From 932f71bc6d8495d6787690179dc091fccf79c346 Mon Sep 17 00:00:00 2001 From: Olav Morken <olav.morken@uninett.no> Date: Mon, 23 Jun 2008 11:59:32 +0000 Subject: [PATCH] Consent: Add support for displaying a link to a privacy policy in the consent page. Thanks to Harald Hannelius for the original patch. git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@696 44740490-163a-0410-bde0-09ae8108e29a --- dictionaries/consent.php | 5 +++++ docs/source/simplesamlphp-idp.xml | 22 ++++++++++++++++++++++ templates/default/consent.php | 6 ++++++ www/saml2/idp/SSOService.php | 14 ++++++++++++++ www/shib13/idp/SSOService.php | 14 ++++++++++++++ 5 files changed, 61 insertions(+) diff --git a/dictionaries/consent.php b/dictionaries/consent.php index 976f930f2..2921095c7 100644 --- a/dictionaries/consent.php +++ b/dictionaries/consent.php @@ -79,6 +79,11 @@ $lang = array( 'hr' => 'Tijekom procesa prijavljivanja vaša matiÄŤna ustanova će servisu poslati atribute koji sadrĹľe podatke o vašem identitetu. SlaĹľete li se s time?', 'hu' => 'Az azonosĂtás során az azonosĂtĂł szolgáltatĂł szemĂ©lyes adatokat fog kĂĽldeni ennek a szolgáltatásnak. EngedĂ©lyezi?', ), + 'consent_privacypolicy' => array ( + 'en' => 'Privacypolicy for the service', + 'sv' => 'Registerbeskrivning för tjänsten', + 'fi' => 'Tietosuojaseloste palvelulle', + ), 'login' => array ( 'no' => 'innlogging', 'nn' => 'Logg inn', diff --git a/docs/source/simplesamlphp-idp.xml b/docs/source/simplesamlphp-idp.xml index 33ee032e3..d04bff698 100644 --- a/docs/source/simplesamlphp-idp.xml +++ b/docs/source/simplesamlphp-idp.xml @@ -541,6 +541,17 @@ openssl x509 -req -days 60 -in server2.csr -signkey server2.key -out server2.crt page.</para> </glossdef> </glossentry> + + <glossentry> + <glossterm>privacypolicy</glossterm> + + <glossdef> + <para>This is an absolute URL for where an user can find a + privacypolicy. If set, this will be shown on the consent page. + <literal>%SPENTITYID%</literal> in the URL will be replaced with + the entity id of the service the user is accessing.</para> + </glossdef> + </glossentry> </glosslist> </section> @@ -854,6 +865,17 @@ openssl x509 -req -days 60 -in server2.csr -signkey server2.key -out server2.crt <literal>FALSE</literal> by default.</para> </glossdef> </glossentry> + + <glossentry> + <glossterm>privacypolicy</glossterm> + + <glossdef> + <para>This is an absolute URL for where an user can find a + privacypolicy for this SP. If set, this will be shown on the + consent page. <literal>%SPENTITYID%</literal> in the URL will be + replaced with the entity id of this service provider.</para> + </glossdef> + </glossentry> </glosslist> </section> </section> diff --git a/templates/default/consent.php b/templates/default/consent.php index 8ef0ebbc6..8622e73eb 100644 --- a/templates/default/consent.php +++ b/templates/default/consent.php @@ -11,6 +11,12 @@ <?php echo htmlspecialchars($this->t('consent_accept')) ?> </p> + <?php if ($this->data['sppp'] !== FALSE) { + echo "<p>" . htmlspecialchars($this->t('consent_privacypolicy')) . " "; + echo "<a target='_new_window' href='" . htmlspecialchars($this->data['sppp']) . "'>" . htmlspecialchars($this->t('spname')) . "</a>"; + echo "</p>"; + } ?> + <form style="display: inline" action="<?php echo htmlspecialchars($this->data['consenturl']); ?>"> <input type="submit" value="<?php echo htmlspecialchars($this->t('yes')) ?>" /> <input type="hidden" name="consent" value="<?php echo htmlspecialchars($this->data['consent_cookie']); ?>" /> diff --git a/www/saml2/idp/SSOService.php b/www/saml2/idp/SSOService.php index b9b621331..925dcf9fb 100644 --- a/www/saml2/idp/SSOService.php +++ b/www/saml2/idp/SSOService.php @@ -282,6 +282,20 @@ if($needAuth && !$isPassive) { $t->data['consent_cookie'] = $requestcache['ConsentCookie']; $t->data['usestorage'] = $consent->useStorage(); $t->data['noconsent'] = '/' . $config->getBaseURL() . 'noconsent.php'; + + if (array_key_exists('privacypolicy', $spmetadata)) { + $privacypolicy = $spmetadata['privacypolicy']; + } elseif (array_key_exists('privacypolicy', $idpmetadata)) { + $privacypolicy = $idpmetadata['privacypolicy']; + } else { + $privacypolicy = FALSE; + } + if($privacypolicy !== FALSE) { + $privacypolicy = str_replace('%SPENTITYID%', urlencode($spentityid), + $privacypolicy); + } + $t->data['sppp'] = $privacypolicy; + $t->show(); exit; } diff --git a/www/shib13/idp/SSOService.php b/www/shib13/idp/SSOService.php index a2e0038c9..d905e0725 100644 --- a/www/shib13/idp/SSOService.php +++ b/www/shib13/idp/SSOService.php @@ -194,6 +194,20 @@ if (!$session->isAuthenticated($authority) ) { $t->data['consent_cookie'] = $requestcache['ConsentCookie']; $t->data['usestorage'] = $consent->useStorage(); $t->data['noconsent'] = '/' . $config->getBaseURL() . 'noconsent.php'; + + if (array_key_exists('privacypolicy', $spmetadata)) { + $privacypolicy = $spmetadata['privacypolicy']; + } elseif (array_key_exists('privacypolicy', $idpmetadata)) { + $privacypolicy = $idpmetadata['privacypolicy']; + } else { + $privacypolicy = FALSE; + } + if($privacypolicy !== FALSE) { + $privacypolicy = str_replace('%SPENTITYID%', urlencode($spentityid), + $privacypolicy); + } + $t->data['sppp'] = $privacypolicy; + $t->show(); exit; } -- GitLab