {
|
||||
$profile = $this->getProfileObject();
|
||||
$http_method = $this->limitMethodBrws($this->identifyHttpMethod());
|
||||
$query_string = $this->getQueryString($http_method);
|
||||
$ret = $profile->processRequestSLO($http_method, $query_string);
|
||||
$ret = $ok;
|
||||
} catch (LassoError $e) {
|
||||
$ret = $e->getCode();
|
||||
} catch (Exception $e) {
|
||||
$ret = -1;
|
||||
}
|
||||
$this->relayState = $profile->relayState;
|
||||
return $this->handleSso($ret);
|
||||
}
|
||||
/** Implementation of a SLO endpoint. It supports
|
||||
ARTIFACT, GET and POST bindings. */
|
||||
function sloBrws() {
|
||||
$ret = 0;
|
||||
$profile = null;
|
||||
try {
|
||||
$profile = $this->getProfileObject();
|
||||
$http_method = $this->limitMethodBrws($this->identifyHttpMethod());
|
||||
$query_string = $this->getQueryString($http_method);
|
||||
$ret = $profile->processRequestSLO($http_method, $query_string);
|
||||
$this->relayState = $profile->relayState;
|
||||
} catch (LassoError $e) {
|
||||
$ret = $e->getCode();
|
||||
} catch (Exception $e) {
|
||||
$ret = -1;
|
||||
}
|
||||
$this->relayState = $profile->relayState;
|
||||
return $this->handleSlo($ret);
|
||||
}
|
||||
/** Implementation of a SLO endpoint. It supports
|
||||
the SOAP binding. */
|
||||
function sloSoap() {
|
||||
$ret = 0;
|
||||
$profile = null;
|
||||
try {
|
||||
$profile = $this->getProfileObject();
|
||||
$ret = $profile->processSOAPRequestSLO();
|
||||
|
@ -89,11 +103,14 @@ class LassoSPKitEndpoint extends LassoSPKitUrlDispatch {
|
|||
} catch (Exception $e) {
|
||||
$ret = -1;
|
||||
}
|
||||
$this->relayState = $profile->relayState;
|
||||
return $this->handleSlo($ret);
|
||||
}
|
||||
/** Profiles initiés par le SP */
|
||||
/** Implementation of the SLO endpoint return when SLO is initiated
|
||||
by the SP, it supports the POST and GET binding. */
|
||||
function sloReturn() {
|
||||
$ret = 0;
|
||||
$profile = null;
|
||||
try {
|
||||
$profile = $this->getProfileObject();
|
||||
$http_method = $this->limitMethodBrws($this->identifyHttpMethod());
|
||||
|
@ -104,23 +121,28 @@ class LassoSPKitEndpoint extends LassoSPKitUrlDispatch {
|
|||
} catch (Exception $e) {
|
||||
$ret = -1;
|
||||
}
|
||||
$this->relayState = $profile->relayState;
|
||||
return $this->handlSloReturn($ret);
|
||||
}
|
||||
/** Helper function to identify the HTTP method used to access the current
|
||||
* endpoint */
|
||||
function identifyHttpMethod() {
|
||||
$this->currentHttpMethod = -1;
|
||||
if (isset($_POST) && ( isset($_POST['SAMLResponse']) || isset($_POST['SAMLRequest']))) {
|
||||
return LASSO_HTTP_METHOD_POST;
|
||||
$this->currentHttpMethod = LASSO_HTTP_METHOD_POST;
|
||||
}
|
||||
if (isset($_GET) && ( isset($_GET['SAMLResponse']) || isset($_GET['SAMLRequest']) )) {
|
||||
return LASSO_HTTP_METHOD_REDIRECT;
|
||||
$this->currentHttpMethod = LASSO_HTTP_METHOD_REDIRECT;
|
||||
}
|
||||
if (isset($_GET) && ( isset($_GET['SAMLart']))) {
|
||||
return LASSO_HTTP_METHOD_ARTIFACT_GET;
|
||||
$this->currentHttpMethod = LASSO_HTTP_METHOD_ARTIFACT_GET;
|
||||
}
|
||||
if (isset($_POST) && ( isset($_POST['SAMLart']))) {
|
||||
return LASSO_HTTP_METHOD_ARTIFACT_POST;
|
||||
$this->currentHttpMethod = LASSO_HTTP_METHOD_ARTIFACT_POST;
|
||||
}
|
||||
return LASSO_HTTP_METHOD_NONE;
|
||||
return $this->currentHttpMethod;
|
||||
}
|
||||
/** Get the query string depending on the used HTTP method */
|
||||
function getQueryString($http_method) {
|
||||
switch ($http_method) {
|
||||
case LASSO_HTTP_METHOD_POST:
|
||||
|
@ -144,11 +166,18 @@ class LassoSPKitEndpoint extends LassoSPKitUrlDispatch {
|
|||
}
|
||||
return LASSO_HTTP_METHOD_NONE;
|
||||
}
|
||||
/** Dummy function to overload to handle the Sso */
|
||||
function handleSso($ret) {
|
||||
return $ret;
|
||||
}
|
||||
/** Dummy function to overload to handle the IdP
|
||||
* initiated SLO. */
|
||||
function handleSlo($ret) {
|
||||
return $ret;
|
||||
}
|
||||
/** Dummy function to overload to handle the return
|
||||
from the IdP for SP initiated logout. */
|
||||
function handleSloReturn($ret) {
|
||||
return $ret;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Reference in New Issue