Skip to content
Snippets Groups Projects
Unverified Commit 7e502d47 authored by Tim van Dijen's avatar Tim van Dijen Committed by GitHub
Browse files

Merge branch 'master' into Xnew-ui

parents 49d6f105 1e075699
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
modules/consent/docs/consent.md
+ 1
1
View file @ 7e502d47
...@@ -42,7 +42,7 @@ the user logs in. ...@@ -42,7 +42,7 @@ the user logs in.
Example: Example:
90 => array( 90 => array(
'class' => 'class:Consent', 'class' => 'consent:Consent',
), ),
Using storage Using storage
......
modules/consent/lib/Consent/Store/Cookie.php
+ 10
11
View file @ 7e502d47
...@@ -44,20 +44,19 @@ class Cookie extends \SimpleSAML\Module\consent\Store ...@@ -44,20 +44,19 @@ class Cookie extends \SimpleSAML\Module\consent\Store
$cookieName = self::_getCookieName($userId, $destinationId); $cookieName = self::_getCookieName($userId, $destinationId);
$data = $userId . ':' . $attributeSet . ':' . $destinationId; $data = $userId.':'.$attributeSet.':'.$destinationId;
\SimpleSAML\Logger::debug('Consent cookie - Get [' . $data . ']'); \SimpleSAML\Logger::debug('Consent cookie - Get ['.$data.']');
if (!array_key_exists($cookieName, $_COOKIE)) { if (!array_key_exists($cookieName, $_COOKIE)) {
\SimpleSAML\Logger::debug( \SimpleSAML\Logger::debug(
'Consent cookie - no cookie with name \'' . 'Consent cookie - no cookie with name \''.$cookieName.'\'.'
$cookieName . '\'.'
); );
return false; return false;
} }
if (!is_string($_COOKIE[$cookieName])) { if (!is_string($_COOKIE[$cookieName])) {
\SimpleSAML\Logger::warning( \SimpleSAML\Logger::warning(
'Value of consent cookie wasn\'t a string. Was: ' . 'Value of consent cookie wasn\'t a string. Was: '.
var_export($_COOKIE[$cookieName], true) var_export($_COOKIE[$cookieName], true)
); );
return false; return false;
...@@ -99,9 +98,9 @@ class Cookie extends \SimpleSAML\Module\consent\Store ...@@ -99,9 +98,9 @@ class Cookie extends \SimpleSAML\Module\consent\Store
assert(is_string($attributeSet)); assert(is_string($attributeSet));
$name = self::_getCookieName($userId, $destinationId); $name = self::_getCookieName($userId, $destinationId);
$value = $userId . ':' . $attributeSet . ':' . $destinationId; $value = $userId.':'.$attributeSet.':'.$destinationId;
\SimpleSAML\Logger::debug('Consent cookie - Set [' . $value . ']'); \SimpleSAML\Logger::debug('Consent cookie - Set ['.$value.']');
$value = self::_sign($value); $value = self::_sign($value);
$this->_setConsentCookie($name, $value); $this->_setConsentCookie($name, $value);
...@@ -178,7 +177,7 @@ class Cookie extends \SimpleSAML\Module\consent\Store ...@@ -178,7 +177,7 @@ class Cookie extends \SimpleSAML\Module\consent\Store
$tmp = explode(':', $value, 3); $tmp = explode(':', $value, 3);
if (count($tmp) !== 3) { if (count($tmp) !== 3) {
\SimpleSAML\Logger::warning( \SimpleSAML\Logger::warning(
'Consent cookie with invalid value: ' . $value 'Consent cookie with invalid value: '.$value
); );
continue; continue;
} }
...@@ -211,7 +210,7 @@ class Cookie extends \SimpleSAML\Module\consent\Store ...@@ -211,7 +210,7 @@ class Cookie extends \SimpleSAML\Module\consent\Store
