diff --git a/modules/consent/templates/consentform.php b/modules/consent/templates/consentform.php
index 338434d195df5928c13569ea8ac5f80e63d950f9..2f5edf7b96563662e8f0126ed00b54bb6704d9e4 100644
--- a/modules/consent/templates/consentform.php
+++ b/modules/consent/templates/consentform.php
@@ -3,119 +3,50 @@
* Template form for giving consent.
*
* Parameters:
- * - 'srcMetadata': Metadata/configuration for the source.
- * - 'dstMetadata': Metadata/configuration for the destination.
* - 'yesTarget': Target URL for the yes-button. This URL will receive a POST request.
- * - 'yesData': Parameters which should be included in the yes-request.
* - 'noTarget': Target URL for the no-button. This URL will receive a GET request.
- * - 'noData': Parameters which should be included in the no-request.
- * - 'attributes': The attributes which are about to be released.
* - 'sppp': URL to the privacy policy of the destination, or FALSE.
*
* @package SimpleSAMLphp
*/
-assert(is_array($this->data['srcMetadata']));
-assert(is_array($this->data['dstMetadata']));
assert(is_string($this->data['yesTarget']));
-assert(is_array($this->data['yesData']));
assert(is_string($this->data['noTarget']));
-assert(is_array($this->data['noData']));
-assert(is_array($this->data['attributes']));
-assert(is_array($this->data['hiddenAttributes']));
assert($this->data['sppp'] === false || is_string($this->data['sppp']));
// Parse parameters
-if (array_key_exists('name', $this->data['srcMetadata'])) {
- $srcName = $this->data['srcMetadata']['name'];
-} elseif (array_key_exists('OrganizationDisplayName', $this->data['srcMetadata'])) {
- $srcName = $this->data['srcMetadata']['OrganizationDisplayName'];
-} else {
- $srcName = $this->data['srcMetadata']['entityid'];
-}
-
-if (is_array($srcName)) {
- $srcName = $this->t($srcName);
-}
-
-if (array_key_exists('name', $this->data['dstMetadata'])) {
- $dstName = $this->data['dstMetadata']['name'];
-} elseif (array_key_exists('OrganizationDisplayName', $this->data['dstMetadata'])) {
- $dstName = $this->data['dstMetadata']['OrganizationDisplayName'];
-} else {
- $dstName = $this->data['dstMetadata']['entityid'];
-}
-
-if (is_array($dstName)) {
- $dstName = $this->t($dstName);
-}
-
-$srcName = htmlspecialchars($srcName);
-$dstName = htmlspecialchars($dstName);
-
-$attributes = $this->data['attributes'];
+$dstName = $this->data['dstName'];
+$srcName = $this->data['srcName'];
$this->data['header'] = $this->t('{consent:consent:consent_header}');
-$this->data['head'] = '<link rel="stylesheet" type="text/css" href="/' .
- $this->data['baseurlpath'] . 'module.php/consent/style.css" />' . "\n";
+$this->data['head'] = '<link rel="stylesheet" type="text/css" href="' .
+ SimpleSAML\Module::getModuleURL("consent/style.css") . '" />' . "\n";
$this->includeAtTemplateBase('includes/header.php');
?>
-<p>
+<p><?php echo $this->data['consent_accept']; ?></p>
+
<?php
-echo $this->t(
- '{consent:consent:consent_accept}',
- array( 'SPNAME' => $dstName, 'IDPNAME' => $srcName)
-);
-
-if (array_key_exists('descr_purpose', $this->data['dstMetadata'])) {
- echo '</p><p>' . $this->t(
- '{consent:consent:consent_purpose}',
- array(
- 'SPNAME' => $dstName,
- 'SPDESC' => $this->getTranslator()->getPreferredTranslation(
- SimpleSAML\Utils\Arrays::arrayize(
- $this->data['dstMetadata']['descr_purpose'],
- 'en'
- )
- ),
- )
- );
+if (isSet($this->data['consent_purpose'])) {
+ echo '<p>' . $this->data['consent_purpose'] . '</p>';
}
?>
-</p>
-
-<form style="display: inline; margin: 0px; padding: 0px"
- action="<?php echo htmlspecialchars($this->data['yesTarget']); ?>">
-<p style="margin: 1em">
+<form id="consent_yes" action="<?php echo htmlspecialchars($this->data['yesTarget']); ?>">
<?php
if ($this->data['usestorage']) {
$checked = ($this->data['checked'] ? 'checked="checked"' : '');
echo '<input type="checkbox" name="saveconsent" ' . $checked .
