diff --git a/modules/negotiate/lib/Auth/Source/Negotiate.php b/modules/negotiate/lib/Auth/Source/Negotiate.php index ed9b8c5e81adfe5b4dbbd04d8621fb0bf3a8daf9..b862d55e1553f050ad71f39303d2b4f18889d60b 100644 --- a/modules/negotiate/lib/Auth/Source/Negotiate.php +++ b/modules/negotiate/lib/Auth/Source/Negotiate.php @@ -238,22 +238,19 @@ class Negotiate extends \SimpleSAML\Auth\Source */ protected function sendNegotiate($params) { + $config = \SimpleSAML\Configuration::getInstance(); + $url = htmlspecialchars(\SimpleSAML\Module::getModuleURL('negotiate/backend.php', $params)); $json_url = json_encode($url); header('HTTP/1.1 401 Unauthorized'); header('WWW-Authenticate: Negotiate', false); - echo <<<EOF -<html> - <head> - <script type="text/javascript">window.location = $json_url</script> - <title>Redirect to login</title> - </head> -<body> - <p>Your browser seems to have Javascript disabled. Please click <a href="$url">here</a>.</p> -</body> -</html> -EOF; + + $t = new \SimpleSAML\XHTML\Template($config, 'negotiate:redirect.twig'); + $t->data['baseurlpath'] = \SimpleSAML\Module::getModuleUrl('negotiate'); + $t->data['url'] = $url; + $t->data['json_url'] = $json_url; + $t->show(); } diff --git a/modules/negotiate/templates/redirect.twig b/modules/negotiate/templates/redirect.twig new file mode 100644 index 0000000000000000000000000000000000000000..3a69556eec3127cc60c5dec5ab09fac27d970857 --- /dev/null +++ b/modules/negotiate/templates/redirect.twig @@ -0,0 +1,11 @@ +<!DOCTYPE HTML> +<html lang="en-US"> + <head> + <script src="{{ baseurlpath }}/assets/js/redirect.js"></script> + <title>Redirect to login</title> + </head> + <body> + <p>Your browser seems to have Javascript disabled. Please click <a id="redirect" href="{{ url }}">here</a>.</p> + </body> +</html> + diff --git a/modules/negotiate/www/assets/js/redirect.js b/modules/negotiate/www/assets/js/redirect.js new file mode 100644 index 0000000000000000000000000000000000000000..3b829d111db9ff4fbbb28f36c7ccb8dc87ce0277 --- /dev/null +++ b/modules/negotiate/www/assets/js/redirect.js @@ -0,0 +1,3 @@ +document.addEventListener('DOMContentLoaded', function () { + window.location = document.querySelector('#redirect'); +});