[consentAdmin] The userid is now taken from the userid.attribute.

If 'ServiceURL' is set for a service in metadata, a link to that URL are created in consentAdmin, to let users easy access the given service. git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2673 44740490-163a-0410-bde0-09ae8108e29a

[consentAdmin] The userid is now taken from the userid.attribute.
691e141f · Jacob Christiansen · f359bf1c · 691e141f · 691e141f · 691e141f
Commit 691e141f authored 14 years ago by Jacob Christiansen
--- a/modules/consentAdmin/docs/consentAdmin.txt
+++ b/modules/consentAdmin/docs/consentAdmin.txt
 Installing and configuring the consentAdmin module
 ==================================================

-the consentAdmin module is an addon to the consent module. This emans that
-you can not use the consentAdmin without the consent module. If you have not
+The consentAdmin module is an addon to the consent module. This means that
+you can not use consentAdmin without the consent module. If you have not
 installed and configured the consent module, please do.

  * [How to install and configure the consent module](consent:consent)
@@ -23,7 +23,7 @@ Next you need to copy the module config file to the config directory:

 Then you will need to set up the database. The consentAdmin uses the same
 table as the consent module, but you still need the set the correct
-credentials in the cinfig file. Example:
+credentials in the config file. Example:

 	'consentadmin'  => array(
 		'consent:Database',
@@ -36,7 +36,7 @@ Notice that credentials usualy is the same as for the consent module, but
 can be different.

 Go to the frontpage of your SimpleSAMLphp installation. A link to the
-consentAdmin has been added to the frontpage.
+consentAdmin module has been added to the frontpage.

 Setting optional parameters
 ---------------------------

--- a/modules/consentAdmin/templates/consentadmin.php
+++ b/modules/consentAdmin/templates/consentadmin.php
@@ -75,9 +75,13 @@ span.showhide {
 			foreach ($spList AS $spName => $spValues) {
 				$this->includeInlineTranslation('spname', $spValues['name']);
 				$this->includeInlineTranslation('spdescription', $spValues['description']);
-				$htmlSpName = htmlspecialchars($this->t('spname', array(), false, true));
+                if (!is_null($spValues['serviceurl'])) {
+                    $htmlSpName = '<a href="' . $spValues['serviceurl'] . '" style="color: black; font-weight: bold;">' . htmlspecialchars($this->t('spname', array(), false, true)) . '</a>';
+                } else {
+                    $htmlSpName = htmlspecialchars($this->t('spname', array(), false, true));
+                }
 				$spDescription = htmlspecialchars($this->t('spdescription',array(), false, true));
-				$checkedAttr = $spValues['consentStatus'] == 'ok' ? "checked='yes'" : "";
+				$checkedAttr = $spValues['consentStatus'] == 'ok' ? 'checked="checked"' : '';
 				$consentValue = $spValues['consentValue'];
 				$consentText = $spValues['consentStatus'] == 'changed' ? "attributes has changed" : "";
 				$row_class = ($show_spid % 2) ? "row0" : "row1";
@@ -86,7 +90,6 @@ span.showhide {
 <td>
 	<table>
 	  <tr class="$row_class"><td><span class='caSPName'><span title='$spDescription'>$htmlSpName</span>&emsp;<span style="font-size: 80%;"onclick="javascript:toggleShowAttributes('$show_spid');"><span id=showing_$show_spid >$show_text</span><span id=hiding_$show_spid style='display:none;'>$hide_text</span> $attributes_text</span></span></td>
-	  <!-- <tr><td><a class="orange" href="javascript:toggleShowAttributes('$show_spid');">$show_hide_attributes</a></td></tr> -->
 	  <tr><td colspan="2" class="caAttributes"><div id="attributes_$show_spid" style="display: none;">
 TRSTART;
 				$attributes = $spValues['attributes_by_sp'];

--- a/modules/consentAdmin/www/consentAdmin.php
+++ b/modules/consentAdmin/www/consentAdmin.php
@@ -49,7 +49,7 @@ function driveProcessingChain($idp_metadata, $source, $sp_metadata, $sp_entityid
 	$targeted_id    = sspmod_consent_Auth_Process_Consent::getTargetedID($userid, $source, $destination);
 	$attribute_hash = sspmod_consent_Auth_Process_Consent::getAttributeHash($attributes, $hashAttributes);