' value="1" /> ' . $this->t('{consent:consent:remember}');
-}
-
-// Embed hidden fields...
-foreach ($this->data['yesData'] as $name => $value) {
- echo '<input type="hidden" name="' . htmlspecialchars($name) .
- '" value="' . htmlspecialchars($value) . '" />';
-}
+} // Embed hidden fields...
?>
- </p>
+ <input type="hidden" name="StateId" value="<?php echo htmlspecialchars($this->data['stateId']); ?>" />
<button type="submit" name="yes" class="btn" id="yesbutton">
<?php echo htmlspecialchars($this->t('{consent:consent:yes}')) ?>
</button>
</form>
-<form style="display: inline; margin-left: .5em;" action="<?php echo htmlspecialchars($this->data['noTarget']); ?>"
- method="get">
-
-<?php
-foreach ($this->data['noData'] as $name => $value) {
- echo('<input type="hidden" name="' . htmlspecialchars($name) .
- '" value="' . htmlspecialchars($value) . '" />');
-}
-?>
+<form id="consent_no" action="<?php echo htmlspecialchars($this->data['noTarget']); ?>">
+ <input type="hidden" name="StateId" value="<?php echo htmlspecialchars($this->data['stateId']); ?>" />
<button type="submit" class="btn" name="no" id="nobutton">
<?php echo htmlspecialchars($this->t('{consent:consent:no}')) ?>
</button>
@@ -230,6 +161,6 @@ echo '<h3 id="attributeheader">' .
) .
'</h3>';
-echo present_attributes($this, $attributes, '');
+echo $this->data['attributes_html'];
$this->includeAtTemplateBase('includes/footer.php');
diff --git a/modules/consent/templates/noconsent.php b/modules/consent/templates/noconsent.php
index f0bc375b39352f156778df2568c15f791ada594e..313ace97fd073422819342f373ba395c3ee6bec5 100644
--- a/modules/consent/templates/noconsent.php
+++ b/modules/consent/templates/noconsent.php
@@ -1,24 +1,11 @@
<?php
-if (array_key_exists('name', $this->data['dstMetadata'])) {
- $dstName = $this->data['dstMetadata']['name'];
-} elseif (array_key_exists('OrganizationDisplayName', $this->data['dstMetadata'])) {
- $dstName = $this->data['dstMetadata']['OrganizationDisplayName'];
-} else {
- $dstName = $this->data['dstMetadata']['entityid'];
-}
-if (is_array($dstName)) {
- $dstName = $this->t($dstName);
-}
-$dstName = htmlspecialchars($dstName);
-
-
-$this->data['header'] = $this->t('{consent:consent:noconsent_title}');;
+$this->data['header'] = $this->t('{consent:consent:noconsent_title}');
$this->includeAtTemplateBase('includes/header.php');
echo '<h2>' . $this->data['header'] . '</h2>';
-echo '<p>' . $this->t('{consent:consent:noconsent_text}', array('SPNAME' => $dstName)) . '</p>';
+echo '<p>' . $this->data['noconsent_text'] . '</p>';
if ($this->data['resumeFrom']) {
echo('<p><a href="' . htmlspecialchars($this->data['resumeFrom']) . '">');
@@ -32,7 +19,6 @@ if ($this->data['aboutService']) {
echo('</a></p>');
}
-echo('<p><a href="' . htmlspecialchars($this->data['logoutLink']) . '">' . $this->t('{consent:consent:abort}', array('SPNAME' => $dstName)) . '</a></p>');
-
+echo('<p><a href="' . htmlspecialchars($this->data['logoutLink']) . '">' . $this->data['noconsent_abort'] . '</a></p>');
$this->includeAtTemplateBase('includes/footer.php');
diff --git a/modules/consent/www/getconsent.php b/modules/consent/www/getconsent.php
index 37a76f34609f842736b9728c184a9070f107709c..3f2faa0c181d47159a339c7c8d8a775257a7e141 100644
--- a/modules/consent/www/getconsent.php
+++ b/modules/consent/www/getconsent.php
@@ -21,7 +21,7 @@ session_cache_limiter('nocache');
