Adding graceful non-javascript support to iframe based SLO

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@905 44740490-163a-0410-bde0-09ae8108e29a

templates/default/logout-iframe.php

 <?php 
-
 	
-	$this->data['head'] .= '<script type="text/javascript" language="JavaScript">
-// use pre-formatted output for this multiplication table
-var j;	// loop variables
+	
+	$this->data['head'] .= '
+<script type="text/javascript" src="/' . $this->data['baseurlpath']. 'resources/script.js"></script>	
+<script type="text/javascript" language="JavaScript">
 
-xajax_updateslostatus();
-for (j=1; j<=10; j++) {
-	setTimeout(\'xajax_updateslostatus()\',j*1000)
+function showdiv(id) {
+	//safe function to show an element with a specified id
+		  
+	if (document.getElementById) { // DOM3 = IE5, NS6
+		document.getElementById(id).style.display = \'block\';
+	}
+	else {
+		if (document.layers) { // Netscape 4
+			document.id.display = \'block\';
+		}
+		else { // IE 4
+			document.all.id.style.display = \'block\';
+		}
+	}
 }
-</script>';
 
+function init_updateslostatus() {
+	// use pre-formatted output for this multiplication table
+	var j;	// loop variables
+	for (j=1; j<=10; j++) {
+		setTimeout(\'xajax_updateslostatus()\',j*1000)
+	}
+}
+</script>';
 
+	$this->data['onLoad'] = ' init_updateslostatus();';
+	
 	$this->includeAtTemplateBase('includes/header.php');
 	
 #	$this->includeLanguageFile('consent.php'); 
@@ -19,40 +39,59 @@ for (j=1; j<=10; j++) {
 #	$this->includeInlineTranslation('IDPNAME', $this->data['idp_name']);
 ?>
 
-	<div id="content">
-		<?php
-		
-		$requestername = is_array($this->data['requesterName']) ? 
-			$this->getTranslation($this->data['requesterName']) : $this->data['requesterName'];
+
+		<div id="a" style="display: none; background: blue; width: 10px; height: 10px">Poot</div>
 		
-		?>
-		<p>You have initiated a <strong>global logout</strong> from the service <strong><?php echo $requestername; ?></strong>. Global logout means you will be logged out from all services connected to this identity provider. This page will show the status of the logout proccess for all of the services you are logged into.</p>
+	<div id="content">
 	
 
-		<?php
 		
-
-			
-			foreach ($this->data['sparray'] AS $sp) {
-				echo '<iframe class="hiddeniframe" style="border: 1px solid #888; width: 80%; height: 100px" src="' . $sp['url'] . '" ></iframe>';
-			}
+		<noscript>
+			<div id="nojavascriptframe">
+				<iframe style="margin: 1em; width: 90%; height: 5em; border: 1px solid #eee" src="SingleLogoutServiceiFrameNoJavascript.php?response=<?php echo urlencode($this->data['logoutresponse']); ?>"></iframe>			
+			</div>
+		</noscript>
+		<div id="requirejavascript" style="display: none">
+		
+			<noscript><div style="background: #500; color: white; border: 1px solod #300">Ignore the logout indicators below. They will not be updated as your browser do not support javascript. Logout will still work.</div></noscript>
+		
+			<?php
 			
-			foreach ($this->data['sparray'] AS $spentityid => $sp) {
+			$requestername = is_array($this->data['requesterName']) ? 
+				$this->getTranslation($this->data['requesterName']) : $this->data['requesterName'];
 			