$secretSalt = \SimpleSAML\Utils\Config::getSecretSalt(); $secretSalt = \SimpleSAML\Utils\Config::getSecretSalt();
return sha1($secretSalt . $data . $secretSalt) . ':' . $data; return sha1($secretSalt.$data.$secretSalt).':'.$data;
} }
...@@ -260,7 +259,7 @@ class Cookie extends \SimpleSAML\Module\consent\Store ...@@ -260,7 +259,7 @@ class Cookie extends \SimpleSAML\Module\consent\Store
assert(is_string($userId)); assert(is_string($userId));
assert(is_string($destinationId)); assert(is_string($destinationId));
return '\SimpleSAML\Module\consent:' . sha1($userId . ':' . $destinationId); return '\SimpleSAML\Module\consent:'.sha1($userId.':'.$destinationId);
} }
...@@ -279,7 +278,7 @@ class Cookie extends \SimpleSAML\Module\consent\Store ...@@ -279,7 +278,7 @@ class Cookie extends \SimpleSAML\Module\consent\Store
$globalConfig = \SimpleSAML\Configuration::getInstance(); $globalConfig = \SimpleSAML\Configuration::getInstance();
$params = array( $params = array(
'lifetime' => 7776000, // (90*24*60*60) 'lifetime' => 7776000, // (90*24*60*60)
'path' => ($globalConfig->getBasePath()), 'path' => ($globalConfig->getBasePath()),
'httponly' => true, 'httponly' => true,
'secure' => \SimpleSAML\Utils\HTTP::isHTTPS(), 'secure' => \SimpleSAML\Utils\HTTP::isHTTPS(),
......
modules/consent/templates/consentform.php
+ 13
108
View file @ 7e502d47
...@@ -15,18 +15,19 @@ assert($this->data['sppp'] === false || is_string($this->data['sppp'])); ...@@ -15,18 +15,19 @@ assert($this->data['sppp'] === false || is_string($this->data['sppp']));
// Parse parameters // Parse parameters
$dstName = $this->data['dstName']; $dstName = $this->data['dstName'];
$srcName = $this->data['srcName'];
$this->data['header'] = $this->t('{consent:consent:consent_header}'); $this->data['header'] = $this->t('{consent:consent:consent_header}');
$this->data['head'] = '<link rel="stylesheet" type="text/css" href="' . $this->data['head'] = '<link rel="stylesheet" type="text/css" href="'.
SimpleSAML\Module::getModuleURL("consent/style.css") . '" />' . "\n"; SimpleSAML\Module::getModuleURL("consent/style.css").'" />'."\n";
$this->includeAtTemplateBase('includes/header.php'); $this->includeAtTemplateBase('includes/header.php');
?> ?>
<p><?php echo $this->data['consent_accept']; ?></p> <p><?php echo $this->data['consent_accept']; ?></p>
<?php <?php
if (isSet($this->data['consent_purpose'])) { if (isset($this->data['consent_purpose'])) {
echo '<p>' . $this->data['consent_purpose'] . '</p>'; echo '<p>'.$this->data['consent_purpose'].'</p>';
} }
?> ?>
...@@ -34,8 +35,8 @@ if (isSet($this->data['consent_purpose'])) { ...@@ -34,8 +35,8 @@ if (isSet($this->data['consent_purpose'])) {
<?php <?php
if ($this->data['usestorage']) { if ($this->data['usestorage']) {
$checked = ($this->data['checked'] ? 'checked="checked"' : ''); $checked = ($this->data['checked'] ? 'checked="checked"' : '');
echo '<input type="checkbox" name="saveconsent" ' . $checked . echo '<input type="checkbox" name="saveconsent" '.$checked.
' value="1" /> ' . $this->t('{consent:consent:remember}'); ' value="1" /> '.$this->t('{consent:consent:remember}');
} // Embed hidden fields... } // Embed hidden fields...