$globalConfig = \SimpleSAML\Configuration::getInstance();
-SimpleSAML\Logger::info('Consent - getconsent: Accessing consent interface');
+\SimpleSAML\Logger::info('Consent - getconsent: Accessing consent interface');
if (!array_key_exists('StateId', $_REQUEST)) {
throw new \SimpleSAML\Error\BadRequest(
@@ -44,9 +44,9 @@ if (array_key_exists('core:SP', $state)) {
// The user has pressed the yes-button
if (array_key_exists('yes', $_REQUEST)) {
if (array_key_exists('saveconsent', $_REQUEST)) {
- SimpleSAML\Logger::stats('consentResponse remember');
+ \SimpleSAML\Logger::stats('consentResponse remember');
} else {
- SimpleSAML\Logger::stats('consentResponse rememberNot');
+ \SimpleSAML\Logger::stats('consentResponse rememberNot');
}
$statsInfo = array(
@@ -73,8 +73,8 @@ if (array_key_exists('yes', $_REQUEST)) {
);
try {
$store->saveConsent($userId, $targetedId, $attributeSet);
- } catch (Exception $e) {
- SimpleSAML\Logger::error('Consent: Error writing to storage: ' . $e->getMessage());
+ } catch (\Exception $e) {
+ \SimpleSAML\Logger::error('Consent: Error writing to storage: ' . $e->getMessage());
}
}
@@ -86,7 +86,7 @@ $attributes = $state['Attributes'];
$noconsentattributes = $state['consent:noconsentattributes'];
// Remove attributes that do not require consent
-foreach ($attributes AS $attrkey => $attrval) {
+foreach ($attributes as $attrkey => $attrval) {
if (in_array($attrkey, $noconsentattributes, true)) {
unset($attributes[$attrkey]);
}
@@ -96,10 +96,28 @@ $para = array(
);
// Reorder attributes according to attributepresentation hooks
-SimpleSAML\Module::callHooks('attributepresentation', $para);
+\SimpleSAML\Module::callHooks('attributepresentation', $para);
+
+// Parse parameters
+if (array_key_exists('name', $state['Source'])) {
+ $srcName = $state['Source']['name'];
+} elseif (array_key_exists('OrganizationDisplayName', $state['Source'])) {
+ $srcName = $state['Source']['OrganizationDisplayName'];
+} else {
+ $srcName = $state['Source']['entityid'];
+}
+
+if (array_key_exists('name', $state['Destination'])) {
+ $dstName = $state['Destination']['name'];
+} elseif (array_key_exists('OrganizationDisplayName', $state['Destination'])) {
+ $dstName = $state['Destination']['OrganizationDisplayName'];
+} else {
+ $dstName = $state['Destination']['entityid'];
+}
// Make, populate and layout consent form
$t = new \SimpleSAML\XHTML\Template($globalConfig, 'consent:consentform.php');
+$translator = $t->getTranslator();
$t->data['srcMetadata'] = $state['Source'];
$t->data['dstMetadata'] = $state['Destination'];
$t->data['yesTarget'] = \SimpleSAML\Module::getModuleURL('consent/getconsent.php');
@@ -108,6 +126,38 @@ $t->data['noTarget'] = \SimpleSAML\Module::getModuleURL('consent/noconsent.php')
$t->data['noData'] = array('StateId' => $id);
$t->data['attributes'] = $attributes;
$t->data['checked'] = $state['consent:checked'];
+$t->data['stateId'] = $id;
+
+$srcName = htmlspecialchars(is_array($srcName) ? $translator->t($srcName) : $srcName);
+$dstName = htmlspecialchars(is_array($dstName) ? $translator->t($dstName) : $dstName);
+
+$t->data['consent_attributes_header'] = $translator->t(
+ '{consent:consent:consent_attributes_header}',
+ array('SPNAME' => $dstName, 'IDPNAME' => $srcName)
+);
+
+$t->data['consent_accept'] = $translator->t(
+ '{consent:consent:consent_accept}',
+ array('SPNAME' => $dstName, 'IDPNAME' => $srcName)
+);
+
