From 10a8f12b5f7cf3ccd910bcb3d56f6d4fe7c1bfe4 Mon Sep 17 00:00:00 2001
From: Pavel Vyskocil <pavel.vyskocil@cesnet.cz>
Date: Fri, 29 Oct 2021 15:43:57 +0200
Subject: [PATCH] feat: don't sign in user automatically

Show page with description and sign in button if user is not authenticated.
Allow user to log out.
---
 dictionaries/attribute_check.definition.json | 16 ++++
 templates/attribute_check-tpl.php            | 87 +++++++++++++-------
 www/attribute_check.php                      |  4 +-
 www/res/css/attribute_check.css              |  7 +-
 4 files changed, 78 insertions(+), 36 deletions(-)

diff --git a/dictionaries/attribute_check.definition.json b/dictionaries/attribute_check.definition.json
index 912ca06..a3c4242 100644
--- a/dictionaries/attribute_check.definition.json
+++ b/dictionaries/attribute_check.definition.json
@@ -1,6 +1,22 @@
 {
+  "header": {
+    "en": "Attribute conformance",
+    "cs": "Kontrola atributĹŻ"
+  },
   "show_hide_btn": {
     "en": "Show / Hide all attributes",
     "cs": "Zobrazit / Skrýt všechny atributy"
+  },
+  "sign_in_text": {
+    "en": "Welcome to the service for verifying Identity Provider conformance. This service will help you configure your Identity Provider (or report to its administrator) the status of meeting the requirements to work with the AAI. <br/> Hit the sign-in button below to initiate the login process. By doing so, you will have to select the Identity Provider, which you want to use for login. After authenticating with your credentials, you will be presented with status information, describing if the requirements have been met or not.",
+    "cs": "Vítejte na službě pro ověření kompatibility Vašeho poskytovatele identit. Tato služba Vám pomůže při konfiguraci Identity Providera splnit požadavky AAI. <br/> Pokračujte tlačítkem Přihlásit se na výběr poskytovatele identit. Po přihlášení Vám bude zobrazen stav kompatibility s AAI."
+  },
+  "sign_in_btn": {
+    "en": "Sign in",
+    "cs": "Přihlásit se"
+  },
+  "log_out_btn": {
+    "en": "Log out",
+    "cs": "Odhlásit se"
   }
 }
diff --git a/templates/attribute_check-tpl.php b/templates/attribute_check-tpl.php
index 7cfe8cf..683647c 100644
--- a/templates/attribute_check-tpl.php
+++ b/templates/attribute_check-tpl.php
@@ -10,9 +10,9 @@ use SimpleSAML\Module\attribute_check\AttributeCheck;
  *
  * @var SimpleSAML\XHTML\Template $this
  */
-$attributes = $this->data['attributes'];
-$attributesGroupConfiguration = $this->data['attributes_group_config'];
 
+$attributesGroupConfiguration = $this->data['attributes_group_config'];
+$as = $this->data['as'];
 
 $this->data['header'] = '';
 $this->data['head'] = '<link rel="stylesheet" media="screen" type="text/css" href="' .
@@ -25,43 +25,66 @@ $this->data['head'] .= '<script src="' . Module::getModuleUrl(
 
 $this->includeAtTemplateBase('includes/header.php');
 
-foreach ($attributesGroupConfiguration as $group) {
-    echo AttributeCheck::handleAttributesGroup($this, $group, $attributes);
+echo '<h1>' . $this->t('{attribute_check:attribute_check:header}') . '</h1>';
+
+if (! $as->isAuthenticated()) {
+    echo "<div class='mt-5'>";
+    echo '<div>' . $this->t('{attribute_check:attribute_check:sign_in_text}') . '</div>';
+    echo sprintf(
+        "<a class='btn btn-primary text-light mt-5' href='%s'>%s</a>",
+        $as->getLoginURL(),
+        $this->t('{attribute_check:attribute_check:sign_in_btn}')
+    );
+    echo '</div>';
 }
 
-?>
-    <div>
-        <button class="btn btn-primary btn-show-hide" type="button" data-bs-toggle="collapse" data-bs-target="#all_attributes" aria-expanded="false" aria-controls="all_attributes">
-            <?php
-            echo $this->t('{attribute_check:attribute_check:show_hide_btn}');
-            ?>
-        </button>
-    </div>
-<?php
+if ($as->isAuthenticated()) {
+    $attributes = $as->getAttributes();
 