-				$spname = is_array($sp['name']) ? $this->getTranslation($sp['name']) : $sp['name'];
-				echo '<div class="inprogress" id="' . $spentityid . '">
-					<img style="float: left; margin: 3px" src="/' . $this->data['baseurlpath'] . 'resources/progress.gif" />Wait... is logging out from <strong>' . $spname . '</strong></div>';
-			}
+			?>
+			<p>You have initiated a <strong>global logout</strong> from the service <strong><?php echo $requestername; ?></strong>. Global logout means you will be logged out from all services connected to this identity provider. This page will show the status of the logout proccess for all of the services you are logged into.</p>
+		
+	
+			<?php
+
+				foreach ($this->data['sparray'] AS $sp) {
+					echo '<iframe class="hiddeniframe" style="border: 1px solid #888; width: 80%; height: 100px" src="' . $sp['url'] . '" ></iframe>' . "\n";
+				}
+				
+				foreach ($this->data['sparray'] AS $spentityid => $sp) {
+				
+					$spname = is_array($sp['name']) ? $this->getTranslation($sp['name']) : $sp['name'];
+					echo '<div class="inprogress" id="e' . sha1($spentityid) . '">
+						<img style="float: left; margin: 3px" src="/' . $this->data['baseurlpath'] . 'resources/progress.gif" alt="Progress bar" />Wait... is logging out from <strong>' . $spname . '</strong></div>'  . "\n";
+				}
+				
+			?>
 			
-		?>
+			<div id="interrupt">[ <a href="<?php echo $this->data['logoutresponse']; ?>">Interrupt logging out and go back to service</a> ]</div>
+			<div id="iscompleted">You have successfully logged out from all services listed above.
+				<!-- form method="get" action="<?php echo $this->data['logoutresponse']; ?>">
+					<input type="submit" name="s" value="OK, continue back to <?php echo $this->data['requesterName']; ?> to complete the logout process." />
+				</form  -->
+				<br />[ <a href="<?php echo $this->data['logoutresponse']; ?>">OK, continue back to <?php echo $requestername; ?> to complete the logout process.</a> ]	
+			</div>
+
 		
-		<div id="interrupt">[ <a href="<?php echo $this->data['logoutresponse']; ?>">Interrupt logging out and go back to service</a> ]</div>
-		<div id="iscompleted">You have successfully logged out from all services listed above.
-			<!-- form method="get" action="<?php echo $this->data['logoutresponse']; ?>">
-				<input type="submit" name="s" value="OK, continue back to <?php echo $this->data['requesterName']; ?> to complete the logout process." />
-			</form  -->
-			<br />[ <a href="<?php echo $this->data['logoutresponse']; ?>">OK, continue back to <?php echo $requestername; ?> to complete the logout process.</a> ]
 		</div>
-	</div>
+		
+		<script type="text/javascript" language="JavaScript">
+			showdiv('requirejavascript');
+		</script>
 
-<?php $this->includeAtTemplateBase('includes/footer.php'); ?>
+<?php $this->includeAtTemplateBase('includes/footer.php'); ?>
\ No newline at end of file

www/saml2/idp/SingleLogoutServiceiFrame.php

@@ -117,8 +117,8 @@ function updateslostatus() {
 		
 		$spname = is_array($name) ? $t->getTranslation($name) : $name;
 		
-		$objResponse->addAssign($spentityid, "className", 'loggedout');
-		$objResponse->addAssign($spentityid, "innerHTML", 'Logging out from <strong>' . $spname . '</strong> successfully completed');
+		$objResponse->addAssign('e' . sha1($spentityid), "className", 'loggedout');
+		$objResponse->addAssign('e' . sha1($spentityid), "innerHTML", 'Logging out from <strong>' . $spname . '</strong> successfully completed');
 
 	}
 	
@@ -373,6 +373,26 @@ if (array_key_exists('name', $spmeta)) $spname = $spmeta['name'];
 
 
 