?> ?>
<input type="hidden" name="StateId" value="<?php echo htmlspecialchars($this->data['stateId']); ?>" /> <input type="hidden" name="StateId" value="<?php echo htmlspecialchars($this->data['stateId']); ?>" />
...@@ -53,113 +54,17 @@ if ($this->data['usestorage']) { ...@@ -53,113 +54,17 @@ if ($this->data['usestorage']) {
<?php <?php
if ($this->data['sppp'] !== false) { if ($this->data['sppp'] !== false) {
echo "<p>" . htmlspecialchars($this->t('{consent:consent:consent_privacypolicy}')) . " "; echo "<p>".htmlspecialchars($this->t('{consent:consent:consent_privacypolicy}'))." ";
echo '<a target="_blank" href="' . htmlspecialchars($this->data['sppp']) . '">' . $dstName . "</a>"; echo '<a target="_blank" href="'.htmlspecialchars($this->data['sppp']).'">'.$dstName."</a>";
echo "</p>"; echo "</p>";
} }
/** echo '<h3 id="attributeheader">'.
* Recursive attribute array listing function
*
* @param \SimpleSAML\XHTML\Template $t Template object
* @param array $attributes Attributes to be presented
* @param string $nameParent Name of parent element
*
* @return string HTML representation of the attributes
*/
function present_attributes($t, $attributes, $nameParent)
{
$translator = $t->getTranslator();
$alternate = array('odd', 'even');
$i = 0;
$summary = 'summary="' . $t->t('{consent:consent:table_summary}') . '"';
if (strlen($nameParent) > 0) {
$parentStr = strtolower($nameParent) . '_';
$str = '<table class="attributes" ' . $summary . '>';
} else {
$parentStr = '';
$str = '<table id="table_with_attributes" class="attributes" '. $summary .'>';
$str .= "\n" . '<caption>' . $t->t('{consent:consent:table_caption}') .
'</caption>';
}
foreach ($attributes as $name => $value) {
$nameraw = $name;
$name = $translator->getAttributeTranslation($parentStr . $nameraw);
if (preg_match('/^child_/', $nameraw)) {
// insert child table
$parentName = preg_replace('/^child_/', '', $nameraw);
foreach ($value as $child) {
$str .= "\n" . '<tr class="odd"><td style="padding: 2em">' .
present_attributes($t, $child, $parentName) . '</td></tr>';
}
} else {
// insert values directly
$str .= "\n" . '<tr class="' . $alternate[($i++ % 2)] .
'"><td><span class="attrname">' . htmlspecialchars($name) . '</span>';
$isHidden = in_array($nameraw, $t->data['hiddenAttributes'], true);
if ($isHidden) {
$hiddenId = SimpleSAML\Utils\Random::generateID();
$str .= '<div class="attrvalue" style="display: none;" id="hidden_' . $hiddenId . '">';
} else {
$str .= '<div class="attrvalue">';
}
if (sizeof($value) > 1) {
// we hawe several values
$str .= '<ul>';
foreach ($value as $listitem) {
if ($nameraw === 'jpegPhoto') {
$str .= '<li><img src="data:image/jpeg;base64,' .
htmlspecialchars($listitem) .
'" alt="User photo" /></li>';
} else {
$str .= '<li>' . htmlspecialchars($listitem) . '</li>';
}
}
$str .= '</ul>';
} elseif (isset($value[0])) {
// we hawe only one value
if ($nameraw === 'jpegPhoto') {
$str .= '<img src="data:image/jpeg;base64,' .
htmlspecialchars($value[0]) .
'" alt="User photo" />';
} else {
$str .= htmlspecialchars($value[0]);
}
} // end of if multivalue
$str .= '</div>';
if ($isHidden) {
$str .= '<div class="attrvalue consent_showattribute" id="visible_' . $hiddenId . '">';
$str .= '... ';
$str .= '<a class="consent_showattributelink" href="javascript:SimpleSAML_show(\'hidden_' . $hiddenId;
$str .= '\'); SimpleSAML_hide(\'visible_' . $hiddenId . '\');">';
$str .= $t->t('{consent:consent:show_attribute}');
$str .= '</a>';
$str .= '</div>';
}
$str .= '</td></tr>';
} // end else: not child table
} // end foreach
$str .= isset($attributes)? '</table>':'';
return $str;
}
echo '<h3 id="attributeheader">' .
