Updated the consentAdmin module to support the new SAML module.

NOTE that a parameter have been added and one has changed name in the config file. git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1973 44740490-163a-0410-bde0-09ae8108e29a

Updated the consentAdmin module to support the new SAML module.
NOTE that a parameter have been added and one has changed name in the config file. git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1973 44740490-163a-0410-bde0-09ae8108e29a
7ac39cd3 · Jacob Christiansen · 13eeb394 · 7ac39cd3 · 7ac39cd3 · 7ac39cd3
Commit 7ac39cd3 authored 15 years ago by Jacob Christiansen
--- a/modules/consentAdmin/config-templates/module_consentAdmin.php
+++ b/modules/consentAdmin/config-templates/module_consentAdmin.php
@@ -20,9 +20,14 @@ $config = array(
 	// Hash attributes including values or not
 	'attributes.hash' => TRUE,

-	// Where to direct the user after logout
-	'relaystate' => 'www.wayf.dk',
+	// Where to direct the user after logout.
+    // REMEMBER to prefix with http:// otherwise the relaystate is only appended 
+    // to saml2 logout URL
+	'returnURL' => 'http://www.wayf.dk',

    // Shows description of the services if set to true (defaults to true)
    'showDesription' => true, 
+
+    // Set authority
+    'authority' => 'saml2',
 );
--- a/modules/consentAdmin/templates/consentadmin.php
+++ b/modules/consentAdmin/templates/consentadmin.php
@@ -129,6 +129,6 @@ TRSTART;
 		
 		<h2>Logout</h2>

-			<p><?php echo $this->data['logout']; ?></p>
+			<p><a href="<?php echo SimpleSAML_Utilities::selfURL() . '?logout'; ?>">Logout</a></p>
 		
 <?php $this->includeAtTemplateBase('includes/footer.php'); ?>
--- a/modules/consentAdmin/www/consentAdmin.php
+++ b/modules/consentAdmin/www/consentAdmin.php
@@ -59,24 +59,27 @@ function driveProcessingChain($idp_metadata, $source, $sp_metadata, $sp_entityid

 // Get config object
 $config = SimpleSAML_Configuration::getInstance();
-$cA_config = $config->copyFromBase('consentAdmin', 'module_consentAdmin.php');
+$cA_config = SimpleSAML_Configuration::getConfig('module_consentAdmin.php');

-$hashAttributes = $cA_config->getValue('attributes.hash');
+// If request is a logout request
+if(array_key_exists('logout', $_REQUEST)) {
+    $returnURL = $cA_config->getValue('returnURL');
+	SimpleSAML_Auth_Default::initLogout($returnURL);
+}

-// Get session object
-$session = SimpleSAML_Session::getInstance();
+$hashAttributes = $cA_config->getValue('attributes.hash');
+$authority = $cA_config->getValue('authority');

 /* Check if valid local session exists */
-if (!isset($session) || !$session->isValid('saml2') ) {
-	// Set idpentity to force a specific IdP
-	SimpleSAML_Utilities::redirect('/' . $config->getBaseURL() . '/saml2/sp/initSSO.php',
-		array('RelayState'  => SimpleSAML_Utilities::selfURL())
-	);
-}
+$as = new SimpleSAML_Auth_Simple($authority);
+$as->requireAuth();
+
+// Get released attributes
+$attributes = $as->getAttributes();

 // Get user ID
 $userid_attributename = $config->getValue('consent_userid', 'eduPersonPrincipalName');
-$userids = ($session->getAttribute($userid_attributename));
+$userids = $attributes[$userid_attributename];
 		
 if (empty($userids)) {
 	throw new Exception('Could not generate useridentifier for storing consent. Attribute [' .
@@ -91,9 +94,6 @@ $metadata = SimpleSAML_Metadata_MetaDataStorageHandler::getMetadataHandler();
 // Get all SP metadata
 $all_sp_metadata = $metadata->getList('saml20-sp-remote');

-// Get released attributes
-$attributes = $session->getAttributes();
-
 // Parse action, if any
 $action = null;
 $sp_entityid = null;
@@ -109,6 +109,8 @@ SimpleSAML_Logger::critical('consentAdmin: sp: ' .$sp_entityid.' action: '.$acti
 /*
 * Get IdP id and metadata
 */
+$session = SimpleSAML_Session::getInstance();
+
 if($session->getIdP() != null) {
 	/*
 	 * From a remote idp (as bridge)
@@ -146,7 +148,7 @@ if ($action != null && $sp_entityid != null) {
 	if($action == 'true') {
 		$isStored = $consent_storage->saveConsent($hashed_user_id, $targeted_id, $attribute_hash);
 		if($isStored) {
-			$res =  "added";
+			$res = "added";
 		} else {
 			$res = "updated";
 		}
@@ -180,7 +182,6 @@ foreach ($user_consent_list as $c) {
 	$user_consent[$c[0]]=$c[1];
 }

-
 $template_sp_content = array();

 // Init template
@@ -236,10 +237,7 @@ foreach ($all_sp_metadata as $sp_entityid => $sp_values) {
 	);
 }

-$relaystate = $cA_config->getValue('relaystate');
-
 $et->data['header'] = 'Consent Administration';
-$et->data['logout'] = '<p>[ <a href="/' . $config->getBaseURL() . 'saml2/sp/initSLO.php?RelayState='. $relaystate .'">Logout</a> ]';
 $et->data['spList'] = $sp_list;
 $et->data['showDescription'] = $cA_config->getValue('showDescription');
 $et->show();