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
 
 $et = new SimpleSAML_XHTML_Template($config, 'logout-iframe.php');
 

www/saml2/idp/SingleLogoutServiceiFrameNoJavascript.php

+<?php
+
+/**
+ * This SAML 2.0 endpoint can receive incomming LogoutRequests. It will also send LogoutResponses, 
+ * and LogoutRequests and also receive LogoutResponses. It is implemeting SLO at the SAML 2.0 IdP.
+ *
+ * @author Andreas Åkre Solberg, UNINETT AS. <andreas.solberg@uninett.no>
+ * @package simpleSAMLphp
+ * @version $Id$
+ */
+
+require_once('../../_include.php');
+
+$config = SimpleSAML_Configuration::getInstance();
+$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
+$session = SimpleSAML_Session::getInstance();
+
+SimpleSAML_Logger::info('SAML2.0 - IdP.SingleLogoutServiceiFrame: Accessing SAML 2.0 IdP endpoint SingleLogoutService (iFrame version)');
+
+if (!$config->getValue('enable.saml20-idp', false))
+	SimpleSAML_Utilities::fatalError(isset($session) ? $session->getTrackID() : null, 'NOACCESS');
+
+try {
+	$idpentityid = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
+} catch (Exception $exception) {
+	SimpleSAML_Utilities::fatalError($session->getTrackID(), 'METADATA', $exception);
+}
+
+SimpleSAML_Logger::debug('SAML2.0 - IdP.SingleLogoutServiceiFrame: Got IdP entity id: ' . $idpentityid);
+
+
+
+$logouttype = 'traditional';
+$idpmeta = $metadata->getMetaDataCurrent('saml20-idp-hosted');
+if (array_key_exists('logouttype', $idpmeta)) $logouttype = $idpmeta['logouttype'];
+
+if ($logouttype !== 'iframe') 
+	SimpleSAML_Utilities::fatalError($session->getTrackID(), 'NOACCESS', new Exception('This IdP is configured to use logout type [' . $logouttype . '], but this endpoint is only available for IdP using logout type [iframe]'));
+
+
+
+SimpleSAML_Logger::info('SAML2.0 - IdP.SingleLogoutServiceiFrameNoJavascript: Accessing SAML 2.0 IdP endpoint SingleLogoutService (iFrame version without javascript support) ');
+
+$config = SimpleSAML_Configuration::getInstance();
+$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
+$session = SimpleSAML_Session::getInstance();
+
+$idpentityid = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
+
+
+if ($session->sp_logout_completed() === TRUE) {
+
+
+	echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+	<title>Logout Update notificator for Non-Javascript Single Log-Out</title>
+</head>
+<body>
+	<p>You are successfully logged out. [ <a target="_top" href="' . htmlentities($_REQUEST['response']) . '">Continue</a> ]</p>
+</body>
+</html>
+';
+
+
+
+} else {
+	echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head>
+	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+	<meta http-equiv="refresh" content="3;url=SingleLogoutServiceiFrameNoJavascript.php?response=' . urlencode($_REQUEST['response']) . '" />
+	<title>Logout Update notificator for Non-Javascript Single Log-Out</title>
+</head>
+<body>
+	<p>
+	<img style="float: left; margin: 3px" src="/' . $config->getBaseURL() . 'resources/progress.gif" alt="Progress bar" />
+	Logout in progress. [ <a target="_top" href="' . htmlentities($_REQUEST['response']) . '">Interrupt</a> ]</p>
+</body>
+</html>
+';
+}
+
+
+?>
\ No newline at end of file

www/saml2/idp/SingleLogoutServiceiFrameResponse.php

@@ -4,19 +4,13 @@
 /**
  * This SAML 2.0 endpoint can receive incomming LogoutResponses. 
  *
- * @author Andreas kre Solberg, UNINETT AS. <andreas.solberg@uninett.no>
+ * @author Andreas Łkre Solberg, UNINETT AS. <andreas.solberg@uninett.no>
  * @package simpleSAMLphp
  * @version $Id$
  */
 
 require_once('../../_include.php');
 
-
-
-sleep(max(0, rand(-3,5)));
-
-
-
 $config = SimpleSAML_Configuration::getInstance();
 $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
 $session = SimpleSAML_Session::getInstance();