+if (array_key_exists('descr_purpose', $state['Destination'])) {
+ $t->data['consent_purpose'] = $translator->t(
+ '{consent:consent:consent_purpose}',
+ array(
+ 'SPNAME' => $dstName,
+ 'SPDESC' => $translator->getPreferredTranslation(
+ \SimpleSAML\Utils\Arrays::arrayize(
+ $state['Destination']['descr_purpose'],
+ 'en'
+ )
+ ),
+ )
+ );
+}
+
+$t->data['srcName'] = $srcName;
+$t->data['dstName'] = $dstName;
// Fetch privacypolicy
if (array_key_exists('privacypolicy', $state['Destination'])) {
@@ -128,22 +178,18 @@ $t->data['sppp'] = $privacypolicy;
// Set focus element
switch ($state['consent:focus']) {
-case 'yes':
- $t->data['autofocus'] = 'yesbutton';
- break;
-case 'no':
- $t->data['autofocus'] = 'nobutton';
- break;
-case null:
-default:
- break;
+ case 'yes':
+ $t->data['autofocus'] = 'yesbutton';
+ break;
+ case 'no':
+ $t->data['autofocus'] = 'nobutton';
+ break;
+ case null:
+ default:
+ break;
}
-if (array_key_exists('consent:store', $state)) {
- $t->data['usestorage'] = true;
-} else {
- $t->data['usestorage'] = false;
-}
+$t->data['usestorage'] = array_key_exists('consent:store', $state);
if (array_key_exists('consent:hiddenAttributes', $state)) {
$t->data['hiddenAttributes'] = $state['consent:hiddenAttributes'];
@@ -151,4 +197,102 @@ if (array_key_exists('consent:hiddenAttributes', $state)) {
$t->data['hiddenAttributes'] = array();
}
+$t->data['attributes_html'] = present_attributes($t, $attributes, '');
+
$t->show();
+
+
+/**
+ * Recursive attribute array listing function
+ *
+ * @param \SimpleSAML\XHTML\Template $t Template object
+ * @param array $attributes Attributes to be presented
+ * @param string $nameParent Name of parent element
+ *
+ * @return string HTML representation of the attributes
+ */
+function present_attributes($t, $attributes, $nameParent)
+{
+ $translator = $t->getTranslator();
+
+ $alternate = array('odd', 'even');
+ $i = 0;
+ $summary = 'summary="' . $translator->t('{consent:consent:table_summary}') . '"';
+
+ if (strlen($nameParent) > 0) {
+ $parentStr = strtolower($nameParent) . '_';
+ $str = '<table class="attributes" ' . $summary . '>';
+ } else {
+ $parentStr = '';
+ $str = '<table id="table_with_attributes" class="attributes" '. $summary .'>';
+ $str .= "\n" . '<caption>' . $translator->t('{consent:consent:table_caption}') .
+ '</caption>';
+ }
+
+ foreach ($attributes as $name => $value) {
+ $nameraw = $name;
+ $name = $translator->getAttributeTranslation($parentStr . $nameraw);
+
+ if (preg_match('/^child_/', $nameraw)) {
+ // insert child table
+ $parentName = preg_replace('/^child_/', '', $nameraw);
+ foreach ($value as $child) {
+ $str .= "\n" . '<tr class="odd"><td class="td_odd">' .
+ present_attributes($t, $child, $parentName) . '</td></tr>';
+ }
+ } else {
+ // insert values directly
+
+ $str .= "\n" . '<tr class="' . $alternate[($i++ % 2)] .
+ '"><td><span class="attrname">' . htmlspecialchars($name) . '</span>';
+
+ $isHidden = in_array($nameraw, $t->data['hiddenAttributes'], true);
+ if ($isHidden) {
+ $hiddenId = \SimpleSAML\Utils\Random::generateID();
+
+ $str .= '<div class="attrvalue hidden" id="hidden_' . $hiddenId . '">';
+ } else {
+ $str .= '<div class="attrvalue">';
+ }
+
+ if (sizeof($value) > 1) {
+ // we hawe several values
+ $str .= '<ul>';
+ foreach ($value as $listitem) {
+ if ($nameraw === 'jpegPhoto') {
+ $str .= '<li><img src="data:image/jpeg;base64,' .