$this->t( $this->t(
'{consent:consent:consent_attributes_header}', '{consent:consent:consent_attributes_header}',
array( 'SPNAME' => $dstName, 'IDPNAME' => $srcName) array('SPNAME' => $dstName, 'IDPNAME' => $srcName)
) . ).'</h3>';
'</h3>';
echo present_attributes($this, $attributes, ''); echo $this->data['attributes_html'];
$this->includeAtTemplateBase('includes/footer.php'); $this->includeAtTemplateBase('includes/footer.php');
modules/consent/templates/noconsent.php
+ 5
5
View file @ 7e502d47
...@@ -4,21 +4,21 @@ $this->data['header'] = $this->t('{consent:consent:noconsent_title}'); ...@@ -4,21 +4,21 @@ $this->data['header'] = $this->t('{consent:consent:noconsent_title}');
$this->includeAtTemplateBase('includes/header.php'); $this->includeAtTemplateBase('includes/header.php');
echo '<h2>' . $this->data['header'] . '</h2>'; echo '<h2>'.$this->data['header'].'</h2>';
echo '<p>' . $this->data['noconsent_text'] . '</p>'; echo '<p>'.$this->data['noconsent_text'].'</p>';
if ($this->data['resumeFrom']) { if ($this->data['resumeFrom']) {
echo('<p><a href="' . htmlspecialchars($this->data['resumeFrom']) . '">'); echo('<p><a href="'.htmlspecialchars($this->data['resumeFrom']).'">');
echo($this->t('{consent:consent:noconsent_return}')); echo($this->t('{consent:consent:noconsent_return}'));
echo('</a></p>'); echo('</a></p>');
} }
if ($this->data['aboutService']) { if ($this->data['aboutService']) {
echo('<p><a href="' . htmlspecialchars($this->data['aboutService']) . '">'); echo('<p><a href="'.htmlspecialchars($this->data['aboutService']).'">');
echo($this->t('{consent:consent:noconsent_goto_about}')); echo($this->t('{consent:consent:noconsent_goto_about}'));
echo('</a></p>'); echo('</a></p>');
} }
echo('<p><a href="' . htmlspecialchars($this->data['logoutLink']) . '">' . $this->data['noconsent_abort'] . '</a></p>'); echo('<p><a href="'.htmlspecialchars($this->data['logoutLink']).'">'.$this->data['noconsent_abort'].'</a></p>');
$this->includeAtTemplateBase('includes/footer.php'); $this->includeAtTemplateBase('includes/footer.php');
modules/consent/www/getconsent.php
+ 55
28
View file @ 7e502d47
...@@ -57,7 +57,7 @@ if (array_key_exists('yes', $_REQUEST)) { ...@@ -57,7 +57,7 @@ if (array_key_exists('yes', $_REQUEST)) {
} }
\SimpleSAML\Stats::log('consent:accept', $statsInfo); \SimpleSAML\Stats::log('consent:accept', $statsInfo);
if ( array_key_exists('consent:store', $state) if (array_key_exists('consent:store', $state)
&& array_key_exists('saveconsent', $_REQUEST) && array_key_exists('saveconsent', $_REQUEST)
&& $_REQUEST['saveconsent'] === '1' && $_REQUEST['saveconsent'] === '1'
) { ) {
...@@ -68,13 +68,12 @@ if (array_key_exists('yes', $_REQUEST)) { ...@@ -68,13 +68,12 @@ if (array_key_exists('yes', $_REQUEST)) {
$attributeSet = $state['consent:store.attributeSet']; $attributeSet = $state['consent:store.attributeSet'];
\SimpleSAML\Logger::debug( \SimpleSAML\Logger::debug(
'Consent - saveConsent() : [' . $userId . '|' . 'Consent - saveConsent() : ['.$userId.'|'.$targetedId.'|'.$attributeSet.']'