-	SimpleSAML_Logger::info('consentAdmin: user: ' . $hashed_user_id);
+	SimpleSAML_Logger::info('consentAdmin: user: ' . $userid);
 	SimpleSAML_Logger::info('consentAdmin: target: ' . $targeted_id);
 	SimpleSAML_Logger::info('consentAdmin: attribute: ' . $attribute_hash);

@@ -78,8 +78,28 @@ $as->requireAuth();
 // Get released attributes
 $attributes = $as->getAttributes();

+// Get metadata storage handler
+$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
+
+/*
+ * Get IdP id and metadata
+ */
+if($as->getAuthData('saml:sp:IdP') !== NULL) {
+	/*
+	 * From a remote idp (as bridge)
+ 	 */
+	$idp_entityid = $as->getAuthData('saml:sp:IdP');
+	$idp_metadata = $metadata->getMetaData($idp_entityid, 'saml20-idp-remote');
+} else {
+	/*
+	 * from the local idp
+	 */
+	$idp_entityid = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
+	$idp_metadata = $metadata->getMetaData($idp_entityid, 'saml20-idp-hosted');
+}
+
 // Get user ID
-$userid_attributename = $config->getValue('consent_userid', 'eduPersonPrincipalName');
+$userid_attributename = (isset($idp_metadata['userid.attribute']) && is_string($idp_metadata['userid.attribute'])) ? $idp_metadata['userid.attribute'] : 'eduPersonPrincipalName';
 $userids = $attributes[$userid_attributename];
 		
 if (empty($userids)) {
@@ -89,9 +109,6 @@ if (empty($userids)) {

 $userid = $userids[0];

-// Get metadata storage handler
-$metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
-
 // Get all SP metadata
 $all_sp_metadata = $metadata->getList('saml20-sp-remote');

@@ -107,23 +124,6 @@ if (!empty($_GET['action'])) {

 SimpleSAML_Logger::critical('consentAdmin: sp: ' .$sp_entityid.' action: '.$action);

-/*
- * Get IdP id and metadata
- */
-if($as->getAuthData('saml:sp:IdP') !== NULL) {
-	/*
-	 * From a remote idp (as bridge)
- 	 */
-	$idp_entityid = $as->getAuthData('saml:sp:IdP');
-	$idp_metadata = $metadata->getMetaData($idp_entityid, 'saml20-idp-remote');
-} else {
-	/*
-	 * from the local idp
-	 */
-	$idp_entityid = $metadata->getMetaDataCurrentEntityID('saml20-idp-hosted');
-	$idp_metadata = $metadata->getMetaData($idp_entityid, 'saml20-idp-hosted');
-}
-
 // Remove services, whitch have consent disabled
 if(isset($idp_metadata['consent.disable'])) {
    foreach($idp_metadata['consent.disable'] AS $disable) {
@@ -223,6 +223,8 @@ foreach ($all_sp_metadata as $sp_entityid => $sp_values) {
 	// Set name of SP
 	if(isset($sp_values['name']) && is_array($sp_values['name'])) {
 		$sp_name = $sp_metadata['name'];
+    } else if(isset($sp_values['name']) && is_string($sp_values['name'])) {
+		$sp_name = $sp_metadata['name'];
 	} elseif(isset($sp_values['OrganizationDisplayName']) && is_array($sp_values['OrganizationDisplayName'])) {
 		$sp_name = $sp_metadata['OrganizationDisplayName'];
 	} else {
@@ -236,6 +238,9 @@ foreach ($all_sp_metadata as $sp_entityid => $sp_values) {
 		$sp_description = $sp_metadata['description'];
 	}

+    // Add an URL to the service if present in metadata
+    $sp_service_url = isset($sp_metadata['ServiceURL']) ? $sp_metadata['ServiceURL'] : null;
+
 	// Fill out array for the template
 	$sp_list[$sp_entityid] = array(
 		'spentityid' => $sp_entityid,
@@ -244,6 +249,7 @@ foreach ($all_sp_metadata as $sp_entityid => $sp_values) {
 		'consentStatus' => $sp_status,
 		'consentValue' => $sp_entityid,
 		'attributes_by_sp' => $attributes_new,
+        'serviceurl' => $sp_service_url,
 	);
 }