-echo "<div class='collapse attributes_block' id='all_attributes'>";
-foreach ($attributes as $attributeName => $attributeValue) {
-    echo "<div class='row attribute_row'>";
-    echo "<div class='col-md-4 attribute_name'>";
-    echo '<div>' . $attributeName . '</div>';
-    echo '</div>';
+    foreach ($attributesGroupConfiguration as $group) {
+        echo AttributeCheck::handleAttributesGroup($this, $group, $attributes);
+    } ?>
+        <div>
+            <button aria-controls="all_attributes" aria-expanded="false" class="btn btn-primary btn-show-hide"
+                    data-bs-target="#all_attributes" data-bs-toggle="collapse" type="button">
+                <?php
+                echo $this->t('{attribute_check:attribute_check:show_hide_btn}'); ?>
+            </button>
+        </div>
+    <?php
+
+    echo "<div class='collapse attributes_block' id='all_attributes'>";
+    foreach ($attributes as $attributeName => $attributeValue) {
+        echo "<div class='row attribute_row'>";
+        echo "<div class='col-md-4 attribute_name'>";
+        echo '<div>' . $attributeName . '</div>';
+        echo '</div>';
 
-    echo "<div class='col-md-8 attribute_value'>";
-    if (count($attributeValue) > 1) {
-        echo '<ul>';
-        foreach ($attributeValue as $value) {
-            echo '<li>' . $value . '</li>';
+        echo "<div class='col-md-8 attribute_value'>";
+        if (count($attributeValue) > 1) {
+            echo '<ul>';
+            foreach ($attributeValue as $value) {
+                echo '<li>' . $value . '</li>';
+            }
+            echo '</ul>';
+        } elseif (count($attributeValue) === 1) {
+            echo '<div>' . $attributeValue[0] . '</div>';
+        } else {
+            echo '<div></div>';
         }
-        echo '</ul>';
-    } elseif (count($attributeValue) === 1) {
-        echo '<div>' . $attributeValue[0] . '</div>';
-    } else {
-        echo '<div></div>';
-    }
 
+        echo '</div>';
+        echo '</div>';
+    }
     echo '</div>';
-    echo '</div>';
 }
-echo '</div>';
+
+if ($as->isAuthenticated()) {
+    echo sprintf(
+        "<a class='btn btn-light text-dark' href='%s'>%s</a>",
+        $as->getLogoutURL(),
+        $this->t('{attribute_check:attribute_check:log_out_btn}')
+    );
+}
 
 $this->includeAtTemplateBase('includes/footer.php');
diff --git a/www/attribute_check.php b/www/attribute_check.php
index 03621e6..b940a6b 100644
--- a/www/attribute_check.php
+++ b/www/attribute_check.php
@@ -15,8 +15,6 @@ require_once($baseDir . '/lib/_autoload.php');
 const CONFIG_FILE_NAME = 'config_attribute_check.php';
 
 $as = new Simple('default-sp');
-$as->requireAuth();
-$attributes = $as->getAttributes();
 
 $config = Configuration::getInstance();
 $conf = Configuration::getConfig(CONFIG_FILE_NAME);
@@ -25,5 +23,5 @@ $attributesGroupConfiguration = $conf->getArray('attribute_groups');
 
 $t = new Template($config, 'attribute_check:attribute_check-tpl.php');
 $t->data['attributes_group_config'] = $attributesGroupConfiguration;
-$t->data['attributes'] = $attributes;
+$t->data['as'] = $as;
 $t->show();
diff --git a/www/res/css/attribute_check.css b/www/res/css/attribute_check.css
index 607d894..d56e52d 100644
--- a/www/res/css/attribute_check.css
+++ b/www/res/css/attribute_check.css
@@ -22,9 +22,14 @@ body, .btn {
     word-break: break-word;
 }
 
-.btn-show-hide {
+.btn {
     margin: 25px 10%;
     width: 80%;
     padding: 10px 25px;
     font-weight: bold;
+    color: white;
+}
+
+a:link {
+    font-weight: bold;
 }
-- 
GitLab