$targetedId . '|' . $attributeSet . ']'
); );
try { try {
$store->saveConsent($userId, $targetedId, $attributeSet); $store->saveConsent($userId, $targetedId, $attributeSet);
} catch (\Exception $e) { } catch (\Exception $e) {
\SimpleSAML\Logger::error('Consent: Error writing to storage: ' . $e->getMessage()); \SimpleSAML\Logger::error('Consent: Error writing to storage: '.$e->getMessage());
} }
} }
...@@ -126,6 +125,38 @@ $t->data['noTarget'] = \SimpleSAML\Module::getModuleURL('consent/noconsent.php') ...@@ -126,6 +125,38 @@ $t->data['noTarget'] = \SimpleSAML\Module::getModuleURL('consent/noconsent.php')
$t->data['noData'] = array('StateId' => $id); $t->data['noData'] = array('StateId' => $id);
$t->data['attributes'] = $attributes; $t->data['attributes'] = $attributes;
$t->data['checked'] = $state['consent:checked']; $t->data['checked'] = $state['consent:checked'];
$t->data['stateId'] = $id;
$srcName = htmlspecialchars(is_array($srcName) ? $t->t($srcName) : $srcName);
$dstName = htmlspecialchars(is_array($dstName) ? $t->t($dstName) : $dstName);
$t->data['consent_attributes_header'] = $t->t(
'{consent:consent:consent_attributes_header}',
array('SPNAME' => $dstName, 'IDPNAME' => $srcName)
);
$t->data['consent_accept'] = $t->t(
'{consent:consent:consent_accept}',
array('SPNAME' => $dstName, 'IDPNAME' => $srcName)
);
if (array_key_exists('descr_purpose', $state['Destination'])) {
$t->data['consent_purpose'] = $t->t(
'{consent:consent:consent_purpose}',
array(
'SPNAME' => $dstName,
'SPDESC' => $translator->getPreferredTranslation(
\SimpleSAML\Utils\Arrays::arrayize(
$state['Destination']['descr_purpose'],
'en'
)
),
)
);
}
$t->data['srcName'] = $srcName;
$t->data['dstName'] = $dstName;
$srcName = htmlspecialchars(is_array($srcName) ? $translator->t($srcName) : $srcName); $srcName = htmlspecialchars(is_array($srcName) ? $translator->t($srcName) : $srcName);
$dstName = htmlspecialchars(is_array($dstName) ? $translator->t($dstName) : $dstName); $dstName = htmlspecialchars(is_array($dstName) ? $translator->t($dstName) : $dstName);
...@@ -216,40 +247,38 @@ function present_attributes($t, $attributes, $nameParent) ...@@ -216,40 +247,38 @@ function present_attributes($t, $attributes, $nameParent)
$alternate = array('odd', 'even'); $alternate = array('odd', 'even');
$i = 0; $i = 0;
$summary = 'summary="' . $translator->t('{consent:consent:table_summary}') . '"'; $summary = 'summary="'.$t->t('{consent:consent:table_summary}').'"';
if (strlen($nameParent) > 0) { if (strlen($nameParent) > 0) {
$parentStr = strtolower($nameParent) . '_'; $parentStr = strtolower($nameParent).'_';
$str = '<table class="attributes" ' . $summary . '>'; $str = '<table class="attributes" '.$summary.'>';
} else { } else {
$parentStr = ''; $parentStr = '';
$str = '<table id="table_with_attributes" class="attributes" '. $summary .'>'; $str = '<table id="table_with_attributes" class="attributes" '.$summary.'>';
$str .= "\n" . '<caption>' . $translator->t('{consent:consent:table_caption}') . $str .= "\n".'<caption>'.$t->t('{consent:consent:table_caption}').'</caption>';
'</caption>';
} }
foreach ($attributes as $name => $value) { foreach ($attributes as $name => $value) {
$nameraw = $name; $nameraw = $name;
$name = $translator->getAttributeTranslation($parentStr . $nameraw); $name = $translator->getAttributeTranslation($parentStr.$nameraw);
if (preg_match('/^child_/', $nameraw)) { if (preg_match('/^child_/', $nameraw)) {
// insert child table // insert child table
$parentName = preg_replace('/^child_/', '', $nameraw); $parentName = preg_replace('/^child_/', '', $nameraw);
foreach ($value as $child) { foreach ($value as $child) {
$str .= "\n" . '<tr class="odd"><td class="td_odd">' . $str .= "\n".'<tr class="odd"><td class="td_odd">'.
present_attributes($t, $child, $parentName) . '</td></tr>'; present_attributes($t, $child, $parentName).'</td></tr>';
} }
} else { } else {
// insert values directly // insert values directly
$str .= "\n" . '<tr class="' . $alternate[($i++ % 2)] . $str .= "\n".'<tr class="'.$alternate[($i++ % 2)].
