Twigify exampleauth (#1183)

5e4ddbb1 · Tim van Dijen · GitHub · 2fd25105 · 5e4ddbb1 · 5e4ddbb1
Unverified Commit 5e4ddbb1 authored 5 years ago by Tim van Dijen Committed by GitHub 5 years ago
--- a/modules/exampleauth/templates/authenticate.twig
+++ b/modules/exampleauth/templates/authenticate.twig
+<!DOCTYPE html>
+<html>
+  <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+    <title>exampleauth login page</title>
+  </head>
+  <body>
+    <h1>exampleauth login page</h1>
+    <p>
+      In this example you can log in with two accounts: <code>student</code> and <code>admin</code>.
+      In both cases, the password is the same as the username.
+    </p>
+    <form method="post" action="?">
+      <p>
+        Username:
+        <input type="text" name="username">
+      </p>
+      <p>
+        Password:
+        <input type="text" name="password">
+      </p>
+      <input type="hidden" name="ReturnTo" value="{{ returnTo|escape('html') }}">
+      <p><input type="submit" value="Log in"></p>
+    </form>
+{% if badUserPass == true %}
+    <p>!!! Bad username or password !!!</p>
+{% endif %}
+  </body>
+</html>
--- a/modules/exampleauth/www/authpage.php
+++ b/modules/exampleauth/www/authpage.php
@@ -15,7 +15,7 @@ if (!isset($_REQUEST['ReturnTo'])) {

 $returnTo = \SimpleSAML\Utils\HTTP::checkURLAllowed($_REQUEST['ReturnTo']);

-/*
+/**
 * The following piece of code would never be found in a real authentication page. Its
 * purpose in this example is to make this example safer in the case where the
 * administrator of the IdP leaves the exampleauth-module enabled in a production
@@ -24,19 +24,18 @@ $returnTo = \SimpleSAML\Utils\HTTP::checkURLAllowed($_REQUEST['ReturnTo']);
 * What we do here is to extract the $state-array identifier, and check that it belongs to
 * the exampleauth:External process.
 */
-
 if (!preg_match('@State=(.*)@', $returnTo, $matches)) {
    die('Invalid ReturnTo URL for this example.');
 }
-\SimpleSAML\Auth\State::loadState(urldecode($matches[1]), 'exampleauth:External');

-/*
+/**
 * The loadState-function will not return if the second parameter does not
 * match the parameter passed to saveState, so by now we know that we arrived here
 * through the exampleauth:External authentication page.
 */
+\SimpleSAML\Auth\State::loadState(urldecode($matches[1]), 'exampleauth:External');

-/*
+/**
 * Our list of users.
 */
 $users = [
@@ -56,7 +55,7 @@ $users = [
    ],
 ];

-/*
+/**
 * Time to handle login responses.
 * Since this is a dummy example, we accept any data.
 */
@@ -85,35 +84,11 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    }
 }

-/*
+/**
 * If we get this far, we need to show the login page to the user.
 */
-?><!DOCTYPE html>
-<html>
-<head>
-<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
-<title>exampleauth login page</title>
-</head>
-<body>
-<h1>exampleauth login page</h1>
-<p>
-In this example you can log in with two accounts: <code>student</code> and <code>admin</code>.
-In both cases, the password is the same as the username.
-</p>
-<?php if ($badUserPass) { ?>
-<p>Bad username or password.</p>
-<?php } ?>
-<form method="post" action="?">
-<p>
-Username:
-<input type="text" name="username">
-</p>
-<p>
-Password:
-<input type="text" name="password">
-</p>
-<input type="hidden" name="ReturnTo" value="<?php echo htmlspecialchars($returnTo); ?>">
-<p><input type="submit" value="Log in"></p>
-</form>
-</body>
-</html>
+$config = \SimpleSAML\Configuration::getInstance();
+$t = new \SimpleSAML\XHTML\Template($config, 'exampleauth:authenticate.twig');
+$t->data['badUserPass'] = $badUserPass;
+$t->data['returnTo'] = $returnTo;
+$t->show();