+ htmlspecialchars($listitem) .
+ '" alt="User photo" /></li>';
+ } else {
+ $str .= '<li>' . htmlspecialchars($listitem) . '</li>';
+ }
+ }
+ $str .= '</ul>';
+ } elseif (isset($value[0])) {
+ // we hawe only one value
+ if ($nameraw === 'jpegPhoto') {
+ $str .= '<img src="data:image/jpeg;base64,' .
+ htmlspecialchars($value[0]) .
+ '" alt="User photo" />';
+ } else {
+ $str .= htmlspecialchars($value[0]);
+ }
+ } // end of if multivalue
+ $str .= '</div>';
+
+ if ($isHidden) {
+ $str .= '<div class="attrvalue consent_showattribute" id="visible_' . $hiddenId . '">';
+ $str .= '... ';
+ $str .= '<a class="consent_showattributelink" href="javascript:SimpleSAML_show(\'hidden_' . $hiddenId;
+ $str .= '\'); SimpleSAML_hide(\'visible_' . $hiddenId . '\');">';
+ $str .= $translator->t('{consent:consent:show_attribute}');
+ $str .= '</a>';
+ $str .= '</div>';
+ }
+
+ $str .= '</td></tr>';
+ } // end else: not child table
+ } // end foreach
+ $str .= isset($attributes) ? '</table>' : '';
+ return $str;
+}
diff --git a/modules/consent/www/noconsent.php b/modules/consent/www/noconsent.php
index bccaead3b4b14054b6197f6466c427773a2b5d7f..0c48fb0b0c5b10857973dc271b460ce2897b55a5 100644
--- a/modules/consent/www/noconsent.php
+++ b/modules/consent/www/noconsent.php
@@ -25,7 +25,6 @@ $logoutLink = \SimpleSAML\Module::getModuleURL(
array('StateId' => $id)
);
-
$aboutService = null;
if (!isset($state['consent:showNoConsentAboutService']) || $state['consent:showNoConsentAboutService']) {
if (isset($state['Destination']['url.about'])) {
@@ -39,11 +38,26 @@ if (isset($state['Destination']['entityid'])) {
}
\SimpleSAML\Stats::log('consent:reject', $statsInfo);
+if (array_key_exists('name', $state['Destination'])) {
+ $dstName = $state['Destination']['name'];
+} elseif (array_key_exists('OrganizationDisplayName', $state['Destination'])) {
+ $dstName = $state['Destination']['OrganizationDisplayName'];
+} else {
+ $dstName = $state['Destination']['entityid'];
+}
+
$globalConfig = \SimpleSAML\Configuration::getInstance();
$t = new \SimpleSAML\XHTML\Template($globalConfig, 'consent:noconsent.php');
+$translator = $t->getTranslator();
$t->data['dstMetadata'] = $state['Destination'];
$t->data['resumeFrom'] = $resumeFrom;
$t->data['aboutService'] = $aboutService;
$t->data['logoutLink'] = $logoutLink;
+
+$dstName = htmlspecialchars(is_array($dstName) ? $translator->t($dstName) : $dstName);
+
+$t->data['noconsent_text'] = $translator->t('{consent:consent:noconsent_text}', array('SPNAME' => $dstName));
+$t->data['noconsent_abort'] = $translator->t('{consent:consent:abort}', array('SPNAME' => $dstName));
+
$t->show();
diff --git a/modules/consent/www/style.css b/modules/consent/www/style.css
index 573ca554bd5adf62e97c31f1a5bd6b0914688ab0..33bef3d64a6c17123c12518e796453e5c1465dd4 100644
--- a/modules/consent/www/style.css
+++ b/modules/consent/www/style.css
@@ -33,3 +33,22 @@ table#table_with_attributes ul {
margin: 0px;
padding-left: 1em;
}
+
+form#consent_yes {
+ display: inline;
+ margin: 0px;
+ padding: 0px;
+}
+
+form#consent_no {
+ display: inline;
+ margin-left: .5em;
+}
+
+.hidden {
+ display: none;
+}
+
+td.td_odd {
+ padding: 2em;
+}