'"><td><span class="attrname">' . htmlspecialchars($name) . '</span>'; '"><td><span class="attrname">'.htmlspecialchars($name).'</span>';
$isHidden = in_array($nameraw, $t->data['hiddenAttributes'], true); $isHidden = in_array($nameraw, $t->data['hiddenAttributes'], true);
if ($isHidden) { if ($isHidden) {
$hiddenId = \SimpleSAML\Utils\Random::generateID(); $hiddenId = \SimpleSAML\Utils\Random::generateID();
$str .= '<div class="attrvalue hidden" id="hidden_'.$hiddenId.'">';
$str .= '<div class="attrvalue hidden" id="hidden_' . $hiddenId . '">';
} else { } else {
$str .= '<div class="attrvalue">'; $str .= '<div class="attrvalue">';
} }
...@@ -259,20 +288,18 @@ function present_attributes($t, $attributes, $nameParent) ...@@ -259,20 +288,18 @@ function present_attributes($t, $attributes, $nameParent)
$str .= '<ul>'; $str .= '<ul>';
foreach ($value as $listitem) { foreach ($value as $listitem) {
if ($nameraw === 'jpegPhoto') { if ($nameraw === 'jpegPhoto') {
$str .= '<li><img src="data:image/jpeg;base64,' . $str .= '<li><img src="data:image/jpeg;base64,'.
htmlspecialchars($listitem) . htmlspecialchars($listitem).'" alt="User photo" /></li>';
'" alt="User photo" /></li>';
} else { } else {
$str .= '<li>' . htmlspecialchars($listitem) . '</li>'; $str .= '<li>'.htmlspecialchars($listitem).'</li>';
} }
} }
$str .= '</ul>'; $str .= '</ul>';
} elseif (isset($value[0])) { } elseif (isset($value[0])) {
// we hawe only one value // we hawe only one value
if ($nameraw === 'jpegPhoto') { if ($nameraw === 'jpegPhoto') {
$str .= '<img src="data:image/jpeg;base64,' . $str .= '<img src="data:image/jpeg;base64,'.
htmlspecialchars($value[0]) . htmlspecialchars($value[0]).'" alt="User photo" />';
'" alt="User photo" />';
} else { } else {
$str .= htmlspecialchars($value[0]); $str .= htmlspecialchars($value[0]);
} }
...@@ -280,11 +307,11 @@ function present_attributes($t, $attributes, $nameParent) ...@@ -280,11 +307,11 @@ function present_attributes($t, $attributes, $nameParent)
$str .= '</div>'; $str .= '</div>';
if ($isHidden) { if ($isHidden) {
$str .= '<div class="attrvalue consent_showattribute" id="visible_' . $hiddenId . '">'; $str .= '<div class="attrvalue consent_showattribute" id="visible_'.$hiddenId.'">';
$str .= '... '; $str .= '... ';
$str .= '<a class="consent_showattributelink" href="javascript:SimpleSAML_show(\'hidden_' . $hiddenId; $str .= '<a class="consent_showattributelink" href="javascript:SimpleSAML_show(\'hidden_'.$hiddenId;
$str .= '\'); SimpleSAML_hide(\'visible_' . $hiddenId . '\');">'; $str .= '\'); SimpleSAML_hide(\'visible_'.$hiddenId.'\');">';
$str .= $translator->t('{consent:consent:show_attribute}'); $str .= $t->t('{consent:consent:show_attribute}');
$str .= '</a>'; $str .= '</a>';
$str .= '</div>'; $str .= '</div>';
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment